@attested-intelligence/aga-mcp-server 0.1.1 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (197) hide show
  1. package/README.md +106 -24
  2. package/dist/context.d.ts +39 -0
  3. package/dist/context.d.ts.map +1 -0
  4. package/dist/context.js +113 -0
  5. package/dist/context.js.map +1 -0
  6. package/dist/core/identity.d.ts +14 -0
  7. package/dist/core/identity.d.ts.map +1 -0
  8. package/dist/core/identity.js +16 -0
  9. package/dist/core/identity.js.map +1 -0
  10. package/dist/core/index.d.ts +3 -0
  11. package/dist/core/index.d.ts.map +1 -1
  12. package/dist/core/index.js +3 -0
  13. package/dist/core/index.js.map +1 -1
  14. package/dist/core/measurement.d.ts +16 -0
  15. package/dist/core/measurement.d.ts.map +1 -0
  16. package/dist/core/measurement.js +18 -0
  17. package/dist/core/measurement.js.map +1 -0
  18. package/dist/core/portal.d.ts +1 -1
  19. package/dist/core/portal.d.ts.map +1 -1
  20. package/dist/core/portal.js +10 -5
  21. package/dist/core/portal.js.map +1 -1
  22. package/dist/core/types.d.ts +2 -3
  23. package/dist/core/types.d.ts.map +1 -1
  24. package/dist/crypto/canonicalize.d.ts +7 -0
  25. package/dist/crypto/canonicalize.d.ts.map +1 -0
  26. package/dist/crypto/canonicalize.js +21 -0
  27. package/dist/crypto/canonicalize.js.map +1 -0
  28. package/dist/crypto/hash.d.ts +1 -1
  29. package/dist/crypto/hash.d.ts.map +1 -1
  30. package/dist/crypto/hash.js +1 -1
  31. package/dist/crypto/hash.js.map +1 -1
  32. package/dist/crypto/index.d.ts +6 -5
  33. package/dist/crypto/index.d.ts.map +1 -1
  34. package/dist/crypto/index.js +6 -5
  35. package/dist/crypto/index.js.map +1 -1
  36. package/dist/crypto/keys.d.ts +10 -0
  37. package/dist/crypto/keys.d.ts.map +1 -0
  38. package/dist/crypto/keys.js +19 -0
  39. package/dist/crypto/keys.js.map +1 -0
  40. package/dist/index.js +1 -1
  41. package/dist/index.js.map +1 -1
  42. package/dist/middleware/governance.d.ts +1 -7
  43. package/dist/middleware/governance.d.ts.map +1 -1
  44. package/dist/middleware/governance.js +11 -18
  45. package/dist/middleware/governance.js.map +1 -1
  46. package/dist/prompts/drift-analysis.d.ts +13 -0
  47. package/dist/prompts/drift-analysis.d.ts.map +1 -0
  48. package/dist/prompts/drift-analysis.js +43 -0
  49. package/dist/prompts/drift-analysis.js.map +1 -0
  50. package/dist/prompts/governance-report.d.ts +7 -0
  51. package/dist/prompts/governance-report.d.ts.map +1 -0
  52. package/dist/prompts/governance-report.js +26 -0
  53. package/dist/prompts/governance-report.js.map +1 -0
  54. package/dist/prompts/nccoe-demo.d.ts +14 -0
  55. package/dist/prompts/nccoe-demo.d.ts.map +1 -0
  56. package/dist/prompts/nccoe-demo.js +47 -0
  57. package/dist/prompts/nccoe-demo.js.map +1 -0
  58. package/dist/resources/cosai-mapping.d.ts +24 -0
  59. package/dist/resources/cosai-mapping.d.ts.map +1 -0
  60. package/dist/resources/cosai-mapping.js +127 -0
  61. package/dist/resources/cosai-mapping.js.map +1 -0
  62. package/dist/resources/crypto-primitives.d.ts +3 -0
  63. package/dist/resources/crypto-primitives.d.ts.map +1 -0
  64. package/dist/resources/crypto-primitives.js +52 -0
  65. package/dist/resources/crypto-primitives.js.map +1 -0
  66. package/dist/resources/sample-bundle.d.ts +6 -0
  67. package/dist/resources/sample-bundle.d.ts.map +1 -0
  68. package/dist/resources/sample-bundle.js +58 -0
  69. package/dist/resources/sample-bundle.js.map +1 -0
  70. package/dist/resources/specification.d.ts +3 -0
  71. package/dist/resources/specification.d.ts.map +1 -0
  72. package/dist/resources/specification.js +161 -0
  73. package/dist/resources/specification.js.map +1 -0
  74. package/dist/server.d.ts +3 -7
  75. package/dist/server.d.ts.map +1 -1
  76. package/dist/server.js +214 -343
  77. package/dist/server.js.map +1 -1
  78. package/dist/storage/sqlite.js +1 -1
  79. package/dist/tools/create-artifact.d.ts +25 -0
  80. package/dist/tools/create-artifact.d.ts.map +1 -0
  81. package/dist/tools/create-artifact.js +85 -0
  82. package/dist/tools/create-artifact.js.map +1 -0
  83. package/dist/tools/delegate-subagent.d.ts +18 -0
  84. package/dist/tools/delegate-subagent.d.ts.map +1 -0
  85. package/dist/tools/delegate-subagent.js +50 -0
  86. package/dist/tools/delegate-subagent.js.map +1 -0
  87. package/dist/tools/disclose-claim.d.ts +14 -0
  88. package/dist/tools/disclose-claim.d.ts.map +1 -0
  89. package/dist/tools/disclose-claim.js +23 -0
  90. package/dist/tools/disclose-claim.js.map +1 -0
  91. package/dist/tools/export-bundle.d.ts +8 -0
  92. package/dist/tools/export-bundle.d.ts.map +1 -0
  93. package/dist/tools/export-bundle.js +25 -0
  94. package/dist/tools/export-bundle.js.map +1 -0
  95. package/dist/tools/full-lifecycle.d.ts +16 -0
  96. package/dist/tools/full-lifecycle.d.ts.map +1 -0
  97. package/dist/tools/full-lifecycle.js +121 -0
  98. package/dist/tools/full-lifecycle.js.map +1 -0
  99. package/dist/tools/generate-receipt.d.ts +16 -0
  100. package/dist/tools/generate-receipt.d.ts.map +1 -0
  101. package/dist/tools/generate-receipt.js +31 -0
  102. package/dist/tools/generate-receipt.js.map +1 -0
  103. package/dist/tools/get-chain.d.ts +14 -0
  104. package/dist/tools/get-chain.d.ts.map +1 -0
  105. package/dist/tools/get-chain.js +45 -0
  106. package/dist/tools/get-chain.js.map +1 -0
  107. package/dist/tools/get-portal-state.d.ts +8 -0
  108. package/dist/tools/get-portal-state.d.ts.map +1 -0
  109. package/dist/tools/get-portal-state.js +15 -0
  110. package/dist/tools/get-portal-state.js.map +1 -0
  111. package/dist/tools/init-chain.d.ts +10 -0
  112. package/dist/tools/init-chain.d.ts.map +1 -0
  113. package/dist/tools/init-chain.js +13 -0
  114. package/dist/tools/init-chain.js.map +1 -0
  115. package/dist/tools/measure-behavior.d.ts +12 -0
  116. package/dist/tools/measure-behavior.d.ts.map +1 -0
  117. package/dist/tools/measure-behavior.js +29 -0
  118. package/dist/tools/measure-behavior.js.map +1 -0
  119. package/dist/tools/measure-subject.d.ts +15 -0
  120. package/dist/tools/measure-subject.d.ts.map +1 -0
  121. package/dist/tools/measure-subject.js +106 -0
  122. package/dist/tools/measure-subject.js.map +1 -0
  123. package/dist/tools/quarantine-status.d.ts +8 -0
  124. package/dist/tools/quarantine-status.d.ts.map +1 -0
  125. package/dist/tools/quarantine-status.js +16 -0
  126. package/dist/tools/quarantine-status.js.map +1 -0
  127. package/dist/tools/revoke-artifact.d.ts +13 -0
  128. package/dist/tools/revoke-artifact.d.ts.map +1 -0
  129. package/dist/tools/revoke-artifact.js +24 -0
  130. package/dist/tools/revoke-artifact.js.map +1 -0
  131. package/dist/tools/rotate-keys.d.ts +13 -0
  132. package/dist/tools/rotate-keys.d.ts.map +1 -0
