npm - @aidprotocol/mcp-trust - Versions diffs - 1.0.0 → 1.0.1 - Mend

@aidprotocol/mcp-trust 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.js ADDED Viewed

@@ -0,0 +1,237 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+// src/index.ts
+var src_exports = {};
+__export(src_exports, {
+  computeTrustScore: () => import_trust_compute.computeTrustScore,
+  getTrustVerdict: () => import_trust_compute.getTrustVerdict,
+  verifyTrustProof: () => import_trust_compute.verifyTrustProof,
+  withAidTrust: () => withAidTrust
+});
+module.exports = __toCommonJS(src_exports);
+var import_trust_compute = require("@aidprotocol/trust-compute");
+var TrustCache = class {
+  cache = /* @__PURE__ */ new Map();
+  ttlMs;
+  constructor(ttlSeconds) {
+    this.ttlMs = ttlSeconds * 1e3;
+  }
+  get(did) {
+    const entry = this.cache.get(did);
+    if (!entry)
+      return null;
+    if (Date.now() > entry.expiresAt) {
+      this.cache.delete(did);
+      return null;
+    }
+    return { ...entry.trust, cached: true };
+  }
+  set(did, trust) {
+    this.cache.set(did, {
+      trust,
+      expiresAt: Date.now() + this.ttlMs
+    });
+    if (this.cache.size > 1e4) {
+      const oldest = this.cache.keys().next().value;
+      if (oldest)
+        this.cache.delete(oldest);
+    }
+  }
+  clear() {
+    this.cache.clear();
+  }
+};
+async function fetchTrustFromApi(did, apiUrl) {
+  try {
+    const url = `${apiUrl}/v1/aid/${encodeURIComponent(did)}/trust`;
+    const res = await fetch(url, {
+      method: "GET",
+      headers: { "Accept": "application/json" },
+      signal: AbortSignal.timeout(5e3)
+    });
+    if (!res.ok)
+      return null;
+    const data = await res.json();
+    return {
+      score: data.trustScore ?? data.score ?? 0,
+      verdict: data.verdict ?? "new",
+      attestationCount: data.attestationCount ?? 0
+    };
+  } catch {
+    return null;
+  }
+}
+function withAidTrust(server, config) {
+  const {
+    providerDid,
+    minTrustScore = 0,
+    apiUrl = "https://api.claw-net.org",
+    failMode = "closed",
+    cacheTtlSeconds = 300,
+    onRejected,
+    onVerified
+  } = config;
+  const cache = new TrustCache(cacheTtlSeconds);
+  const requestTrust = /* @__PURE__ */ new WeakMap();
+  async function resolveTrust(did) {
+    const cached = cache.get(did);
+    if (cached)
+      return cached;
+    const apiResult = await fetchTrustFromApi(did, apiUrl);
+    if (!apiResult) {
+      if (failMode === "closed")
+        return null;
+      const fallback = {
+        did,
+        score: 0,
+        verdict: "new",
+        discount: 0,
+        settlementMode: "immediate",
+        cached: false,
+        resolvedAt: (/* @__PURE__ */ new Date()).toISOString()
+      };
+      return fallback;
+    }
+    const verdictResult = (0, import_trust_compute.getTrustVerdict)(apiResult.score);
+    const trust = {
+      did,
+      score: apiResult.score,
+      verdict: verdictResult.verdict,
+      discount: verdictResult.discount,
+      settlementMode: verdictResult.settlementMode,
+      cached: false,
+      resolvedAt: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    cache.set(did, trust);
+    if (onVerified) {
+      onVerified(did, trust.score, trust.verdict);
+    }
+    return trust;
+  }
+  const originalTool = server.tool.bind(server);
+  server.tool = function wrappedTool(name, ...args) {
+    const handlerIndex = args.findIndex((a) => typeof a === "function");
+    if (handlerIndex === -1) {
+      return originalTool(name, ...args);
+    }
+    const originalHandler = args[handlerIndex];
+    args[handlerIndex] = async function trustedHandler(params, extra) {
+      let callerDid = null;
+      if (extra?.meta?.["X-AID-DID"]) {
+        callerDid = extra.meta["X-AID-DID"];
+      } else if (extra?.sessionId) {
+        callerDid = `session:${extra.sessionId}`;
+      }
+      if (callerDid && callerDid.startsWith("did:")) {
+        const trust = await resolveTrust(callerDid);
+        if (!trust) {
+          return {
+            content: [{
+              type: "text",
+              text: JSON.stringify({
+                error: "Trust verification failed",
+                code: "AID_TRUST_UNAVAILABLE",
+                detail: "Could not verify caller trust score. Try again later."
+              })
+            }],
+            isError: true
+          };
+        }
+        if (trust.score < minTrustScore) {
+          if (onRejected)
+            onRejected(callerDid, trust.score, minTrustScore);
+          return {
+            content: [{
+              type: "text",
+              text: JSON.stringify({
+                error: "Trust score too low",
+                code: "AID_TRUST_GATE_BLOCKED",
+                callerScore: trust.score,
+                requiredScore: minTrustScore,
+                verdict: trust.verdict,
+                detail: `Minimum trust score ${minTrustScore} required. Your score: ${trust.score} (${trust.verdict}).`
+              })
+            }],
+            isError: true
+          };
+        }
+        if (extra && typeof extra === "object") {
+          requestTrust.set(extra, trust);
+        }
+      }
+      return originalHandler(params, extra);
+    };
+    return originalTool(name, ...args);
+  };
+  return {
+    getCallerTrust(extra) {
+      if (!extra || typeof extra !== "object")
+        return null;
+      return requestTrust.get(extra) ?? null;
+    },
+    resolveTrust,
+    async meetsThreshold(did) {
+      const trust = await resolveTrust(did);
+      return trust !== null && trust.score >= minTrustScore;
+    },
+    provider: { did: providerDid, minTrustScore },
+    clearCache() {
+      cache.clear();
+    }
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  computeTrustScore,
+  getTrustVerdict,
+  verifyTrustProof,
+  withAidTrust
+});
+/**
+ * @aidprotocol/mcp-trust — Trust verification middleware for MCP servers
+ *
+ * Add trust scoring to any MCP server in one line.
+ * Verifies caller identity via Ed25519 signatures, resolves trust scores,
+ * and makes trust data available in every tool handler.
