@attested-intelligence/aga-mcp-server 0.1.1 → 2.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +106 -24
- package/dist/context.d.ts +39 -0
- package/dist/context.d.ts.map +1 -0
- package/dist/context.js +113 -0
- package/dist/context.js.map +1 -0
- package/dist/core/identity.d.ts +14 -0
- package/dist/core/identity.d.ts.map +1 -0
- package/dist/core/identity.js +16 -0
- package/dist/core/identity.js.map +1 -0
- package/dist/core/index.d.ts +3 -0
- package/dist/core/index.d.ts.map +1 -1
- package/dist/core/index.js +3 -0
- package/dist/core/index.js.map +1 -1
- package/dist/core/measurement.d.ts +16 -0
- package/dist/core/measurement.d.ts.map +1 -0
- package/dist/core/measurement.js +18 -0
- package/dist/core/measurement.js.map +1 -0
- package/dist/core/portal.d.ts +1 -1
- package/dist/core/portal.d.ts.map +1 -1
- package/dist/core/portal.js +10 -5
- package/dist/core/portal.js.map +1 -1
- package/dist/core/types.d.ts +2 -3
- package/dist/core/types.d.ts.map +1 -1
- package/dist/crypto/canonicalize.d.ts +7 -0
- package/dist/crypto/canonicalize.d.ts.map +1 -0
- package/dist/crypto/canonicalize.js +21 -0
- package/dist/crypto/canonicalize.js.map +1 -0
- package/dist/crypto/hash.d.ts +1 -1
- package/dist/crypto/hash.d.ts.map +1 -1
- package/dist/crypto/hash.js +1 -1
- package/dist/crypto/hash.js.map +1 -1
- package/dist/crypto/index.d.ts +6 -5
- package/dist/crypto/index.d.ts.map +1 -1
- package/dist/crypto/index.js +6 -5
- package/dist/crypto/index.js.map +1 -1
- package/dist/crypto/keys.d.ts +10 -0
- package/dist/crypto/keys.d.ts.map +1 -0
- package/dist/crypto/keys.js +19 -0
- package/dist/crypto/keys.js.map +1 -0
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/dist/middleware/governance.d.ts +1 -7
- package/dist/middleware/governance.d.ts.map +1 -1
- package/dist/middleware/governance.js +11 -18
- package/dist/middleware/governance.js.map +1 -1
- package/dist/prompts/drift-analysis.d.ts +13 -0
- package/dist/prompts/drift-analysis.d.ts.map +1 -0
- package/dist/prompts/drift-analysis.js +43 -0
- package/dist/prompts/drift-analysis.js.map +1 -0
- package/dist/prompts/governance-report.d.ts +7 -0
- package/dist/prompts/governance-report.d.ts.map +1 -0
- package/dist/prompts/governance-report.js +26 -0
- package/dist/prompts/governance-report.js.map +1 -0
- package/dist/prompts/nccoe-demo.d.ts +14 -0
- package/dist/prompts/nccoe-demo.d.ts.map +1 -0
- package/dist/prompts/nccoe-demo.js +47 -0
- package/dist/prompts/nccoe-demo.js.map +1 -0
- package/dist/resources/cosai-mapping.d.ts +24 -0
- package/dist/resources/cosai-mapping.d.ts.map +1 -0
- package/dist/resources/cosai-mapping.js +127 -0
- package/dist/resources/cosai-mapping.js.map +1 -0
- package/dist/resources/crypto-primitives.d.ts +3 -0
- package/dist/resources/crypto-primitives.d.ts.map +1 -0
- package/dist/resources/crypto-primitives.js +52 -0
- package/dist/resources/crypto-primitives.js.map +1 -0
- package/dist/resources/sample-bundle.d.ts +6 -0
- package/dist/resources/sample-bundle.d.ts.map +1 -0
- package/dist/resources/sample-bundle.js +58 -0
- package/dist/resources/sample-bundle.js.map +1 -0
- package/dist/resources/specification.d.ts +3 -0
- package/dist/resources/specification.d.ts.map +1 -0
- package/dist/resources/specification.js +161 -0
- package/dist/resources/specification.js.map +1 -0
- package/dist/server.d.ts +3 -7
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +214 -343
- package/dist/server.js.map +1 -1