  133. package/dist/tools/rotate-keys.js +39 -0
  134. package/dist/tools/rotate-keys.js.map +1 -0
  135. package/dist/tools/server-info.d.ts +8 -0
  136. package/dist/tools/server-info.d.ts.map +1 -0
  137. package/dist/tools/server-info.js +23 -0
  138. package/dist/tools/server-info.js.map +1 -0
  139. package/dist/tools/set-verification-tier.d.ts +11 -0
  140. package/dist/tools/set-verification-tier.d.ts.map +1 -0
  141. package/dist/tools/set-verification-tier.js +31 -0
  142. package/dist/tools/set-verification-tier.js.map +1 -0
  143. package/dist/tools/start-monitoring.d.ts +12 -0
  144. package/dist/tools/start-monitoring.d.ts.map +1 -0
  145. package/dist/tools/start-monitoring.js +17 -0
  146. package/dist/tools/start-monitoring.js.map +1 -0
  147. package/dist/tools/trigger-measurement.d.ts +15 -0
  148. package/dist/tools/trigger-measurement.d.ts.map +1 -0
  149. package/dist/tools/trigger-measurement.js +86 -0
  150. package/dist/tools/trigger-measurement.js.map +1 -0
  151. package/dist/tools/verify-artifact.d.ts +13 -0
  152. package/dist/tools/verify-artifact.d.ts.map +1 -0
  153. package/dist/tools/verify-artifact.js +6 -0
  154. package/dist/tools/verify-artifact.js.map +1 -0
  155. package/dist/tools/verify-bundle.d.ts +13 -0
  156. package/dist/tools/verify-bundle.d.ts.map +1 -0
  157. package/dist/tools/verify-bundle.js +6 -0
  158. package/dist/tools/verify-bundle.js.map +1 -0
  159. package/dist/types.d.ts +261 -0
  160. package/dist/types.d.ts.map +1 -0
  161. package/dist/types.js +8 -0
  162. package/dist/types.js.map +1 -0
  163. package/package.json +18 -3
  164. package/AGA_MCP_SERVER_SPEC.md +0 -632
  165. package/src/core/artifact.ts +0 -45
  166. package/src/core/attestation.ts +0 -33
  167. package/src/core/behavioral.ts +0 -132
  168. package/src/core/bundle.ts +0 -31
  169. package/src/core/chain.ts +0 -72
  170. package/src/core/checkpoint.ts +0 -22
  171. package/src/core/delegation.ts +0 -146
  172. package/src/core/disclosure.ts +0 -32
  173. package/src/core/index.ts +0 -11
  174. package/src/core/portal.ts +0 -96
  175. package/src/core/quarantine.ts +0 -16
  176. package/src/core/receipt.ts +0 -33
  177. package/src/core/subject.ts +0 -11
  178. package/src/core/types.ts +0 -244
  179. package/src/crypto/hash.ts +0 -33
  180. package/src/crypto/index.ts +0 -5
  181. package/src/crypto/merkle.ts +0 -43
  182. package/src/crypto/salt.ts +0 -18
  183. package/src/crypto/sign.ts +0 -35
  184. package/src/crypto/types.ts +0 -19
  185. package/src/index.ts +0 -12
  186. package/src/middleware/governance.ts +0 -95
  187. package/src/middleware/index.ts +0 -1
  188. package/src/server.ts +0 -436
  189. package/src/storage/index.ts +0 -3
  190. package/src/storage/interface.ts +0 -21
  191. package/src/storage/memory.ts +0 -27
  192. package/src/storage/sqlite.ts +0 -45
  193. package/src/tools/README.md +0 -13
  194. package/src/utils/canonical.ts +0 -14
  195. package/src/utils/constants.ts +0 -3
  196. package/src/utils/timestamp.ts +0 -12
  197. package/src/utils/uuid.ts +0 -2
@@ -1 +1 @@
1
- {"version":3,"file":"hash.d.ts","sourceRoot":"","sources":["../../src/crypto/hash.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAI1C,wBAAgB,WAAW,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAErD;AAED,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAE/C;AAED,wBAAgB,UAAU,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAEpD;AAED,wFAAwF;AACxF,wBAAgB,SAAS,CAAC,GAAG,KAAK,EAAE,CAAC,UAAU,GAAG,MAAM,CAAC,EAAE,GAAG,OAAO,CAOpE;AAED,yFAAyF;AACzF,wBAAgB,YAAY,CAAC,GAAG,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAExD"}
1
+ {"version":3,"file":"hash.d.ts","sourceRoot":"","sources":["../../src/crypto/hash.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAI1C,wBAAgB,WAAW,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAErD;AAED,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAE/C;AAED,wBAAgB,UAAU,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAEpD;AAED,sFAAsF;AACtF,wBAAgB,SAAS,CAAC,GAAG,KAAK,EAAE,CAAC,UAAU,GAAG,MAAM,CAAC,EAAE,GAAG,OAAO,CAOpE;AAED,yFAAyF;AACzF,wBAAgB,YAAY,CAAC,GAAG,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAExD"}
@@ -11,7 +11,7 @@ export function sha256Str(data) {
11
11
  export function blake2b256(data) {
12
12
  return bytesToHex(blake2b(data, { dkLen: 32 }));
13
13
  }
14
- /** Concatenate inputs (NO delimiter) and SHA-256. Patent Section D: "no delimiters." */
14
+ /** Concatenate inputs (NO delimiter) and SHA-256. No delimiters per protocol spec. */
15
15
  export function sha256Cat(...parts) {
16
16
  const bufs = parts.map(p => typeof p === 'string' ? enc.encode(p) : p);
17
17
  const total = bufs.reduce((n, b) => n + b.length, 0);
@@ -1 +1 @@
1
- {"version":3,"file":"hash.js","sourceRoot":"","sources":["../../src/crypto/hash.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAGjD,MAAM,GAAG,GAAG,IAAI,WAAW,EAAE,CAAC;AAE9B,MAAM,UAAU,WAAW,CAAC,IAAgB;IAC1C,OAAO,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AAClC,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,IAAY;IACpC,OAAO,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AACvC,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,IAAgB;IACzC,OAAO,UAAU,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;AAClD,CAAC;AAED,wFAAwF;AACxF,MAAM,UAAU,SAAS,CAAC,GAAG,KAA8B;IACzD,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvE,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACrD,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IACvC,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;QAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAAC,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;IAAC,CAAC;IAChE,OAAO,WAAW,CAAC,QAAQ,CAAC,CAAC;AAC/B,CAAC;AAED,yFAAyF;AACzF,MAAM,UAAU,YAAY,CAAC,GAAG,KAAe;IAC7C,OAAO,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;AACnC,CAAC"}
1
+ {"version":3,"file":"hash.js","sourceRoot":"","sources":["../../src/crypto/hash.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAGjD,MAAM,GAAG,GAAG,IAAI,WAAW,EAAE,CAAC;AAE9B,MAAM,UAAU,WAAW,CAAC,IAAgB;IAC1C,OAAO,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AAClC,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,IAAY;IACpC,OAAO,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AACvC,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,IAAgB;IACzC,OAAO,UAAU,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;AAClD,CAAC;AAED,sFAAsF;AACtF,MAAM,UAAU,SAAS,CAAC,GAAG,KAA8B;IACzD,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvE,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACrD,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IACvC,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;QAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAAC,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;IAAC,CAAC;IAChE,OAAO,WAAW,CAAC,QAAQ,CAAC,CAAC;AAC/B,CAAC;AAED,yFAAyF;AACzF,MAAM,UAAU,YAAY,CAAC,GAAG,KAAe;IAC7C,OAAO,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;AACnC,CAAC"}