+ *
+ * @example
+ * ```typescript
+ * import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+ * import { withAidTrust } from '@aidprotocol/mcp-trust';
+ *
+ * const server = new McpServer({ name: 'my-api' });
+ *
+ * const aid = withAidTrust(server, {
+ *   providerDid: 'did:key:zMyServerDid...',
+ *   minTrustScore: 40,
+ *   apiUrl: 'https://api.claw-net.org',
+ * });
+ *
+ * // Trust data available in tool context
+ * server.tool('get-data', { query: z.string() }, async (params, extra) => {
+ *   const trust = aid.getCallerTrust(extra);
+ *   console.log(trust?.score); // 87
+ *   return { content: [{ type: 'text', text: 'result' }] };
+ * });
+ * ```
+ *
+ * @license MIT
+ */
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../src/index.ts"],
+  "sourcesContent": ["/**\n * @aidprotocol/mcp-trust \u2014 Trust verification middleware for MCP servers\n *\n * Add trust scoring to any MCP server in one line.\n * Verifies caller identity via Ed25519 signatures, resolves trust scores,\n * and makes trust data available in every tool handler.\n *\n * @example\n * ```typescript\n * import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';\n * import { withAidTrust } from '@aidprotocol/mcp-trust';\n *\n * const server = new McpServer({ name: 'my-api' });\n *\n * const aid = withAidTrust(server, {\n *   providerDid: 'did:key:zMyServerDid...',\n *   minTrustScore: 40,\n *   apiUrl: 'https://api.claw-net.org',\n * });\n *\n * // Trust data available in tool context\n * server.tool('get-data', { query: z.string() }, async (params, extra) => {\n *   const trust = aid.getCallerTrust(extra);\n *   console.log(trust?.score); // 87\n *   return { content: [{ type: 'text', text: 'result' }] };\n * });\n * ```\n *\n * @license MIT\n */\n\nimport { createHash, createVerify } from 'crypto';\nimport { computeTrustScore, getTrustVerdict, verifyTrustProof, jcsSerialize } from '@aidprotocol/trust-compute';\nimport type { TrustScoreProof, TrustVerdictResult, TrustStats } from '@aidprotocol/trust-compute';\n\n// Re-export trust-compute types for convenience\nexport type { TrustScoreProof, TrustVerdictResult, TrustStats };\nexport { computeTrustScore, getTrustVerdict, verifyTrustProof };\n\n// \u2500\u2500\u2500 Types \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n\nexport interface AidTrustConfig {\n  /** The DID of this MCP server (did:key:z...) */\n  providerDid: string;\n\n  /** Minimum trust score required to call tools (0-100, default: 0) */\n  minTrustScore?: number;\n\n  /** ClawNet API URL for trust resolution (default: https://api.claw-net.org) */\n  apiUrl?: string;\n\n  /** Fail mode: 'closed' rejects on API failure, 'open' allows (default: 'closed') */\n  failMode?: 'closed' | 'open';\n\n  /** How long to cache trust scores in seconds (default: 300) */\n  cacheTtlSeconds?: number;\n\n  /** Optional callback when a caller is rejected for low trust */\n  onRejected?: (callerDid: string, score: number, minRequired: number) => void;\n\n  /** Optional callback when trust is verified */\n  onVerified?: (callerDid: string, score: number, verdict: string) => void;\n}\n\nexport interface CallerTrust {\n  /** Caller's DID (did:key:z...) */\n  did: string;\n  /** Trust score (0-100) */\n  score: number;\n  /** Trust verdict (new, building, caution, standard, trusted, proceed) */\n  verdict: string;\n  /** Pricing discount (0-0.30) */\n  discount: number;\n  /** Settlement mode */\n  settlementMode: string;\n  /** Whether the score was from cache */\n  cached: boolean;\n  /** When the score was resolved */\n  resolvedAt: string;\n}\n\nexport interface AidTrustInstance {\n  /** Get trust data for the current caller from tool handler context */\n  getCallerTrust: (extra: any) => CallerTrust | null;\n\n  /** Manually resolve trust for a DID */\n  resolveTrust: (did: string) => Promise<CallerTrust | null>;\n\n  /** Check if a DID meets the minimum trust threshold */\n  meetsThreshold: (did: string) => Promise<boolean>;\n\n  /** Get provider info */\n  provider: { did: string; minTrustScore: number };\n\n  /** Clear the trust cache */\n  clearCache: () => void;\n}\n\n// \u2500\u2500\u2500 Trust Cache \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n\ninterface CacheEntry {\n  trust: CallerTrust;\n  expiresAt: number;\n}\n\nclass TrustCache {\n  private cache = new Map<string, CacheEntry>();\n  private ttlMs: number;\n\n  constructor(ttlSeconds: number) {\n    this.ttlMs = ttlSeconds * 1000;\n  }\n\n  get(did: string): CallerTrust | null {\n    const entry = this.cache.get(did);\n    if (!entry) return null;\n    if (Date.now() > entry.expiresAt) {\n      this.cache.delete(did);\n      return null;\n    }\n    return { ...entry.trust, cached: true };\n  }\n\n  set(did: string, trust: CallerTrust): void {\n    this.cache.set(did, {\n      trust,\n      expiresAt: Date.now() + this.ttlMs,\n    });\n    // Evict if cache grows too large (10K entries max)\n    if (this.cache.size > 10000) {\n      const oldest = this.cache.keys().next().value;\n      if (oldest) this.cache.delete(oldest);\n    }\n  }\n\n  clear(): void {\n    this.cache.clear();\n  }\n}\n\n// \u2500\u2500\u2500 Trust Resolution \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n\nasync function fetchTrustFromApi(\n  did: string,\n  apiUrl: string,\n): Promise<{ score: number; verdict: string; attestationCount: number } | null> {\n  try {\n    const url = `${apiUrl}/v1/aid/${encodeURIComponent(did)}/trust`;\n    const res = await fetch(url, {\n      method: 'GET',\n      headers: { 'Accept': 'application/json' },\n      signal: AbortSignal.timeout(5000),\n    });\n    if (!res.ok) return null;\n    const data = await res.json() as any;\n    return {\n      score: data.trustScore ?? data.score ?? 