- package/dist/storage/sqlite.js +1 -1
- package/dist/tools/create-artifact.d.ts +25 -0
- package/dist/tools/create-artifact.d.ts.map +1 -0
- package/dist/tools/create-artifact.js +85 -0
- package/dist/tools/create-artifact.js.map +1 -0
- package/dist/tools/delegate-subagent.d.ts +18 -0
- package/dist/tools/delegate-subagent.d.ts.map +1 -0
- package/dist/tools/delegate-subagent.js +50 -0
- package/dist/tools/delegate-subagent.js.map +1 -0
- package/dist/tools/disclose-claim.d.ts +14 -0
- package/dist/tools/disclose-claim.d.ts.map +1 -0
- package/dist/tools/disclose-claim.js +23 -0
- package/dist/tools/disclose-claim.js.map +1 -0
- package/dist/tools/export-bundle.d.ts +8 -0
- package/dist/tools/export-bundle.d.ts.map +1 -0
- package/dist/tools/export-bundle.js +25 -0
- package/dist/tools/export-bundle.js.map +1 -0
- package/dist/tools/full-lifecycle.d.ts +16 -0
- package/dist/tools/full-lifecycle.d.ts.map +1 -0
- package/dist/tools/full-lifecycle.js +121 -0
- package/dist/tools/full-lifecycle.js.map +1 -0
- package/dist/tools/generate-receipt.d.ts +16 -0
- package/dist/tools/generate-receipt.d.ts.map +1 -0
- package/dist/tools/generate-receipt.js +31 -0
- package/dist/tools/generate-receipt.js.map +1 -0
- package/dist/tools/get-chain.d.ts +14 -0
- package/dist/tools/get-chain.d.ts.map +1 -0
- package/dist/tools/get-chain.js +45 -0
- package/dist/tools/get-chain.js.map +1 -0
- package/dist/tools/get-portal-state.d.ts +8 -0
- package/dist/tools/get-portal-state.d.ts.map +1 -0
- package/dist/tools/get-portal-state.js +15 -0
- package/dist/tools/get-portal-state.js.map +1 -0
- package/dist/tools/init-chain.d.ts +10 -0
- package/dist/tools/init-chain.d.ts.map +1 -0
- package/dist/tools/init-chain.js +13 -0
- package/dist/tools/init-chain.js.map +1 -0
- package/dist/tools/measure-behavior.d.ts +12 -0
- package/dist/tools/measure-behavior.d.ts.map +1 -0
- package/dist/tools/measure-behavior.js +29 -0
- package/dist/tools/measure-behavior.js.map +1 -0
- package/dist/tools/measure-subject.d.ts +15 -0
- package/dist/tools/measure-subject.d.ts.map +1 -0
- package/dist/tools/measure-subject.js +106 -0
- package/dist/tools/measure-subject.js.map +1 -0
- package/dist/tools/quarantine-status.d.ts +8 -0
- package/dist/tools/quarantine-status.d.ts.map +1 -0
- package/dist/tools/quarantine-status.js +16 -0
- package/dist/tools/quarantine-status.js.map +1 -0
- package/dist/tools/revoke-artifact.d.ts +13 -0
- package/dist/tools/revoke-artifact.d.ts.map +1 -0
- package/dist/tools/revoke-artifact.js +24 -0
- package/dist/tools/revoke-artifact.js.map +1 -0
- package/dist/tools/rotate-keys.d.ts +13 -0
- package/dist/tools/rotate-keys.d.ts.map +1 -0
- package/dist/tools/rotate-keys.js +39 -0
- package/dist/tools/rotate-keys.js.map +1 -0
- package/dist/tools/server-info.d.ts +8 -0
- package/dist/tools/server-info.d.ts.map +1 -0
- package/dist/tools/server-info.js +23 -0
- package/dist/tools/server-info.js.map +1 -0
- package/dist/tools/set-verification-tier.d.ts +11 -0
- package/dist/tools/set-verification-tier.d.ts.map +1 -0
- package/dist/tools/set-verification-tier.js +31 -0
- package/dist/tools/set-verification-tier.js.map +1 -0
- package/dist/tools/start-monitoring.d.ts +12 -0
- package/dist/tools/start-monitoring.d.ts.map +1 -0
- package/dist/tools/start-monitoring.js +17 -0
- package/dist/tools/start-monitoring.js.map +1 -0
- package/dist/tools/trigger-measurement.d.ts +15 -0