@@ -1,6 +1,7 @@
1
- export * from './types.js';
2
- export * from './hash.js';
3
- export * from './sign.js';
4
- export * from './salt.js';
5
- export * from './merkle.js';
1
+ export { sha256Bytes, sha256Str, blake2b256, sha256Cat, sha256HexCat } from './hash.js';
2
+ export { generateKeyPair, sign, signStr, verify, verifyStr, sigToB64, b64ToSig, pkToHex, hexToPk } from './sign.js';
3
+ export { generateSalt, saltedCommitment, verifySaltedCommitment } from './salt.js';
4
+ export { buildMerkleTree, inclusionProof, verifyProof } from './merkle.js';
5
+ export { canonicalize, deepSortKeys } from './canonicalize.js';
6
+ export { keyFingerprint, isKeyValid, rotateKeyPair } from './keys.js';
6
7
  //# sourceMappingURL=index.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/crypto/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAC;AAC3B,cAAc,WAAW,CAAC;AAC1B,cAAc,WAAW,CAAC;AAC1B,cAAc,WAAW,CAAC;AAC1B,cAAc,aAAa,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/crypto/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACxF,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpH,OAAO,EAAE,YAAY,EAAE,gBAAgB,EAAE,sBAAsB,EAAE,MAAM,WAAW,CAAC;AACnF,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC3E,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAC/D,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC"}
@@ -1,6 +1,7 @@
1
- export * from './types.js';
2
- export * from './hash.js';
3
- export * from './sign.js';
4
- export * from './salt.js';
5
- export * from './merkle.js';
1
+ export { sha256Bytes, sha256Str, blake2b256, sha256Cat, sha256HexCat } from './hash.js';
2
+ export { generateKeyPair, sign, signStr, verify, verifyStr, sigToB64, b64ToSig, pkToHex, hexToPk } from './sign.js';
3
+ export { generateSalt, saltedCommitment, verifySaltedCommitment } from './salt.js';
4
+ export { buildMerkleTree, inclusionProof, verifyProof } from './merkle.js';
5
+ export { canonicalize, deepSortKeys } from './canonicalize.js';
6
+ export { keyFingerprint, isKeyValid, rotateKeyPair } from './keys.js';
6
7
  //# sourceMappingURL=index.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/crypto/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAC;AAC3B,cAAc,WAAW,CAAC;AAC1B,cAAc,WAAW,CAAC;AAC1B,cAAc,WAAW,CAAC;AAC1B,cAAc,aAAa,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/crypto/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACxF,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpH,OAAO,EAAE,YAAY,EAAE,gBAAgB,EAAE,sBAAsB,EAAE,MAAM,WAAW,CAAC;AACnF,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC3E,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAC/D,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC"}
@@ -0,0 +1,10 @@
1
+ import { pkToHex, hexToPk } from './sign.js';
2
+ import type { KeyPair } from '../types.js';
3
+ /** SHA-256 fingerprint of a public key (first 16 hex chars). */
4
+ export declare function keyFingerprint(pk: Uint8Array): string;
5
+ /** Check if a hex-encoded public key is valid (64 hex chars for Ed25519). */
6
+ export declare function isKeyValid(hexKey: string): boolean;
7
+ /** Rotate a keypair - returns new keypair. Old keypair should be revoked. */
8
+ export declare function rotateKeyPair(): KeyPair;
9
+ export { pkToHex, hexToPk };
10
+ //# sourceMappingURL=keys.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"keys.d.ts","sourceRoot":"","sources":["../../src/crypto/keys.ts"],"names":[],"mappings":"AAIA,OAAO,EAAmB,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC9D,OAAO,KAAK,EAAE,OAAO,EAAW,MAAM,aAAa,CAAC;AAEpD,gEAAgE;AAChE,wBAAgB,cAAc,CAAC,EAAE,EAAE,UAAU,GAAG,MAAM,CAErD;AAED,6EAA6E;AAC7E,wBAAgB,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAElD;AAED,6EAA6E;AAC7E,wBAAgB,aAAa,IAAI,OAAO,CAEvC;AAED,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC"}
@@ -0,0 +1,19 @@
1
+ /**
2
+ * Key utilities: fingerprints, hex encoding, validation.
3
+ */
4
+ import { sha256Str } from './hash.js';
5
+ import { generateKeyPair, pkToHex, hexToPk } from './sign.js';
6
+ /** SHA-256 fingerprint of a public key (first 16 hex chars). */
7
+ export function keyFingerprint(pk) {
8
+ return sha256Str(pkToHex(pk)).slice(0, 16);
9
+ }
10
+ /** Check if a hex-encoded public key is valid (64 hex chars for Ed25519). */
11
+ export function isKeyValid(hexKey) {
12
+ return /^[0-9a-f]{64}$/.test(hexKey);
13
+ }
14
+ /** Rotate a keypair - returns new keypair. Old keypair should be revoked. */
15
+ export function rotateKeyPair() {
16
+ return generateKeyPair();
17
+ }
18
+ export { pkToHex, hexToPk };
19
+ //# sourceMappingURL=keys.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"keys.js","sourceRoot":"","sources":["../../src/crypto/keys.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAG9D,gEAAgE;AAChE,MAAM,UAAU,cAAc,CAAC,EAAc;IAC3C,OAAO,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AAC7C,CAAC;AAED,6EAA6E;AAC7E,MAAM,UAAU,UAAU,CAAC,MAAc;IACvC,OAAO,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AACvC,CAAC;AAED,6EAA6E;AAC7E,MAAM,UAAU,aAAa;IAC3B,OAAO,eAAe,EAAE,CAAC;AAC3B,CAAC;AAED,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC"}
package/dist/index.js CHANGED
@@ -5,7 +5,7 @@ async function main() {
5
5
  const server = await createAGAServer();
6
6
  const transport = new StdioServerTransport();
7
7
  await server.connect(transport);
8
- console.error('AGA MCP Server running on stdio');
8
+ console.error('AGA MCP Server v2.0.0 running on stdio');
9
9
  }
10
10
  main().catch(e => { console.error('Fatal:', e); process.exit(1); });
11
11
  //# sourceMappingURL=index.js.map
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAE9C,KAAK,UAAU,IAAI;IACjB,MAAM,MAAM,GAAG,MAAM,eAAe,EAAE,CAAC;IACvC,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,OAAO,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;AACnD,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAE9C,KAAK,UAAU,IAAI;IACjB,MAAM,MAAM,GAAG,MAAM,eAAe,EAAE,CAAC;IACvC,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,OAAO,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;AAC1D,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC"}
@@ -1,15 +1,9 @@
1
1
  /**
2
- * Governance Middleware wraps every MCP tool handler.
2
+ * Governance Middleware: wraps every MCP tool handler.
3
3
  *
4
4
  * NCCoE filing Section 4: "The portal operates as a Policy Enforcement Point (PEP)...
5
5
  * Every tool invocation, API call, actuator command, and data access passes through
6
6
  * the portal, which evaluates it against the sealed artifact's enforcement parameters."