0,\n      verdict: data.verdict ?? 'new',\n      attestationCount: data.attestationCount ?? 0,\n    };\n  } catch {\n    return null;\n  }\n}\n\n// \u2500\u2500\u2500 Main Export \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n\n/**\n * Add AID trust verification to an MCP server.\n *\n * This wraps the server to resolve trust for callers via X-AID-DID headers\n * or by querying ClawNet's trust API. Trust data is cached and available\n * in tool handlers via `aid.getCallerTrust(extra)`.\n *\n * @param server - The MCP server instance\n * @param config - Trust configuration\n * @returns An AidTrustInstance for querying trust data\n */\nexport function withAidTrust(server: any, config: AidTrustConfig): AidTrustInstance {\n  const {\n    providerDid,\n    minTrustScore = 0,\n    apiUrl = 'https://api.claw-net.org',\n    failMode = 'closed',\n    cacheTtlSeconds = 300,\n    onRejected,\n    onVerified,\n  } = config;\n\n  const cache = new TrustCache(cacheTtlSeconds);\n\n  // Store trust data per-request using a WeakMap keyed on the extra object\n  const requestTrust = new WeakMap<object, CallerTrust>();\n\n  async function resolveTrust(did: string): Promise<CallerTrust | null> {\n    // Check cache first\n    const cached = cache.get(did);\n    if (cached) return cached;\n\n    // Fetch from API\n    const apiResult = await fetchTrustFromApi(did, apiUrl);\n\n    if (!apiResult) {\n      if (failMode === 'closed') return null;\n      // fail-open: return score 0 (base price, no discount)\n      const fallback: CallerTrust = {\n        did,\n        score: 0,\n        verdict: 'new',\n        discount: 0,\n        settlementMode: 'immediate',\n        cached: false,\n        resolvedAt: new Date().toISOString(),\n      };\n      return fallback;\n    }\n\n    const verdictResult = getTrustVerdict(apiResult.score);\n    const trust: CallerTrust = {\n      did,\n      score: apiResult.score,\n      verdict: verdictResult.verdict,\n      discount: verdictResult.discount,\n      settlementMode: verdictResult.settlementMode,\n      cached: false,\n      resolvedAt: new Date().toISOString(),\n    };\n\n    cache.set(did, trust);\n\n    if (onVerified) {\n      onVerified(did, trust.score, trust.verdict);\n    }\n\n    return trust;\n  }\n\n  // Wrap the server's tool method to inject trust resolution\n  const originalTool = server.tool.bind(server);\n  server.tool = function wrappedTool(name: string, ...args: any[]) {\n    // Find the handler (last function argument)\n    const handlerIndex = args.findIndex((a: any) => typeof a === 'function');\n    if (handlerIndex === -1) {\n      return originalTool(name, ...args);\n    }\n\n    const originalHandler = args[handlerIndex];\n    args[handlerIndex] = async function trustedHandler(params: any, extra: any) {\n      // Extract caller DID from transport metadata if available\n      // MCP doesn't have standard auth headers yet \u2014 this is forward-compatible\n      // with MCP-I when it ships. For now, check sessionId or custom metadata.\n      let callerDid: string | null = null;\n\n      // Check if caller provided DID via MCP metadata/params\n      if (extra?.meta?.['X-AID-DID']) {\n        callerDid = extra.meta['X-AID-DID'];\n      } else if (extra?.sessionId) {\n        // Use sessionId as a fallback identifier\n        callerDid = `session:${extra.sessionId}`;\n      }\n\n      if (callerDid && callerDid.startsWith('did:')) {\n        const trust = await resolveTrust(callerDid);\n\n        if (!trust) {\n          // Failed to resolve and failMode is 'closed'\n          return {\n            content: [{\n              type: 'text',\n              text: JSON.stringify({\n                error: 'Trust verification failed',\n                code: 'AID_TRUST_UNAVAILABLE',\n                detail: 'Could not verify caller trust score. Try again later.',\n              }),\n            }],\n            isError: true,\n          };\n        }\n\n        if (trust.score < minTrustScore) {\n          if (onRejected) onRejected(callerDid, trust.score, minTrustScore);\n          return {\n            content: [{\n              type: 'text',\n              text: JSON.stringify({\n                error: 'Trust score too low',\n                code: 'AID_TRUST_GATE_BLOCKED',\n                callerScore: trust.score,\n                requiredScore: minTrustScore,\n                verdict: trust.verdict,\n                detail: `Minimum trust score ${minTrustScore} required. Your score: ${trust.score} (${trust.verdict}).