- package/dist/tools/trigger-measurement.d.ts.map +1 -0
- package/dist/tools/trigger-measurement.js +86 -0
- package/dist/tools/trigger-measurement.js.map +1 -0
- package/dist/tools/verify-artifact.d.ts +13 -0
- package/dist/tools/verify-artifact.d.ts.map +1 -0
- package/dist/tools/verify-artifact.js +6 -0
- package/dist/tools/verify-artifact.js.map +1 -0
- package/dist/tools/verify-bundle.d.ts +13 -0
- package/dist/tools/verify-bundle.d.ts.map +1 -0
- package/dist/tools/verify-bundle.js +6 -0
- package/dist/tools/verify-bundle.js.map +1 -0
- package/dist/types.d.ts +261 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +8 -0
- package/dist/types.js.map +1 -0
- package/package.json +18 -3
- package/AGA_MCP_SERVER_SPEC.md +0 -632
- package/src/core/artifact.ts +0 -45
- package/src/core/attestation.ts +0 -33
- package/src/core/behavioral.ts +0 -132
- package/src/core/bundle.ts +0 -31
- package/src/core/chain.ts +0 -72
- package/src/core/checkpoint.ts +0 -22
- package/src/core/delegation.ts +0 -146
- package/src/core/disclosure.ts +0 -32
- package/src/core/index.ts +0 -11
- package/src/core/portal.ts +0 -96
- package/src/core/quarantine.ts +0 -16
- package/src/core/receipt.ts +0 -33
- package/src/core/subject.ts +0 -11
- package/src/core/types.ts +0 -244
- package/src/crypto/hash.ts +0 -33
- package/src/crypto/index.ts +0 -5
- package/src/crypto/merkle.ts +0 -43
- package/src/crypto/salt.ts +0 -18
- package/src/crypto/sign.ts +0 -35
- package/src/crypto/types.ts +0 -19
- package/src/index.ts +0 -12
- package/src/middleware/governance.ts +0 -95
- package/src/middleware/index.ts +0 -1
- package/src/server.ts +0 -436
- package/src/storage/index.ts +0 -3
- package/src/storage/interface.ts +0 -21
- package/src/storage/memory.ts +0 -27
- package/src/storage/sqlite.ts +0 -45
- package/src/tools/README.md +0 -13
- package/src/utils/canonical.ts +0 -14
- package/src/utils/constants.ts +0 -3
- package/src/utils/timestamp.ts +0 -12
- package/src/utils/uuid.ts +0 -2
|
@@ -0,0 +1,86 @@
|
|
|
1
|
+
import { hashArtifact } from '../core/artifact.js';
|
|
2
|
+
import { generateReceipt } from '../core/receipt.js';
|
|
3
|
+
import { initQuarantine } from '../core/quarantine.js';
|
|
4
|
+
export async function handleTriggerMeasurement(args, ctx) {
|
|
5
|
+
if (!ctx.portal.artifact)
|
|
6
|
+
return ctx.error('No artifact loaded.');
|
|
7
|
+
if (ctx.portal.state === 'TERMINATED' || ctx.portal.state === 'SAFE_STATE') {
|
|
8
|
+
return ctx.error(`Portal is ${ctx.portal.state}. Artifact revoked or expired.`);
|
|
9
|
+
}
|
|
10
|
+
let match;
|
|
11
|
+
let action = null;
|
|
12
|
+
let driftDesc = null;
|
|
13
|
+
let currentHash = 'UNAVAILABLE';
|
|
14
|
+
if (args.subject_bytes_hash) {
|
|
15
|
+
// Pre-computed hash mode
|
|
16
|
+
const bMatch = args.subject_bytes_hash === ctx.portal.artifact.subject_identifier.bytes_hash;
|
|
17
|
+
const mMatch = !args.subject_metadata_hash || args.subject_metadata_hash === ctx.portal.artifact.subject_identifier.metadata_hash;
|
|
18
|
+
match = bMatch && mMatch;
|
|
19
|
+
currentHash = args.subject_bytes_hash;
|
|
20
|
+
if (!match && ctx.portal.state === 'ACTIVE_MONITORING') {
|
|
21
|
+
ctx.portal.state = 'DRIFT_DETECTED';
|
|
22
|
+
}
|
|
23
|
+
}
|
|
24
|
+
else if (args.subject_content) {
|
|
25
|
+
const meta = args.subject_metadata ?? {};
|
|
26
|
+
const result = ctx.portal.measure(new TextEncoder().encode(args.subject_content), meta);
|
|
27
|
+
match = result.match;
|
|
28
|