7
- *
8
- * Behavior:
9
- * - TERMINATED state → reject all governed tools
10
- * - PHANTOM_QUARANTINE → capture tool call as forensic input, reject
11
- * - ACTIVE_MONITORING → allow, log to chain
12
- * - Ungoverned tools (get_server_info, get_portal_state, list_claims) → always allow
13
7
  */
14
8
  import type { Portal } from '../core/portal.js';
15
9
  import type { QuarantineState } from '../core/types.js';
@@ -1 +1 @@
1
- {"version":3,"file":"governance.d.ts","sourceRoot":"","sources":["../../src/middleware/governance.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AACH,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAExD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAI/D,MAAM,MAAM,UAAU,GAAG;IAAE,OAAO,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;CAAE,CAAC;AAC5E,MAAM,MAAM,WAAW,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,OAAO,CAAC,UAAU,CAAC,CAAC;AAapE,wBAAgB,uBAAuB,CACrC,MAAM,EAAE,MAAM,EACd,UAAU,EAAE;IAAE,OAAO,EAAE,eAAe,GAAG,IAAI,CAAA;CAAE,EAC/C,QAAQ,EAAE,MAAM,EAChB,iBAAiB,CAAC,EAAE,iBAAiB,IAIT,CAAC,EAAE,SAAS,WAAW,CAAC,CAAC,CAAC,KAAG,WAAW,CAAC,CAAC,CAAC,CAoDxE"}
1
+ {"version":3,"file":"governance.d.ts","sourceRoot":"","sources":["../../src/middleware/governance.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAExD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAI/D,MAAM,MAAM,UAAU,GAAG;IAAE,OAAO,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;CAAE,CAAC;AAC5E,MAAM,MAAM,WAAW,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,OAAO,CAAC,UAAU,CAAC,CAAC;AAYpE,wBAAgB,uBAAuB,CACrC,MAAM,EAAE,MAAM,EACd,UAAU,EAAE;IAAE,OAAO,EAAE,eAAe,GAAG,IAAI,CAAA;CAAE,EAC/C,QAAQ,EAAE,MAAM,EAChB,iBAAiB,CAAC,EAAE,iBAAiB,IAIT,CAAC,EAAE,SAAS,WAAW,CAAC,CAAC,CAAC,KAAG,WAAW,CAAC,CAAC,CAAC,CA8CxE"}
@@ -2,14 +2,13 @@ import { captureInput } from '../core/quarantine.js';
2
2
  import { sha256Str } from '../crypto/hash.js';
3
3
  import { canonicalize } from '../utils/canonical.js';
4
4
  const UNGOVERNED_TOOLS = new Set([
5
- 'get_server_info',
6
- 'get_portal_state',
7
- 'get_receipts',
8
- 'get_chain_events',
9
- 'list_claims',
10
- 'init_chain', // must work before attestation
11
- 'attest_subject', // creates the governance relationship
12
- 'verify_chain', // read-only verification
5
+ // V1 names (backward compat)
6
+ 'get_server_info', 'get_portal_state', 'get_receipts', 'get_chain_events',
7
+ 'list_claims', 'init_chain', 'attest_subject', 'verify_chain',
8
+ // V2 names
9
+ 'aga_server_info', 'aga_get_portal_state', 'aga_init_chain', 'aga_create_artifact',
10
+ 'aga_verify_artifact', 'aga_verify_bundle', 'aga_get_chain', 'aga_quarantine_status',
11
+ 'aga_set_verification_tier', 'aga_demonstrate_lifecycle', 'aga_measure_behavior',
13
12
  ]);
14
13
  export function createGovernanceWrapper(portal, quarantine, toolName, behavioralMonitor) {
15
14
  const isGoverned = !UNGOVERNED_TOOLS.has(toolName);
@@ -20,21 +19,17 @@ export function createGovernanceWrapper(portal, quarantine, toolName, behavioral
20
19
  const j = (x) => ({
21
20
  content: [{ type: 'text', text: JSON.stringify(x, null, 2) }]
22
21
  });
23
- // TERMINATED reject everything
24
- if (portal.state === 'TERMINATED') {
22
+ if (portal.state === 'TERMINATED' || portal.state === 'SAFE_STATE') {
25
23
  return j({
26
24
  success: false,
27
- error: 'GOVERNANCE_BLOCKED: Portal is terminated. Agent governance has been revoked. Re-attestation required.',
25
+ error: `GOVERNANCE_BLOCKED: Portal is ${portal.state.toLowerCase()}. Agent governance has been revoked. Re-attestation required.`,
28
26
  portal_state: portal.state,
29
27
  tool: toolName,
30
28
  });
31
29
  }
32
- // PHANTOM_QUARANTINE → capture as forensic input, reject
33
30
  if (portal.state === 'PHANTOM_QUARANTINE' && quarantine.current?.active) {
34
31
  captureInput(quarantine.current, `tool_call:${toolName}`, {
35
- tool: toolName,
36
- args,
37
- timestamp: new Date().toISOString(),
32
+ tool: toolName, args, timestamp: new Date().toISOString(),
38
33
  });
39
34
  return j({
40
35
  success: false,
@@ -44,16 +39,14 @@ export function createGovernanceWrapper(portal, quarantine, toolName, behavioral
44
39
  forensic_capture: true,
45
40
  });
46
41
  }
47
- // INITIALIZATION or ARTIFACT_VERIFICATION → not yet governed
48
42
  if (portal.state === 'INITIALIZATION' || portal.state === 'ARTIFACT_VERIFICATION') {
49
43
  return j({
50
44
  success: false,
51
- error: 'GOVERNANCE_NOT_READY: No active policy artifact. Call attest_subject first.',
45
+ error: 'GOVERNANCE_NOT_READY: No active policy artifact. Call aga_create_artifact first.',
52
46
  portal_state: portal.state,
53
47
  tool: toolName,
54
48
  });
55
49
  }
56
- // ACTIVE_MONITORING or DRIFT_DETECTED → record + allow through
57
50
  if (behavioralMonitor) {
58
51
  const argsHash = sha256Str(canonicalize(args));
59
52
  behavioralMonitor.recordInvocation(toolName, argsHash);
@@ -1 +1 @@
1
- {"version":3,"file":"governance.js","sourceRoot":"","sources":["../../src/middleware/governance.ts"],"names":[],"mappings":"AAeA,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAErD,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAKrD,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC;IAC/B,iBAAiB;IACjB,kBAAkB;IAClB,cAAc;IACd,kBAAkB;IAClB,aAAa;IACb,YAAY,EAAS,+BAA+B;IACpD,gBAAgB,EAAK,sCAAsC;IAC3D,cAAc,EAAO,yBAAyB;CAC/C,CAAC,CAAC;AAEH,MAAM,UAAU,uBAAuB,CACrC,MAAc,EACd,UAA+C,EAC/C,QAAgB,EAChB,iBAAqC;IAErC,MAAM,UAAU,GAAG,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAEnD,OAAO,SAAS,WAAW,CAAI,OAAuB;QACpD,IAAI,CAAC,UAAU;YAAE,OAAO,OAAO,CAAC;QAEhC,OAAO,KAAK,EAAE,IAAO,EAAuB,EAAE;YAC5C,MAAM,CAAC,GAAG,CAAC,CAAU,EAAc,EAAE,CAAC,CAAC;gBACrC,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;aAC9D,CAAC,CAAC;YAEH,iCAAiC;YACjC,IAAI,MAAM,CAAC,KAAK,KAAK,YAAY,EAAE,CAAC;gBAClC,OAAO,CAAC,CAAC;oBACP,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,uGAAuG;oBAC9G,YAAY,EAAE,MAAM,CAAC,KAAK;oBAC1B,IAAI,EAAE,QAAQ;iBACf,CAAC,CAAC;YACL,CAAC;YAED,yDAAyD;YACzD,IAAI,MAAM,CAAC,KAAK,KAAK,oBAAoB,IAAI,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,CAAC;gBACxE,YAAY,CAAC,UAAU,CAAC,OAAO,EAAE,aAAa,QAAQ,EAAE,EAAE;oBACxD,IAAI,EAAE,QAAQ;oBACd,IAAI;oBACJ,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;iBACpC,CAAC,CAAC;gBACH,OAAO,CAAC,CAAC;oBACP,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,mIAAmI;oBAC1I,YAAY,EAAE,MAAM,CAAC,KAAK;oBAC1B,IAAI,EAAE,QAAQ;oBACd,gBAAgB,EAAE,IAAI;iBACvB,CAAC,CAAC;YACL,CAAC;YAED,6DAA6D;YAC7D,IAAI,MAAM,CAAC,KAAK,KAAK,gBAAgB,IAAI,MAAM,CAAC,KAAK,KAAK,uBAAuB,EAAE,CAAC;gBAClF,OAAO,CAAC,CAAC;oBACP,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,6EAA6E;oBACpF,YAAY,EAAE,MAAM,CAAC,KAAK;oBAC1B,IAAI,EAAE,QAAQ;iBACf,CAAC,CAAC;YACL,CAAC;YAED,+DAA+D;YAC/D,IAAI,iBAAiB,EAAE,CAAC;gBACtB,MAAM,QAAQ,GAAG,SAAS,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;gBAC/C,iBAAiB,CAAC,gBAAgB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;YACzD,CAAC;YACD,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC;QACvB,CAAC,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC"}