`,\n              }),\n            }],\n            isError: true,\n          };\n        }\n\n        // Store trust for retrieval via getCallerTrust\n        if (extra && typeof extra === 'object') {\n          requestTrust.set(extra, trust);\n        }\n      }\n\n      return originalHandler(params, extra);\n    };\n\n    return originalTool(name, ...args);\n  };\n\n  return {\n    getCallerTrust(extra: any): CallerTrust | null {\n      if (!extra || typeof extra !== 'object') return null;\n      return requestTrust.get(extra) ?? null;\n    },\n\n    resolveTrust,\n\n    async meetsThreshold(did: string): Promise<boolean> {\n      const trust = await resolveTrust(did);\n      return trust !== null && trust.score >= minTrustScore;\n    },\n\n    provider: { did: providerDid, minTrustScore },\n\n    clearCache() {\n      cache.clear();\n    },\n  };\n}\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAgCA,2BAAmF;AAyEnF,IAAM,aAAN,MAAiB;AAAA,EACP,QAAQ,oBAAI,IAAwB;AAAA,EACpC;AAAA,EAER,YAAY,YAAoB;AAC9B,SAAK,QAAQ,aAAa;AAAA,EAC5B;AAAA,EAEA,IAAI,KAAiC;AACnC,UAAM,QAAQ,KAAK,MAAM,IAAI,GAAG;AAChC,QAAI,CAAC;AAAO,aAAO;AACnB,QAAI,KAAK,IAAI,IAAI,MAAM,WAAW;AAChC,WAAK,MAAM,OAAO,GAAG;AACrB,aAAO;AAAA,IACT;AACA,WAAO,EAAE,GAAG,MAAM,OAAO,QAAQ,KAAK;AAAA,EACxC;AAAA,EAEA,IAAI,KAAa,OAA0B;AACzC,SAAK,MAAM,IAAI,KAAK;AAAA,MAClB;AAAA,MACA,WAAW,KAAK,IAAI,IAAI,KAAK;AAAA,IAC/B,CAAC;AAED,QAAI,KAAK,MAAM,OAAO,KAAO;AAC3B,YAAM,SAAS,KAAK,MAAM,KAAK,EAAE,KAAK,EAAE;AACxC,UAAI;AAAQ,aAAK,MAAM,OAAO,MAAM;AAAA,IACtC;AAAA,EACF;AAAA,EAEA,QAAc;AACZ,SAAK,MAAM,MAAM;AAAA,EACnB;AACF;AAIA,eAAe,kBACb,KACA,QAC8E;AAC9E,MAAI;AACF,UAAM,MAAM,GAAG,MAAM,WAAW,mBAAmB,GAAG,CAAC;AACvD,UAAM,MAAM,MAAM,MAAM,KAAK;AAAA,MAC3B,QAAQ;AAAA,MACR,SAAS,EAAE,UAAU,mBAAmB;AAAA,MACxC,QAAQ,YAAY,QAAQ,GAAI;AAAA,IAClC,CAAC;AACD,QAAI,CAAC,IAAI;AAAI,aAAO;AACpB,UAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,WAAO;AAAA,MACL,OAAO,KAAK,cAAc,KAAK,SAAS;AAAA,MACxC,SAAS,KAAK,WAAW;AAAA,MACzB,kBAAkB,KAAK,oBAAoB;AAAA,IAC7C;AAAA,EACF,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAeO,SAAS,aAAa,QAAa,QAA0C;AAClF,QAAM;AAAA,IACJ;AAAA,IACA,gBAAgB;AAAA,IAChB,SAAS;AAAA,IACT,WAAW;AAAA,IACX,kBAAkB;AAAA,IAClB;AAAA,IACA;AAAA,EACF,IAAI;AAEJ,QAAM,QAAQ,IAAI,WAAW,eAAe;AAG5C,QAAM,eAAe,oBAAI,QAA6B;AAEtD,iBAAe,aAAa,KAA0C;AAEpE,UAAM,SAAS,MAAM,IAAI,GAAG;AAC5B,QAAI;AAAQ,aAAO;AAGnB,UAAM,YAAY,MAAM,kBAAkB,KAAK,MAAM;AAErD,QAAI,CAAC,WAAW;AACd,UAAI,aAAa;AAAU,eAAO;AAElC,YAAM,WAAwB;AAAA,QAC5B;AAAA,QACA,OAAO;AAAA,QACP,SAAS;AAAA,QACT,UAAU;AAAA,QACV,gBAAgB;AAAA,QAChB,QAAQ;AAAA,QACR,aAAY,oBAAI,KAAK,GAAE,YAAY;AAAA,MACrC;AACA,aAAO;AAAA,IACT;AAEA,UAAM,oBAAgB,sCAAgB,UAAU,KAAK;AACrD,UAAM,QAAqB;AAAA,MACzB;AAAA,MACA,OAAO,UAAU;AAAA,MACjB,SAAS,cAAc;AAAA,MACvB,UAAU,cAAc;AAAA,MACxB,gBAAgB,cAAc;AAAA,MAC9B,QAAQ;AAAA,MACR,aAAY,oBAAI,KAAK,GAAE,YAAY;AAAA,IACrC;AAEA,UAAM,IAAI,KAAK,KAAK;AAEpB,QAAI,YAAY;AACd,iBAAW,KAAK,MAAM,OAAO,MAAM,OAAO;AAAA,IAC5C;AAEA,WAAO;AAAA,EACT;AAGA,QAAM,eAAe,OAAO,KAAK,KAAK,MAAM;AAC5C,SAAO,OAAO,SAAS,YAAY,SAAiB,MAAa;AAE/D,UAAM,eAAe,KAAK,UAAU,CAAC,MAAW,OAAO,MAAM,UAAU;AACvE,QAAI,iBAAiB,IAAI;AACvB,aAAO,aAAa,MAAM,GAAG,IAAI;AAAA,IACnC;AAEA,UAAM,kBAAkB,KAAK,YAAY;AACzC,SAAK,YAAY,IAAI,eAAe,eAAe,QAAa,OAAY;AAI1E,UAAI,YAA2B;AAG/B,UAAI,OAAO,OAAO,WAAW,GAAG;AAC9B,oBAAY,MAAM,KAAK,WAAW;AAAA,MACpC,WAAW,OAAO,WAAW;AAE3B,oBAAY,WAAW,MAAM,SAAS;AAAA,MACxC;AAEA,UAAI,aAAa,UAAU,WAAW,MAAM,GAAG;AAC7C,cAAM,QAAQ,MAAM,aAAa,SAAS;AAE1C,YAAI,CAAC,OAAO;AAEV,iBAAO;AAAA,YACL,SAAS,CAAC;AAAA,cACR,MAAM;AAAA,cACN,MAAM,KAAK,UAAU;AAAA,gBACnB,OAAO;AAAA,gBACP,MAAM;AAAA,gBACN,QAAQ;AAAA,cACV,CAAC;AAAA,YACH,CAAC;AAAA,YACD,SAAS;AAAA,UACX;AAAA,QACF;AAEA,YAAI,MAAM,QAAQ,eAAe;AAC/B,cAAI;AAAY,uBAAW,WAAW,MAAM,OAAO,aAAa;AAChE,iBAAO;AAAA,YACL,SAAS,CAAC;AAAA,cACR,MAAM;AAAA,cACN,MAAM,KAAK,UAAU;AAAA,gBACnB,OAAO;AAAA,gBACP,MAAM;AAAA,gBACN,aAAa,MAAM;AAAA,gBACnB,eAAe;AAAA,gBACf,SAAS,MAAM;AAAA,gBACf,QAAQ,uBAAuB,aAAa,0BAA0B,MAAM,KAAK,KAAK,MAAM,OAAO;AAAA,cACrG,CAAC;AAAA,YACH,CAAC;AAAA,YACD,SAAS;AAAA,UACX;AAAA,QACF;AAGA,YAAI,SAAS,OAAO,UAAU,UAAU;AACtC,uBAAa,IAAI,OAAO,KAAK;AAAA,QAC/B;AAAA,MACF;AAEA,aAAO,gBAAgB,QAAQ,KAAK;AAAA,IACtC;AAEA,WAAO,aAAa,MAAM,GAAG,IAAI;AAAA,EACnC;AAEA,SAAO;AAAA,IACL,eAAe,OAAgC;AAC7C,UAAI,CAAC,SAAS,OAAO,UAAU;AAAU,eAAO;AAChD,aAAO,aAAa,IAAI,KAAK,KAAK;AAAA,IACpC;AAAA,IAEA;AAAA,IAEA,MAAM,eAAe,KAA+B;AAClD,YAAM,QAAQ,MAAM,aAAa,GAAG;AACpC,aAAO,UAAU,QAAQ,MAAM,SAAS;AAAA,IAC1C;AAAA,IAEA,UAAU,EAAE,KAAK,aAAa,cAAc;AAAA,IAE5C,aAAa;AACX,YAAM,MAAM;AAAA,IACd;AAAA,EACF;AACF;",
+  "names": []
+}

package/dist/index.mjs ADDED Viewed

@@ -0,0 +1,209 @@
+// src/index.ts
+import { computeTrustScore, getTrustVerdict, verifyTrustProof } from "@aidprotocol/trust-compute";
+var TrustCache = class {
+  cache = /* @__PURE__ */ new Map();
+  ttlMs;
+  constructor(ttlSeconds) {
+    this.ttlMs = ttlSeconds * 1e3;
+  }
+  get(did) {
+    const entry = this.cache.get(did);
+    if (!entry)
+      return null;
+    if (Date.now() > entry.expiresAt) {
+      this.cache.delete(did);
+      return null;
+    }