1
+ {"version":3,"file":"governance.js","sourceRoot":"","sources":["../../src/middleware/governance.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAErD,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAKrD,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC;IAC/B,6BAA6B;IAC7B,iBAAiB,EAAE,kBAAkB,EAAE,cAAc,EAAE,kBAAkB;IACzE,aAAa,EAAE,YAAY,EAAE,gBAAgB,EAAE,cAAc;IAC7D,WAAW;IACX,iBAAiB,EAAE,sBAAsB,EAAE,gBAAgB,EAAE,qBAAqB;IAClF,qBAAqB,EAAE,mBAAmB,EAAE,eAAe,EAAE,uBAAuB;IACpF,2BAA2B,EAAE,2BAA2B,EAAE,sBAAsB;CACjF,CAAC,CAAC;AAEH,MAAM,UAAU,uBAAuB,CACrC,MAAc,EACd,UAA+C,EAC/C,QAAgB,EAChB,iBAAqC;IAErC,MAAM,UAAU,GAAG,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAEnD,OAAO,SAAS,WAAW,CAAI,OAAuB;QACpD,IAAI,CAAC,UAAU;YAAE,OAAO,OAAO,CAAC;QAEhC,OAAO,KAAK,EAAE,IAAO,EAAuB,EAAE;YAC5C,MAAM,CAAC,GAAG,CAAC,CAAU,EAAc,EAAE,CAAC,CAAC;gBACrC,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;aAC9D,CAAC,CAAC;YAEH,IAAI,MAAM,CAAC,KAAK,KAAK,YAAY,IAAI,MAAM,CAAC,KAAK,KAAK,YAAY,EAAE,CAAC;gBACnE,OAAO,CAAC,CAAC;oBACP,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,iCAAiC,MAAM,CAAC,KAAK,CAAC,WAAW,EAAE,+DAA+D;oBACjI,YAAY,EAAE,MAAM,CAAC,KAAK;oBAC1B,IAAI,EAAE,QAAQ;iBACf,CAAC,CAAC;YACL,CAAC;YAED,IAAI,MAAM,CAAC,KAAK,KAAK,oBAAoB,IAAI,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,CAAC;gBACxE,YAAY,CAAC,UAAU,CAAC,OAAO,EAAE,aAAa,QAAQ,EAAE,EAAE;oBACxD,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;iBAC1D,CAAC,CAAC;gBACH,OAAO,CAAC,CAAC;oBACP,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,mIAAmI;oBAC1I,YAAY,EAAE,MAAM,CAAC,KAAK;oBAC1B,IAAI,EAAE,QAAQ;oBACd,gBAAgB,EAAE,IAAI;iBACvB,CAAC,CAAC;YACL,CAAC;YAED,IAAI,MAAM,CAAC,KAAK,KAAK,gBAAgB,IAAI,MAAM,CAAC,KAAK,KAAK,uBAAuB,EAAE,CAAC;gBAClF,OAAO,CAAC,CAAC;oBACP,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,kFAAkF;oBACzF,YAAY,EAAE,MAAM,CAAC,KAAK;oBAC1B,IAAI,EAAE,QAAQ;iBACf,CAAC,CAAC;YACL,CAAC;YAED,IAAI,iBAAiB,EAAE,CAAC;gBACtB,MAAM,QAAQ,GAAG,SAAS,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;gBAC/C,iBAAiB,CAAC,gBAAgB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;YACzD,CAAC;YACD,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC;QACvB,CAAC,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC"}
@@ -0,0 +1,13 @@
1
+ export declare const DRIFT_ANALYSIS_PROMPT: {
2
+ name: string;
3
+ description: string;
4
+ arguments: {
5
+ name: string;
6
+ description: string;
7
+ required: boolean;
8
+ }[];
9
+ template: (args: {
10
+ drift_type?: string;
11
+ }) => string;
12
+ };
13
+ //# sourceMappingURL=drift-analysis.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"drift-analysis.d.ts","sourceRoot":"","sources":["../../src/prompts/drift-analysis.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,qBAAqB;;;;;;;;qBAMf;QAAE,UAAU,CAAC,EAAE,MAAM,CAAA;KAAE;CAmCzC,CAAC"}
@@ -0,0 +1,43 @@
1
+ export const DRIFT_ANALYSIS_PROMPT = {
2
+ name: 'drift-analysis',
3
+ description: 'Analyze drift events and recommend remediation',
4
+ arguments: [
5
+ { name: 'drift_type', description: 'Type of drift: binary, behavioral, or both', required: false },
6
+ ],
7
+ template: (args) => `# Drift Event Analysis
8
+
9
+ Analyze drift events in the current AGA session for type: ${args.drift_type ?? 'both'}
10
+
11
+ ## Investigation Steps
12
+
13
+ 1. Call \`aga_get_chain\` to retrieve all chain events
14
+ 2. Filter for INTERACTION_RECEIPT events where drift_detected=true
15
+ 3. Filter for BEHAVIORAL_DRIFT events
16
+ 4. Call \`aga_measure_behavior\` for current behavioral state
17
+ 5. Call \`aga_get_portal_state\` for enforcement status
18
+
19
+ ## Analysis Framework
20
+
21
+ For each drift event, determine:
22
+ - **Root Cause:** Binary modification, prompt injection, configuration change, behavioral anomaly
23
+ - **Severity:** Based on enforcement action taken (TERMINATE > QUARANTINE > ALERT_ONLY)
24
+ - **Timeline:** When drift was first detected, how many measurements before detection
25
+ - **Impact:** Which measurements were affected, what enforcement was applied
26
+
27
+ ## Remediation Recommendations
28
+
29
+ Based on the drift analysis:
30
+ - If binary drift → Recommend re-attestation with updated subject
31
+ - If behavioral drift → Recommend baseline adjustment or investigation
32
+ - If both → Recommend full security review and incident response
33
+
34
+ ## Output Format
35
+
36
+ Produce a structured drift analysis report with:
37
+ 1. Drift event timeline
38
+ 2. Root cause assessment
39
+ 3. Severity classification
40
+ 4. Remediation steps
41
+ 5. Prevention recommendations`,
42
+ };
43
+ //# sourceMappingURL=drift-analysis.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"drift-analysis.js","sourceRoot":"","sources":["../../src/prompts/drift-analysis.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,qBAAqB,GAAG;IACnC,IAAI,EAAE,gBAAgB;IACtB,WAAW,EAAE,gDAAgD;IAC7D,SAAS,EAAE;QACT,EAAE,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,4CAA4C,EAAE,QAAQ,EAAE,KAAK,EAAE;KACnG;IACD,QAAQ,EAAE,CAAC,IAA6B,EAAE,EAAE,CAAC;;4DAEa,IAAI,CAAC,UAAU,IAAI,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;8BAgCvD;CAC7B,CAAC"}
@@ -0,0 +1,7 @@
1
+ export declare const GOVERNANCE_REPORT_PROMPT: {
2
+ name: string;
3
+ description: string;
4
+ arguments: never[];
5
+ template: () => string;
6
+ };
7
+ //# sourceMappingURL=governance-report.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"governance-report.d.ts","sourceRoot":"","sources":["../../src/prompts/governance-report.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,wBAAwB;;;;;CAwBpC,CAAC"}
@@ -0,0 +1,26 @@
1
+ export const GOVERNANCE_REPORT_PROMPT = {
2
+ name: 'governance-report',
3
+ description: 'Generate a session governance summary report',
4
+ arguments: [],
5
+ template: () => `# Session Governance Summary Report
6
+
7
+ Generate a comprehensive governance report for the current AGA session:
8
+
9
+ 1. Call \`aga_server_info\` for server identity and key information
10
+ 2. Call \`aga_get_portal_state\` for current enforcement status
11
+ 3. Call \`aga_get_chain\` with verify=true for chain integrity
12
+ 4. Call \`aga_measure_behavior\` for behavioral analysis
13
+ 5. Call \`aga_quarantine_status\` for quarantine state
14
+
15
+ Then produce a report with:
16
+ - **Session Identity:** Server keys, verification tier, uptime
17
+ - **Governance State:** Portal state, artifact status, TTL remaining
18