+    return { ...entry.trust, cached: true };
+  }
+  set(did, trust) {
+    this.cache.set(did, {
+      trust,
+      expiresAt: Date.now() + this.ttlMs
+    });
+    if (this.cache.size > 1e4) {
+      const oldest = this.cache.keys().next().value;
+      if (oldest)
+        this.cache.delete(oldest);
+    }
+  }
+  clear() {
+    this.cache.clear();
+  }
+};
+async function fetchTrustFromApi(did, apiUrl) {
+  try {
+    const url = `${apiUrl}/v1/aid/${encodeURIComponent(did)}/trust`;
+    const res = await fetch(url, {
+      method: "GET",
+      headers: { "Accept": "application/json" },
+      signal: AbortSignal.timeout(5e3)
+    });
+    if (!res.ok)
+      return null;
+    const data = await res.json();
+    return {
+      score: data.trustScore ?? data.score ?? 0,
+      verdict: data.verdict ?? "new",
+      attestationCount: data.attestationCount ?? 0
+    };
+  } catch {
+    return null;
+  }
+}
+function withAidTrust(server, config) {
+  const {
+    providerDid,
+    minTrustScore = 0,
+    apiUrl = "https://api.claw-net.org",
+    failMode = "closed",
+    cacheTtlSeconds = 300,
+    onRejected,
+    onVerified
+  } = config;
+  const cache = new TrustCache(cacheTtlSeconds);
+  const requestTrust = /* @__PURE__ */ new WeakMap();
+  async function resolveTrust(did) {
+    const cached = cache.get(did);
+    if (cached)
+      return cached;
+    const apiResult = await fetchTrustFromApi(did, apiUrl);
+    if (!apiResult) {
+      if (failMode === "closed")
+        return null;
+      const fallback = {
+        did,
+        score: 0,
+        verdict: "new",
+        discount: 0,
+        settlementMode: "immediate",
+        cached: false,
+        resolvedAt: (/* @__PURE__ */ new Date()).toISOString()
+      };
+      return fallback;
+    }
+    const verdictResult = getTrustVerdict(apiResult.score);
+    const trust = {
+      did,
+      score: apiResult.score,
+      verdict: verdictResult.verdict,
+      discount: verdictResult.discount,
+      settlementMode: verdictResult.settlementMode,
+      cached: false,
+      resolvedAt: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    cache.set(did, trust);
+    if (onVerified) {
+      onVerified(did, trust.score, trust.verdict);
+    }
+    return trust;
+  }
+  const originalTool = server.tool.bind(server);
+  server.tool = function wrappedTool(name, ...args) {
+    const handlerIndex = args.findIndex((a) => typeof a === "function");
+    if (handlerIndex === -1) {
+      return originalTool(name, ...args);
+    }
+    const originalHandler = args[handlerIndex];
+    args[handlerIndex] = async function trustedHandler(params, extra) {
+      let callerDid = null;
+      if (extra?.meta?.["X-AID-DID"]) {
+        callerDid = extra.meta["X-AID-DID"];
+      } else if (extra?.sessionId) {
+        callerDid = `session:${extra.sessionId}`;
+      }
+      if (callerDid && callerDid.startsWith("did:")) {
+        const trust = await resolveTrust(callerDid);
+        if (!trust) {
+          return {
+            content: [{
+              type: "text",
+              text: JSON.stringify({
+                error: "Trust verification failed",
+                code: "AID_TRUST_UNAVAILABLE",
+                detail: "Could not verify caller trust score. Try again later."
+              })
+            }],
+            isError: true
+          };
+        }
+        if (trust.score < minTrustScore) {
+          if (onRejected)
+            onRejected(callerDid, trust.score, minTrustScore);
+          return {
+            content: [{
+              type: "text",
+              text: JSON.stringify({
+                error: "Trust score too low",
+                code: "AID_TRUST_GATE_BLOCKED",
+                callerScore: trust.score,
+                requiredScore: minTrustScore,
+                verdict: trust.verdict,
+                detail: `Minimum trust score ${minTrustScore} required. Your score: ${trust.score} (${trust.verdict}).`
+              })
+            }],
+            isError: true
+          };
+        }
+        if (extra && typeof extra === "object") {
+          requestTrust.set(extra, trust);
+        }
+      }
+      return originalHandler(params, extra);
+    };
+    return originalTool(name, ...args);
+  };
+  return {
+    getCallerTrust(extra) {
+      if (!extra || typeof extra !== "object")
+        return null;
+      return requestTrust.get(extra) ?? null;
+    },
+    resolveTrust,
+    async meetsThreshold(did) {
+      const trust = await resolveTrust(did);
+      return trust !== null && trust.score >= minTrustScore;
+    },
+    provider: { did: providerDid, minTrustScore },
+    clearCache() {
+      cache.clear();
+    }
+  };
+}
+export {
+  computeTrustScore,
+  getTrustVerdict,
+  verifyTrustProof,
+  withAidTrust
+};
+/**
+ * @aidprotocol/mcp-trust — Trust verification middleware for MCP servers
+ *
+ * Add trust scoring to any MCP server in one line.
+ * Verifies caller identity via Ed25519 signatures, resolves trust scores,
+ * and makes trust data available in every tool handler.
+ *
+ * @example
+ * ```typescript
+ * import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+ * import { withAidTrust } from '@aidprotocol/mcp-trust';
+ *
+ * const server = new McpServer({ name: 'my-api' });
+ *
+ * const aid = withAidTrust(server, {
+ *   providerDid: 'did:key:zMyServerDid...',
+ *   minTrustScore: 40,
+ *   apiUrl: 'https://api.claw-net.org',
+ * });
+ *
+ * // Trust data available in tool context
+ * server.tool('get-data', { query: z.string() }, async (params, extra) => {
+ *   const trust = aid.getCallerTrust(extra);
+ *   console.log(trust?.score); // 87
+ *   return { content: [{ type: 'text', text: 'result' }] };
+ * });
+ * ```
+ *
+ * @license MIT
+ */
+//# sourceMappingURL=index.mjs.map

package/dist/index.mjs.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../src/index.ts"],
+  "sourcesContent": ["/**\n * @aidprotocol/mcp-trust \u2014 Trust verification middleware for MCP servers\n *\n * Add trust scoring to any MCP server in one line.\n * Verifies caller identity via Ed25519 signatures, resolves trust scores,\n * and makes trust data available in every tool handler.\n *\n * @example\n * ```typescript\n * import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';\n * import { withAidTrust } from '@aidprotocol/mcp-trust';\n *\n * const server = new McpServer({ name: 'my-api' });\n *\n * const aid = withAidTrust(server, {\n *   providerDid: 'did:key:zMyServerDid...',\n *   minTrustScore: 40,\n *   apiUrl: 'https://api.claw-net.org',\n * });\n *\n * // Trust data available in tool context\n * server.tool('get-data', { query: z.string() }, async (params, extra) => {\n *   const trust = aid.getCallerTrust(extra);\n *   console.log(trust?.score); // 87\n *   return { content: [{ type: 'text', text: 'result' }] };\n * });\n * ```\n *\n * @license MIT\n */\n\nimport { createHash, createVerify } from 'crypto';\nimport { computeTrustScore, getTrustVerdict, verifyTrustProof, jcsSerialize } from '@aidprotocol/trust-compute';\nimport type { TrustScoreProof, TrustVerdictResult, TrustStats } from '@aidprotocol/trust-compute';\n\n// Re-export trust-compute types for convenience\nexport type { TrustScoreProof, TrustVerdictResult, TrustStats };\nexport { computeTrustScore, getTrustVerdict, verifyTrustProof };\n\n// \u2500\u2500\u2500 Types \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n\nexport interface AidTrustConfig {\n  /** The DID of this MCP server (did:key:z...) */\n  providerDid: string;\n\n  /** Minimum trust score required to call tools (0-100, default: 0) */\n  minTrustScore?: number;\n\n  /** ClawNet API URL for trust resolution (default: https://api.claw-net.org) */\n  apiUrl?: string;\n\n  /** Fail mode: 'closed' rejects on API failure, 'open' allows (default: 'closed') */\n  failMode?: 'closed' | 'open';\n\n  /** How long to cache trust scores in seconds (default: 300) */\n  cacheTtlSeconds?: number;\n\n  /** Optional callback when a caller is rejected for low trust */\n  onRejected?: (callerDid: string, score: number, minRequired: number) => void;\n\n  /** Optional callback when trust is verified */\n  onVerified?: (callerDid: string, score: number, verdict: string) => void;\n}\n\nexport interface CallerTrust {\n  /** Caller's DID (did:key:z...) */\n  did: string;\n  /** Trust score (0-100) */\n  score: number;\n  /** Trust verdict (new, building, caution, standard, trusted, proceed) */\n  verdict: string;\n  /** Pricing discount (0-0.30) */\n  discount: number;\n  /** Settlement mode */\n  settlementMode: string;\n  /** Whether the score was from cache */\n  cached: boolean;\n  /** When the score was resolved */\n  resolvedAt: string;\n}\n\nexport interface AidTrustInstance {\n  /** Get trust data for the current caller from tool handler context */\n  getCallerTrust: (extra: any) => CallerTrust | null;\n\n  /** Manually resolve trust for a DID */\n  resolveTrust: (did: string) => Promise<CallerTrust | null>;\n\n  /** Check if a DID meets the minimum trust threshold */\n  meetsThreshold: (did: string) => Promise<boolean>;\n\n  /** Get provider info */\n  provider: { did: string; minTrustScore: number };\n\n  /** Clear the trust cache */\n  clearCache: () => void;\n}\n\n// \u2500\u2500\u2500 Trust Cache \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n\ninterface CacheEntry {\n  trust: CallerTrust;\n  expiresAt: number;\n}\n\nclass TrustCache {\n  private cache = new Map<string, CacheEntry>();\n  private ttlMs: number;\n\n  constructor(ttlSeconds: number) {\n    this.ttlMs = ttlSeconds * 1000;\n  }\n\n  get(did: string): CallerTrust | null {\n    const entry = this.cache.get(did);\n    if (!entry) return null;\n    if (Date.now() > entry.expiresAt) {\n      this.cache.delete(did);\n      return null;\n    }\n    return { ...entry.trust, cached: true };\n  }\n\n  set(did: string, trust: CallerTrust): void {\n    this.cache.set(did, {\n      trust,\n      expiresAt: Date.now() + this.ttlMs,\n    });\n    // Evict if cache grows too large (10K entries max)\n    if (this.cache.size > 10000) {\n      const oldest = this.cache.keys().next().value;\n      if (oldest) this.cache.delete(oldest);\n    }\n  }\n\n  clear(): void {\n    this.cache.clear();\n  }\n}\n\n// \u2500\u2500\u2500 Trust Resolution \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n\nasync function fetchTrustFromApi(\n  did: string,\n  apiUrl: string,\n): Promise<{ score: number; verdict: string; attestationCount: number } | null> {\n  try {\n    const url = `${apiUrl}/v1/aid/${encodeURIComponent(did)}/trust`;\n    const res = await fetch(url, {\n      method: 'GET',\n      headers: { 'Accept': 'application/json' },\n      signal: AbortSignal.timeout(5000),\n    });\n    if (!res.ok) return null;\n    const data = await res.json() as any;\n    return {\n      score: data.trustScore ?? data.score ?? 