+ - **Chain Integrity:** Event count, verification status, any breaks
19
+ - **Behavioral Analysis:** Violations detected, behavioral hash
20
+ - **Quarantine Status:** Active/inactive, forensic captures
21
+ - **Measurement Summary:** Total measurements, drift events
22
+ - **Compliance Status:** NIST/NCCoE alignment assessment
23
+
24
+ Format as a structured markdown report suitable for audit documentation.`,
25
+ };
26
+ //# sourceMappingURL=governance-report.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"governance-report.js","sourceRoot":"","sources":["../../src/prompts/governance-report.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACtC,IAAI,EAAE,mBAAmB;IACzB,WAAW,EAAE,8CAA8C;IAC3D,SAAS,EAAE,EAAE;IACb,QAAQ,EAAE,GAAG,EAAE,CAAC;;;;;;;;;;;;;;;;;;;yEAmBuD;CACxE,CAAC"}
@@ -0,0 +1,14 @@
1
+ export declare const NCCOE_DEMO_PROMPT: {
2
+ name: string;
3
+ description: string;
4
+ arguments: {
5
+ name: string;
6
+ description: string;
7
+ required: boolean;
8
+ }[];
9
+ template: (args: {
10
+ agent_code?: string;
11
+ include_behavioral?: string;
12
+ }) => string;
13
+ };
14
+ //# sourceMappingURL=nccoe-demo.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"nccoe-demo.d.ts","sourceRoot":"","sources":["../../src/prompts/nccoe-demo.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,iBAAiB;;;;;;;;qBAOX;QAAE,UAAU,CAAC,EAAE,MAAM,CAAC;QAAC,kBAAkB,CAAC,EAAE,MAAM,CAAA;KAAE;CAsCtE,CAAC"}
@@ -0,0 +1,47 @@
1
+ export const NCCOE_DEMO_PROMPT = {
2
+ name: 'nccoe-demo',
3
+ description: 'NCCoE AI Agent Identity and Authorization - Full 4-phase demo with behavioral drift detection',
4
+ arguments: [
5
+ { name: 'agent_code', description: 'The agent source code to attest', required: false },
6
+ { name: 'include_behavioral', description: 'Include behavioral drift detection phase', required: false },
7
+ ],
8
+ template: (args) => `# NCCoE Lab Demo - AGA Protocol Full Lifecycle
9
+
10
+ Execute the following phases using the AGA MCP Server tools:
11
+
12
+ ## Phase 1: Attestation and Identity Binding
13
+ 1. Call \`aga_init_chain\` to initialize the continuity chain
14
+ 2. Call \`aga_create_artifact\` with subject content: "${args.agent_code ?? 'def monitor(): return sensors.read_all()'}"
15
+ - Include metadata: filename="scada_agent.py", version="2.1.0", author="engineering"
16
+ ${args.include_behavioral === 'true' ? ` - Include behavioral_baseline: permitted_tools=["aga_measure_subject","aga_get_portal_state"], rate_limits={"aga_measure_subject":10}, forbidden_sequences=[["read_secret","send_email"]], window_ms=60000` : ''}
17
+ 3. Verify the portal state is ACTIVE_MONITORING
18
+
19
+ ## Phase 2: Authorized Operation
20
+ 4. Call \`aga_measure_subject\` with the SAME content - expect match=true
21
+ 5. Call \`aga_measure_subject\` again - expect match=true, receipt generated
22
+ 6. Verify both receipts show drift_detected=false
23
+
24
+ ## Phase 3: Simulated Prompt Injection
25
+ 7. Call \`aga_measure_subject\` with MODIFIED content: "def monitor(): return attacker.exfiltrate(sensors.read_all())"
26
+ - Expect match=false, drift_detected=true
27
+ - Expect enforcement_action=QUARANTINE
28
+ 8. Check portal state - should be PHANTOM_QUARANTINE
29
+ 9. Call \`aga_quarantine_status\` to see forensic capture state
30
+
31
+ ## Phase 3b: Mid-Session Revocation
32
+ 10. Call \`aga_revoke_artifact\` with the sealed hash and reason "Compromise detected"
33
+ 11. Verify portal state is TERMINATED
34
+
35
+ ${args.include_behavioral === 'true' ? `## Phase 3c: Behavioral Drift Detection
36
+ 12. Call \`aga_measure_behavior\` to check for tool pattern violations
37
+ 13. Review violations (unauthorized tools, rate limits, forbidden sequences)
38
+ ` : ''}
39
+
40
+ ## Phase 4: Offline Audit
41
+ ${args.include_behavioral === 'true' ? '14' : '12'}. Call \`aga_get_chain\` with verify=true to verify chain integrity
42
+ ${args.include_behavioral === 'true' ? '15' : '13'}. Call \`aga_export_bundle\` to generate evidence bundle (need checkpoint first)
43
+ ${args.include_behavioral === 'true' ? '16' : '14'}. Call \`aga_verify_bundle\` with the bundle and issuer public key
44
+
45
+ All operations should produce signed receipts and chain events.`,
46
+ };
47
+ //# sourceMappingURL=nccoe-demo.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"nccoe-demo.js","sourceRoot":"","sources":["../../src/prompts/nccoe-demo.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,iBAAiB,GAAG;IAC/B,IAAI,EAAE,YAAY;IAClB,WAAW,EAAE,+FAA+F;IAC5G,SAAS,EAAE;QACT,EAAE,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,iCAAiC,EAAE,QAAQ,EAAE,KAAK,EAAE;QACvF,EAAE,IAAI,EAAE,oBAAoB,EAAE,WAAW,EAAE,0CAA0C,EAAE,QAAQ,EAAE,KAAK,EAAE;KACzG;IACD,QAAQ,EAAE,CAAC,IAA0D,EAAE,EAAE,CAAC;;;;;;yDAMnB,IAAI,CAAC,UAAU,IAAI,0CAA0C;;EAEpH,IAAI,CAAC,kBAAkB,KAAK,MAAM,CAAC,CAAC,CAAC,+MAA+M,CAAC,CAAC,CAAC,EAAE;;;;;;;;;;;;;;;;;;;EAmBzP,IAAI,CAAC,kBAAkB,KAAK,MAAM,CAAC,CAAC,CAAC;;;CAGtC,CAAC,CAAC,CAAC,EAAE;;;EAGJ,IAAI,CAAC,kBAAkB,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI;EAChD,IAAI,CAAC,kBAAkB,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI;EAChD,IAAI,CAAC,kBAAkB,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI;;gEAEc;CAC/D,CAAC"}
@@ -0,0 +1,24 @@
1
+ export declare const COSAI_MCP_SECURITY_MAPPING: {
2
+ title: string;
3
+ source: string;
4
+ whitepaper: string;
5
+ published: string;
6
+ url: string;
7
+ categories: {
8
+ id: string;
9
+ name: string;
10
+ domain: string;
11
+ cosai_description: string;
12
+ aga_tools: string[];
13
+ aga_mechanism: string;
14
+ nist_ref: string;
15
+ }[];
16
+ };
17
+ export declare const COSAI_COVERAGE_SUMMARY: {
18
+ total_threat_categories: number;
19
+ categories_with_aga_coverage: number;
20
+ total_tools_referenced: number;
21
+ unique_cosai_categories_covered: number;
22
+ nist_submission_sections_referenced: number;
23
+ };
24
+ //# sourceMappingURL=cosai-mapping.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"cosai-mapping.d.ts","sourceRoot":"","sources":["../../src/resources/cosai-mapping.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;CAsHtC,CAAC;AAGF,eAAO,MAAM,sBAAsB;;;;;;CAMlC,CAAC"}
@@ -0,0 +1,127 @@
1
+ // src/resources/cosai-mapping.ts
2
+ export const COSAI_MCP_SECURITY_MAPPING = {
3
+ title: 'AGA Coverage of CoSAI MCP Security Threat Taxonomy',
4
+ source: 'Coalition for Secure AI (CoSAI), OASIS Open Project',
5
+ whitepaper: 'Securing the AI Agent Revolution: A Practical Guide to Model Context Protocol Security',
6
+ published: 'January 20, 2026',
7
+ url: 'https://github.com/cosai-oasis/ws4-secure-design-agentic-systems/blob/main/model-context-protocol-security.md',
8
+ categories: [
9
+ {
10
+ id: 'T1',
11
+ name: 'Improper Authentication',