0,\n      verdict: data.verdict ?? 'new',\n      attestationCount: data.attestationCount ?? 0,\n    };\n  } catch {\n    return null;\n  }\n}\n\n// \u2500\u2500\u2500 Main Export \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n\n/**\n * Add AID trust verification to an MCP server.\n *\n * This wraps the server to resolve trust for callers via X-AID-DID headers\n * or by querying ClawNet's trust API. Trust data is cached and available\n * in tool handlers via `aid.getCallerTrust(extra)`.\n *\n * @param server - The MCP server instance\n * @param config - Trust configuration\n * @returns An AidTrustInstance for querying trust data\n */\nexport function withAidTrust(server: any, config: AidTrustConfig): AidTrustInstance {\n  const {\n    providerDid,\n    minTrustScore = 0,\n    apiUrl = 'https://api.claw-net.org',\n    failMode = 'closed',\n    cacheTtlSeconds = 300,\n    onRejected,\n    onVerified,\n  } = config;\n\n  const cache = new TrustCache(cacheTtlSeconds);\n\n  // Store trust data per-request using a WeakMap keyed on the extra object\n  const requestTrust = new WeakMap<object, CallerTrust>();\n\n  async function resolveTrust(did: string): Promise<CallerTrust | null> {\n    // Check cache first\n    const cached = cache.get(did);\n    if (cached) return cached;\n\n    // Fetch from API\n    const apiResult = await fetchTrustFromApi(did, apiUrl);\n\n    if (!apiResult) {\n      if (failMode === 'closed') return null;\n      // fail-open: return score 0 (base price, no discount)\n      const fallback: CallerTrust = {\n        did,\n        score: 0,\n        verdict: 'new',\n        discount: 0,\n        settlementMode: 'immediate',\n        cached: false,\n        resolvedAt: new Date().toISOString(),\n      };\n      return fallback;\n    }\n\n    const verdictResult = getTrustVerdict(apiResult.score);\n    const trust: CallerTrust = {\n      did,\n      score: apiResult.score,\n      verdict: verdictResult.verdict,\n      discount: verdictResult.discount,\n      settlementMode: verdictResult.settlementMode,\n      cached: false,\n      resolvedAt: new Date().toISOString(),\n    };\n\n    cache.set(did, trust);\n\n    if (onVerified) {\n      onVerified(did, trust.score, trust.verdict);\n    }\n\n    return trust;\n  }\n\n  // Wrap the server's tool method to inject trust resolution\n  const originalTool = server.tool.bind(server);\n  server.tool = function wrappedTool(name: string, ...args: any[]) {\n    // Find the handler (last function argument)\n    const handlerIndex = args.findIndex((a: any) => typeof a === 'function');\n    if (handlerIndex === -1) {\n      return originalTool(name, ...args);\n    }\n\n    const originalHandler = args[handlerIndex];\n    args[handlerIndex] = async function trustedHandler(params: any, extra: any) {\n      // Extract caller DID from transport metadata if available\n      // MCP doesn't have standard auth headers yet \u2014 this is forward-compatible\n      // with MCP-I when it ships. For now, check sessionId or custom metadata.\n      let callerDid: string | null = null;\n\n      // Check if caller provided DID via MCP metadata/params\n      if (extra?.meta?.['X-AID-DID']) {\n        callerDid = extra.meta['X-AID-DID'];\n      } else if (extra?.sessionId) {\n        // Use sessionId as a fallback identifier\n        callerDid = `session:${extra.sessionId}`;\n      }\n\n      if (callerDid && callerDid.startsWith('did:')) {\n        const trust = await resolveTrust(callerDid);\n\n        if (!trust) {\n          // Failed to resolve and failMode is 'closed'\n          return {\n            content: [{\n              type: 'text',\n              text: JSON.stringify({\n                error: 'Trust verification failed',\n                code: 'AID_TRUST_UNAVAILABLE',\n                detail: 'Could not verify caller trust score. Try again later.',\n              }),\n            }],\n            isError: true,\n          };\n        }\n\n        if (trust.score < minTrustScore) {\n          if (onRejected) onRejected(callerDid, trust.score, minTrustScore);\n          return {\n            content: [{\n              type: 'text',\n              text: JSON.stringify({\n                error: 'Trust score too low',\n                code: 'AID_TRUST_GATE_BLOCKED',\n                callerScore: trust.score,\n                requiredScore: minTrustScore,\n                verdict: trust.verdict,\n                detail: `Minimum trust score ${minTrustScore} required. Your score: ${trust.score} (${trust.verdict}).`,\n              }),\n            }],\n            isError: true,\n          };\n        }\n\n        // Store trust for retrieval via getCallerTrust\n        if (extra && typeof extra === 'object') {\n          requestTrust.set(extra, trust);\n        }\n      }\n\n      return originalHandler(params, extra);\n    };\n\n    return originalTool(name, ...args);\n  };\n\n  return {\n    getCallerTrust(extra: any): CallerTrust | null {\n      if (!extra || typeof extra !== 'object') return null;\n      return requestTrust.get(extra) ?? null;\n    },\n\n    resolveTrust,\n\n    async meetsThreshold(did: string): Promise<boolean> {\n      const trust = await resolveTrust(did);\n      return trust !== null && trust.score >= minTrustScore;\n    },\n\n    provider: { did: providerDid, minTrustScore },\n\n    clearCache() {\n      cache.clear();\n    },\n  };\n}\n"],
+  "mappings": ";AAgCA,SAAS,mBAAmB,iBAAiB,wBAAsC;AAyEnF,IAAM,aAAN,MAAiB;AAAA,EACP,QAAQ,oBAAI,IAAwB;AAAA,EACpC;AAAA,EAER,YAAY,YAAoB;AAC9B,SAAK,QAAQ,aAAa;AAAA,EAC5B;AAAA,EAEA,IAAI,KAAiC;AACnC,UAAM,QAAQ,KAAK,MAAM,IAAI,GAAG;AAChC,QAAI,CAAC;AAAO,aAAO;AACnB,QAAI,KAAK,IAAI,IAAI,MAAM,WAAW;AAChC,WAAK,MAAM,OAAO,GAAG;AACrB,aAAO;AAAA,IACT;AACA,WAAO,EAAE,GAAG,MAAM,OAAO,QAAQ,KAAK;AAAA,EACxC;AAAA,EAEA,IAAI,KAAa,OAA0B;AACzC,SAAK,MAAM,IAAI,KAAK;AAAA,MAClB;AAAA,MACA,WAAW,KAAK,IAAI,IAAI,KAAK;AAAA,IAC/B,CAAC;AAED,QAAI,KAAK,MAAM,OAAO,KAAO;AAC3B,YAAM,SAAS,KAAK,MAAM,KAAK,EAAE,KAAK,EAAE;AACxC,UAAI;AAAQ,aAAK,MAAM,OAAO,MAAM;AAAA,IACtC;AAAA,EACF;AAAA,EAEA,QAAc;AACZ,SAAK,MAAM,MAAM;AAAA,EACnB;AACF;AAIA,eAAe,kBACb,KACA,QAC8E;AAC9E,MAAI;AACF,UAAM,MAAM,GAAG,MAAM,WAAW,mBAAmB,GAAG,CAAC;AACvD,UAAM,MAAM,MAAM,MAAM,KAAK;AAAA,MAC3B,QAAQ;AAAA,MACR,SAAS,EAAE,UAAU,mBAAmB;AAAA,MACxC,QAAQ,YAAY,QAAQ,GAAI;AAAA,IAClC,CAAC;AACD,QAAI,CAAC,IAAI;AAAI,aAAO;AACpB,UAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,WAAO;AAAA,MACL,OAAO,KAAK,cAAc,KAAK,SAAS;AAAA,MACxC,SAAS,KAAK,WAAW;AAAA,MACzB,kBAAkB,KAAK,oBAAoB;AAAA,IAC7C;AAAA,EACF,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAeO,SAAS,aAAa,QAAa,QAA0C;AAClF,QAAM;AAAA,IACJ;AAAA,IACA,gBAAgB;AAAA,IAChB,SAAS;AAAA,IACT,WAAW;AAAA,IACX,kBAAkB;AAAA,IAClB;AAAA,IACA;AAAA,EACF,IAAI;AAEJ,QAAM,QAAQ,IAAI,WAAW,eAAe;AAG5C,QAAM,eAAe,oBAAI,QAA6B;AAEtD,iBAAe,aAAa,KAA0C;AAEpE,UAAM,SAAS,MAAM,IAAI,GAAG;AAC5B,QAAI;AAAQ,aAAO;AAGnB,UAAM,YAAY,MAAM,kBAAkB,KAAK,MAAM;AAErD,QAAI,CAAC,WAAW;AACd,UAAI,aAAa;AAAU,eAAO;AAElC,YAAM,WAAwB;AAAA,QAC5B;AAAA,QACA,OAAO;AAAA,QACP,SAAS;AAAA,QACT,UAAU;AAAA,QACV,gBAAgB;AAAA,QAChB,QAAQ;AAAA,QACR,aAAY,oBAAI,KAAK,GAAE,YAAY;AAAA,MACrC;AACA,aAAO;AAAA,IACT;AAEA,UAAM,gBAAgB,gBAAgB,UAAU,KAAK;AACrD,UAAM,QAAqB;AAAA,MACzB;AAAA,MACA,OAAO,UAAU;AAAA,MACjB,SAAS,cAAc;AAAA,MACvB,UAAU,cAAc;AAAA,MACxB,gBAAgB,cAAc;AAAA,MAC9B,QAAQ;AAAA,MACR,aAAY,oBAAI,KAAK,GAAE,YAAY;AAAA,IACrC;AAEA,UAAM,IAAI,KAAK,KAAK;AAEpB,QAAI,YAAY;AACd,iBAAW,KAAK,MAAM,OAAO,MAAM,OAAO;AAAA,IAC5C;AAEA,WAAO;AAAA,EACT;AAGA,QAAM,eAAe,OAAO,KAAK,KAAK,MAAM;AAC5C,SAAO,OAAO,SAAS,YAAY,SAAiB,MAAa;AAE/D,UAAM,eAAe,KAAK,UAAU,CAAC,MAAW,OAAO,MAAM,UAAU;AACvE,QAAI,iBAAiB,IAAI;AACvB,aAAO,aAAa,MAAM,GAAG,IAAI;AAAA,IACnC;AAEA,UAAM,kBAAkB,KAAK,YAAY;AACzC,SAAK,YAAY,IAAI,eAAe,eAAe,QAAa,OAAY;AAI1E,UAAI,YAA2B;AAG/B,UAAI,OAAO,OAAO,WAAW,GAAG;AAC9B,oBAAY,MAAM,KAAK,WAAW;AAAA,MACpC,WAAW,OAAO,WAAW;AAE3B,oBAAY,WAAW,MAAM,SAAS;AAAA,MACxC;AAEA,UAAI,aAAa,UAAU,WAAW,MAAM,GAAG;AAC7C,cAAM,QAAQ,MAAM,aAAa,SAAS;AAE1C,YAAI,CAAC,OAAO;AAEV,iBAAO;AAAA,YACL,SAAS,CAAC;AAAA,cACR,MAAM;AAAA,cACN,MAAM,KAAK,UAAU;AAAA,gBACnB,OAAO;AAAA,gBACP,MAAM;AAAA,gBACN,QAAQ;AAAA,cACV,CAAC;AAAA,YACH,CAAC;AAAA,YACD,SAAS;AAAA,UACX;AAAA,QACF;AAEA,YAAI,MAAM,QAAQ,eAAe;AAC/B,cAAI;AAAY,uBAAW,WAAW,MAAM,OAAO,aAAa;AAChE,iBAAO;AAAA,YACL,SAAS,CAAC;AAAA,cACR,MAAM;AAAA,cACN,MAAM,KAAK,UAAU;AAAA,gBACnB,OAAO;AAAA,gBACP,MAAM;AAAA,gBACN,aAAa,MAAM;AAAA,gBACnB,eAAe;AAAA,gBACf,SAAS,MAAM;AAAA,gBACf,QAAQ,uBAAuB,aAAa,0BAA0B,MAAM,KAAK,KAAK,MAAM,OAAO;AAAA,cACrG,CAAC;AAAA,YACH,CAAC;AAAA,YACD,SAAS;AAAA,UACX;AAAA,QACF;AAGA,YAAI,SAAS,OAAO,UAAU,UAAU;AACtC,uBAAa,IAAI,OAAO,KAAK;AAAA,QAC/B;AAAA,MACF;AAEA,aAAO,gBAAgB,QAAQ,KAAK;AAAA,IACtC;AAEA,WAAO,aAAa,MAAM,GAAG,IAAI;AAAA,EACnC;AAEA,SAAO;AAAA,IACL,eAAe,OAAgC;AAC7C,UAAI,CAAC,SAAS,OAAO,UAAU;AAAU,eAAO;AAChD,aAAO,aAAa,IAAI,KAAK,KAAK;AAAA,IACpC;AAAA,IAEA;AAAA,IAEA,MAAM,eAAe,KAA+B;AAClD,YAAM,QAAQ,MAAM,aAAa,GAAG;AACpC,aAAO,UAAU,QAAQ,MAAM,SAAS;AAAA,IAC1C;AAAA,IAEA,UAAU,EAAE,KAAK,aAAa,cAAc;AAAA,IAE5C,aAAa;AACX,YAAM,MAAM;AAAA,IACd;AAAA,EACF;AACF;",
+  "names": []
+}

package/package.json CHANGED Viewed

@@ -1,12 +1,38 @@
 {
   "name": "@aidprotocol/mcp-trust",
-  "version": "1.0.0",
-  "description": "",
-  "main": "index.js",
+  "version": "1.0.1",
+  "description": "Trust verification middleware for MCP servers — add AID trust scoring in one line",
+  "main": "dist/index.js",
+  "module": "dist/index.mjs",
+  "types": "dist/index.d.ts",
+  "files": ["dist/", "README.md"],
+  "exports": {
+    ".": {
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
   "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
+    "build": "node build.mjs",
+    "prepublishOnly": "npm run build"
+  },
+  "keywords": [
+    "mcp", "trust", "aid", "agent", "identity", "reputation",
+    "middleware", "verification", "ed25519", "did", "agentic-commerce",
+    "model-context-protocol", "a2a"
+  ],
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/1xmint/claw-net",
+    "directory": "packages/mcp-trust"
+  },
+  "homepage": "https://claw-net.org",
+  "dependencies": {
+    "@aidprotocol/trust-compute": "^1.0.1"
   },
-  "keywords": [],
-  "author": "",
-  "license": "ISC"
+  "devDependencies": {
+    "esbuild": "^0.20.0"
+  }
 }