12
+ domain: 'Foundational Identity & Access',
13
+ cosai_description: 'Weak identity verification and credential management across agent chains',
14
+ aga_tools: ['aga_create_artifact', 'aga_verify_artifact', 'aga_rotate_keys'],
15
+ aga_mechanism: 'Ed25519 artifact signatures verified against pinned issuer public key. Portal rejects artifacts with invalid signatures. Key rotation recorded as chain events with both old and new keys for transition period. TTL-based re-attestation enforces continuous authentication.',
16
+ nist_ref: 'NCCoE Section 3: Authentication',
17
+ },
18
+ {
19
+ id: 'T2',
20
+ name: 'Missing Access Control',
21
+ domain: 'Foundational Identity & Access',
22
+ cosai_description: 'Insufficient authorization checks and privilege separation',
23
+ aga_tools: ['aga_start_monitoring', 'aga_trigger_measurement', 'aga_delegate_to_subagent'],
24
+ aga_mechanism: 'Portal enforces sealed policy constraints as a mandatory interception layer. Agent holds no credentials and cannot bypass the portal. Delegation enforces scope diminishment: child scope must be a strict subset of parent. TTL inheritance prevents privilege extension through delegation.',
25
+ nist_ref: 'NCCoE Section 4: Authorization, CAISI Section 4a',
26
+ },
27
+ {
28
+ id: 'T3',
29
+ name: 'Input Validation Failures',
30
+ domain: 'Input Handling',
31
+ cosai_description: 'Traditional injection flaws amplified by AI mediation',
32
+ aga_tools: ['aga_trigger_measurement', 'aga_measure_behavior'],
33
+ aga_mechanism: 'Portal validates every operation against sealed artifact parameters before authorizing execution. Behavioral drift detection monitors tool invocation patterns against a sealed baseline, catching injection-driven anomalies independent of binary integrity.',
34
+ nist_ref: 'CAISI Section 1a: Semantic Drift Without Binary Modification',
35
+ },
36
+ {
37
+ id: 'T4',
38
+ name: 'Data/Control Boundary Failures',
39
+ domain: 'Input Handling',
40
+ cosai_description: 'Prompt injection and tool poisoning exploiting the LLM as intermediary',
41
+ aga_tools: ['aga_measure_behavior', 'aga_quarantine_status'],
42
+ aga_mechanism: 'Behavioral baseline sealed in artifact defines permitted tools, forbidden sequences, and rate limits. Prompt injection that causes unauthorized tool invocations or forbidden sequences triggers enforcement. Phantom execution quarantines the compromised agent while capturing the full attack sequence as signed forensic evidence.',
43
+ nist_ref: 'NCCoE Section 6: Prompt Injection Prevention and Mitigation',
44
+ },
45
+ {
46
+ id: 'T5',
47
+ name: 'Inadequate Data Protection',
48
+ domain: 'Data & Code Protection',
49
+ cosai_description: 'Insufficient encryption and secrets management',
50
+ aga_tools: ['aga_create_artifact', 'aga_disclose_claim'],
51
+ aga_mechanism: 'Attestation evidence stored as salted commitments: Hash(Content || Salt). Original content never stored in the artifact. Privacy-preserving disclosure with automatic substitution prevents sensitive data exposure. Inference risk checking blocks combinations of disclosures that would reveal denied claims.',
52
+ nist_ref: 'CAISI Section 5a: Privacy-Preserving Governance Disclosure',
53
+ },
54
+ {
55
+ id: 'T6',
56
+ name: 'Missing Integrity Controls',
57
+ domain: 'Data & Code Protection',
58
+ cosai_description: 'Lack of verification for MCP servers and tool definitions',
59
+ aga_tools: ['aga_create_artifact', 'aga_trigger_measurement', 'aga_verify_artifact'],
60
+ aga_mechanism: 'Sealed hash computed over subject bytes, metadata, policy reference, and salt. Portal computes runtime hash on every request and compares to sealed reference. Any modification to any component (server binary, tool definitions, configuration) produces a hash mismatch and triggers enforcement. 10 measurement embodiments cover executable images, loaded modules, container images, configuration manifests, SBOMs, and more.',
61
+ nist_ref: 'CAISI Section 2a: Sealed Policy Artifacts',
62
+ },
63
+ {
64
+ id: 'T7',
65
+ name: 'Session/Transport Security',
66
+ domain: 'Network & Transport',
67
+ cosai_description: 'Insecure protocols and session management',
68
+ aga_tools: ['aga_create_artifact', 'aga_revoke_artifact'],
69
+ aga_mechanism: 'Artifact TTL enforces session expiration. Expired artifacts require re-attestation (fail-closed). Mid-session revocation immediately terminates agent authority. All artifacts and receipts cryptographically signed with Ed25519, preventing session hijacking or replay.',
70
+ nist_ref: 'NCCoE Section 3: TTL-Based Re-Attestation',
71
+ },
72
+ {
73
+ id: 'T8',
74
+ name: 'Network Isolation Failures',
75
+ domain: 'Network & Transport',
76
+ cosai_description: 'Improper network binding and segmentation',
77
+ aga_tools: ['aga_start_monitoring', 'aga_trigger_measurement'],
78
+ aga_mechanism: 'Two-process architecture: portal and agent are separate OS processes. Agent has no direct network access, no credentials, no keys. Portal is the only path to external resources. NETWORK_ISOLATE enforcement action severs network connections while allowing continued local execution for forensic capture.',
79
+ nist_ref: 'CAISI Section 2a: The Portal as Mandatory Runtime Enforcement Boundary',
80
+ },
81
+ {
82
+ id: 'T9',
83
+ name: 'Trust Boundary Failures',
84
+ domain: 'Trust & Design',
85
+ cosai_description: 'Overreliance on LLM judgment for security decisions',
86
+ aga_tools: ['aga_create_artifact', 'aga_trigger_measurement', 'aga_measure_behavior'],
87
+ aga_mechanism: 'Security decisions are pre-committed in the sealed artifact by human authorities before deployment, not delegated to the LLM at runtime. The portal enforces constraints mechanically through hash comparison and behavioral pattern matching. The LLM cannot override, modify, or bypass the sealed enforcement parameters.',
88
+ nist_ref: 'CAISI Section 4a: Fail-Closed Semantics',
89
+ },
90
+ {
91
+ id: 'T10',
92
+ name: 'Resource Management',
93
+ domain: 'Trust & Design',
94
+ cosai_description: 'Absence of rate limiting and quota controls',
95
+ aga_tools: ['aga_measure_behavior', 'aga_create_artifact'],
96
+ aga_mechanism: 'Behavioral baseline includes per-tool rate limits sealed in the artifact. Portal tracks invocation rates within a configurable time window. Rate limit violations trigger enforcement. Measurement cadence is configurable from 10ms (SCADA) to 3,600,000ms, preventing resource exhaustion from excessive measurement overhead.',
97
+ nist_ref: 'CAISI Section 2a: Configurable Measurement Cadences',
98
+ },
99
+ {
100
+ id: 'T11',
101
+ name: 'Supply Chain Failures',
102
+ domain: 'Operational Security',
103
+ cosai_description: 'Insecure MCP server lifecycle and distribution',
104
+ aga_tools: ['aga_create_artifact', 'aga_verify_artifact', 'aga_trigger_measurement'],
105
+ aga_mechanism: 'Content-addressable hash binding at attestation time. Every component (server binary, skill files, dependencies, configuration) is hashed and sealed into the artifact. Runtime measurement detects any modification to any component. Artifact signature binds all fields cryptographically. Modified or substituted components produce hash mismatches and are blocked before execution.',
106
+ nist_ref: 'CAISI Section 1a: Supply Chain Injection',
107
+ },
108
+ {
109
+ id: 'T12',
110
+ name: 'Insufficient Observability',
111
+ domain: 'Operational Security',
112
+ cosai_description: 'Lack of logging, monitoring, and audit trails',
113
+ aga_tools: ['aga_generate_receipt', 'aga_get_chain', 'aga_export_bundle', 'aga_verify_bundle'],
114
+ aga_mechanism: 'Signed receipt generated for every measurement (match or mismatch). Receipts appended to tamper-evident continuity chain linked by structural metadata hashes. Payload excluded from leaf hash computation, enabling third-party verification without payload disclosure. Merkle checkpoint anchoring prevents history rewriting. Evidence bundles enable portable offline verification through a 4-step process: artifact signature, receipt signatures, Merkle proofs, and anchor validation.',
115
+ nist_ref: 'CAISI Section 2a: Tamper-Evident Accountability',
116
+ },
117
+ ],
118
+ };
119
+ // Summary statistics
120
+ export const COSAI_COVERAGE_SUMMARY = {
121
+ total_threat_categories: 12,
122
+ categories_with_aga_coverage: 12,
123
+ total_tools_referenced: 20, // all 20 tools participate in at least one category
124
+ unique_cosai_categories_covered: 12,
125
+ nist_submission_sections_referenced: 10,
126
+ };
127
+ //# sourceMappingURL=cosai-mapping.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"cosai-mapping.js","sourceRoot":"","sources":["../../src/resources/cosai-mapping.ts"],"names":[],"mappings":"AAAA,iCAAiC;AAEjC,MAAM,CAAC,MAAM,0BAA0B,GAAG;IACxC,KAAK,EAAE,oDAAoD;IAC3D,MAAM,EAAE,qDAAqD;IAC7D,UAAU,EAAE,wFAAwF;IACpG,SAAS,EAAE,kBAAkB;IAC7B,GAAG,EAAE,+GAA+G;IAEpH,UAAU,EAAE;QACV;YACE,EAAE,EAAE,IAAI;YACR,IAAI,EAAE,yBAAyB;YAC/B,MAAM,EAAE,gCAAgC;YACxC,iBAAiB,EAAE,0EAA0E;YAC7F,SAAS,EAAE,CAAC,qBAAqB,EAAE,qBAAqB,EAAE,iBAAiB,CAAC;YAC5E,aAAa,EAAE,+QAA+Q;YAE9R,QAAQ,EAAE,iCAAiC;SAC5C;QACD;YACE,EAAE,EAAE,IAAI;YACR,IAAI,EAAE,wBAAwB;YAC9B,MAAM,EAAE,gCAAgC;YACxC,iBAAiB,EAAE,4DAA4D;YAC/E,SAAS,EAAE,CAAC,sBAAsB,EAAE,yBAAyB,EAAE,0BAA0B,CAAC;YAC1F,aAAa,EAAE,+RAA+R;YAC9S,QAAQ,EAAE,kDAAkD;SAC7D;QACD;YACE,EAAE,EAAE,IAAI;YACR,IAAI,EAAE,2BAA2B;YACjC,MAAM,EAAE,gBAAgB;YACxB,iBAAiB,EAAE,uDAAuD;YAC1E,SAAS,EAAE,CAAC,yBAAyB,EAAE,sBAAsB,CAAC;YAC9D,aAAa,EAAE,gQAAgQ;YAC/Q,QAAQ,EAAE,8DAA8D;SACzE;QACD;YACE,EAAE,EAAE,IAAI;YACR,IAAI,EAAE,gCAAgC;YACtC,MAAM,EAAE,gBAAgB;YACxB,iBAAiB,EAAE,wEAAwE;YAC3F,SAAS,EAAE,CAAC,sBAAsB,EAAE,uBAAuB,CAAC;YAC5D,aAAa,EAAE,yUAAyU;YACxV,QAAQ,EAAE,6DAA6D;SACxE;QACD;YACE,EAAE,EAAE,IAAI;YACR,IAAI,EAAE,4BAA4B;YAClC,MAAM,EAAE,wBAAwB;YAChC,iBAAiB,EAAE,gDAAgD;YACnE,SAAS,EAAE,CAAC,qBAAqB,EAAE,oBAAoB,CAAC;YACxD,aAAa,EAAE,kTAAkT;YACjU,QAAQ,EAAE,4DAA4D;SACvE;QACD;YACE,EAAE,EAAE,IAAI;YACR,IAAI,EAAE,4BAA4B;YAClC,MAAM,EAAE,wBAAwB;YAChC,iBAAiB,EAAE,2DAA2D;YAC9E,SAAS,EAAE,CAAC,qBAAqB,EAAE,yBAAyB,EAAE,qBAAqB,CAAC;YACpF,aAAa,EAAE,saAAsa;YACrb,QAAQ,EAAE,2CAA2C;SACtD;QACD;YACE,EAAE,EAAE,IAAI;YACR,IAAI,EAAE,4BAA4B;YAClC,MAAM,EAAE,qBAAqB;YAC7B,iBAAiB,EAAE,2CAA2C;YAC9D,SAAS,EAAE,CAAC,qBAAqB,EAAE,qBAAqB,CAAC;YACzD,aAAa,EAAE,4QAA4Q;YAC3R,QAAQ,EAAE,2CAA2C;SACtD;QACD;YACE,EAAE,EAAE,IAAI;YACR,IAAI,EAAE,4BAA4B;YAClC,MAAM,EAAE,qBAAqB;YAC7B,iBAAiB,EAAE,2CAA2C;YAC9D,SAAS,EAAE,CAAC,sBAAsB,EAAE,yBAAyB,CAAC;YAC9D,aAAa,EAAE,gTAAgT;YAC/T,QAAQ,EAAE,wEAAwE;SACnF;QACD;YACE,EAAE,EAAE,IAAI;YACR,IAAI,EAAE,yBAAyB;YAC/B,MAAM,EAAE,gBAAgB;YACxB,iBAAiB,EAAE,qDAAqD;YACxE,SAAS,EAAE,CAAC,qBAAqB,EAAE,yBAAyB,EAAE,sBAAsB,CAAC;YACrF,aAAa,EAAE,8TAA8T;YAC7U,QAAQ,EAAE,yCAAyC;SACpD;QACD;YACE,EAAE,EAAE,KAAK;YACT,IAAI,EAAE,qBAAqB;YAC3B,MAAM,EAAE,gBAAgB;YACxB,iBAAiB,EAAE,6CAA6C;YAChE,SAAS,EAAE,CAAC,sBAAsB,EAAE,qBAAqB,CAAC;YAC1D,aAAa,EAAE,kUAAkU;YACjV,QAAQ,EAAE,qDAAqD;SAChE;QACD;YACE,EAAE,EAAE,KAAK;YACT,IAAI,EAAE,uBAAuB;YAC7B,MAAM,EAAE,sBAAsB;YAC9B,iBAAiB,EAAE,gDAAgD;YACnE,SAAS,EAAE,CAAC,qBAAqB,EAAE,qBAAqB,EAAE,yBAAyB,CAAC;YACpF,aAAa,EAAE,4XAA4X;YAC3Y,QAAQ,EAAE,0CAA0C;SACrD;QACD;YACE,EAAE,EAAE,KAAK;YACT,IAAI,EAAE,4BAA4B;YAClC,MAAM,EAAE,sBAAsB;YAC9B,iBAAiB,EAAE,+CAA+C;YAClE,SAAS,EAAE,CAAC,sBAAsB,EAAE,eAAe,EAAE,mBAAmB,EAAE,mBAAmB,CAAC;YAC9F,aAAa,EAAE,ieAAie;YAChf,QAAQ,EAAE,iDAAiD;SAC5D;KACF;CACF,CAAC;AAEF,qBAAqB;AACrB,MAAM,CAAC,MAAM,sBAAsB,GAAG;IACpC,uBAAuB,EAAE,EAAE;IAC3B,4BAA4B,EAAE,EAAE;IAChC,sBAAsB,EAAE,EAAE,EAAG,oDAAoD;IACjF,+BAA+B,EAAE,EAAE;IACnC,mCAAmC,EAAE,EAAE;CACxC,CAAC"}
@@ -0,0 +1,3 @@
1
+ export declare const CRYPTO_PRIMITIVES_DOC = "# AGA Cryptographic Primitives\n\n## Ed25519 Digital Signatures\n- Library: @noble/ed25519 v2.1.0\n- Key size: 256-bit (32 bytes)\n- Signature size: 512-bit (64 bytes)\n- Used for: Artifact signing, receipt signing, chain event signing\n\n## SHA-256 Hashing\n- Library: @noble/hashes v1.7.0\n- Output: 256-bit (64 hex characters)\n- Used for: Sealed hash, leaf hash, payload hash, subject identity\n\n## Sealed Hash Construction\n```\nsealed_hash = SHA-256(bytes_hash || metadata_hash || policy_reference || seal_salt)\n```\n- No delimiters between fields (raw hex concatenation)\n- No delimiters per protocol spec\n\n## Leaf Hash Construction\n```\nleaf_hash = SHA-256(\n schema_version || \"||\" || protocol_version || \"||\" ||\n event_type || \"||\" || event_id || \"||\" ||\n sequence_number || \"||\" || timestamp || \"||\" ||\n previous_leaf_hash\n)\n```\n- **Payload EXCLUDED** - privacy innovation\n- Chain integrity verifiable without revealing event contents\n\n## Salted Commitments\n```\ncommitment = SHA-256(content_bytes || salt_bytes)\n```\n- Salt: 128-bit (16 bytes, 32 hex chars) CSPRNG\n- Enables selective disclosure\n\n## Merkle Trees\n- Binary tree over leaf hashes\n- Internal nodes: SHA-256(left || right)\n- Odd leaf count: last leaf duplicated\n- Inclusion proofs: array of {hash, direction} pairs\n\n## Canonical Serialization\n- RFC 8785 aligned\n- Sorted keys, no whitespace\n- Used before signing any object\n";
2
+ export declare const CRYPTO_PRIMITIVES_URI = "aga://crypto-primitives";
3
+ //# sourceMappingURL=crypto-primitives.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"crypto-primitives.d.ts","sourceRoot":"","sources":["../../src/resources/crypto-primitives.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,qBAAqB,w6CAiDjC,CAAC;AAEF,eAAO,MAAM,qBAAqB,4BAA4B,CAAC"}