+
currentHash = result.currentBytesHash || 'UNAVAILABLE';
|
|
29
|
+
if (!result.ttl_ok) {
|
|
30
|
+
driftDesc = 'TTL expired';
|
|
31
|
+
action = 'TERMINATE';
|
|
32
|
+
match = false;
|
|
33
|
+
}
|
|
34
|
+
else if (result.revoked) {
|
|
35
|
+
driftDesc = 'Artifact revoked';
|
|
36
|
+
action = 'TERMINATE';
|
|
37
|
+
match = false;
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
else {
|
|
41
|
+
return ctx.error('Provide either subject_content or subject_bytes_hash');
|
|
42
|
+
}
|
|
43
|
+
if (!match && !action) {
|
|
44
|
+
driftDesc = 'Subject modified - hash mismatch';
|
|
45
|
+
action = ctx.portal.artifact.enforcement_parameters.enforcement_triggers[0] ?? 'ALERT_ONLY';
|
|
46
|
+
if (ctx.portal.state === 'DRIFT_DETECTED') {
|
|
47
|
+
ctx.portal.enforce(action);
|
|
48
|
+
}
|
|
49
|
+
if (action === 'QUARANTINE')
|
|
50
|
+
ctx.quarantine = initQuarantine();
|
|
51
|
+
}
|
|
52
|
+
ctx.measurementCount++;
|
|
53
|
+
const artRef = hashArtifact(ctx.portal.artifact);
|
|
54
|
+
const mType = args.measurement_type ?? ctx.portal.artifact.enforcement_parameters.measurement_types[0] ?? 'FILE_SYSTEM_STATE';
|
|
55
|
+
const receipt = generateReceipt({
|
|
56
|
+
subjectId: ctx.portal.artifact.subject_identifier,
|
|
57
|
+
artifactRef: artRef,
|
|
58
|
+
currentHash,
|
|
59
|
+
sealedHash: ctx.portal.artifact.subject_identifier.bytes_hash,
|
|
60
|
+
driftDetected: !match,
|
|
61
|
+
driftDescription: driftDesc,
|
|
62
|
+
action,
|
|
63
|
+
measurementType: mType,
|
|
64
|
+
seq: ctx.portal.sequenceCounter + 1,
|
|
65
|
+
prevLeaf: ctx.portal.lastLeafHash,
|
|
66
|
+
portalKP: ctx.portalKP,
|
|
67
|
+
});
|
|
68
|
+
await ctx.storage.storeReceipt(receipt);
|
|
69
|
+
await ctx.appendToChain('INTERACTION_RECEIPT', {
|
|
70
|
+
receipt_id: receipt.receipt_id,
|
|
71
|
+
drift_detected: !match,
|
|
72
|
+
enforcement_action: action,
|
|
73
|
+
measurement_type: mType,
|
|
74
|
+
});
|
|
75
|
+
return ctx.json({
|
|
76
|
+
success: true,
|
|
77
|
+
match,
|
|
78
|
+
drift_detected: !match,
|
|
79
|
+
enforcement_action: action,
|
|
80
|
+
portal_state: ctx.portal.state,
|
|
81
|
+
receipt_id: receipt.receipt_id,
|
|
82
|
+
measurement_type: mType,
|
|
83
|
+
measurement_count: ctx.measurementCount,
|
|
84
|
+
});
|
|
85
|
+
}
|
|
86
|
+
//# sourceMappingURL=trigger-measurement.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"trigger-measurement.js","sourceRoot":"","sources":["../../src/tools/trigger-measurement.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAYvD,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAAC,IAA4B,EAAE,GAAkB;IAC7F,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ;QAAE,OAAO,GAAG,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;IAClE,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,YAAY,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,YAAY,EAAE,CAAC;QAC3E,OAAO,GAAG,CAAC,KAAK,CAAC,aAAa,GAAG,CAAC,MAAM,CAAC,KAAK,gCAAgC,CAAC,CAAC;IAClF,CAAC;IAED,IAAI,KAAc,CAAC;IACnB,IAAI,MAAM,GAA6B,IAAI,CAAC;IAC5C,IAAI,SAAS,GAAkB,IAAI,CAAC;IACpC,IAAI,WAAW,GAAG,aAAa,CAAC;IAEhC,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAC5B,yBAAyB;QACzB,MAAM,MAAM,GAAG,IAAI,CAAC,kBAAkB,KAAK,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,UAAU,CAAC;QAC7F,MAAM,MAAM,GAAG,CAAC,IAAI,CAAC,qBAAqB,IAAI,IAAI,CAAC,qBAAqB,KAAK,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,aAAa,CAAC;QAClI,KAAK,GAAG,MAAM,IAAI,MAAM,CAAC;QACzB,WAAW,GAAG,IAAI,CAAC,kBAAkB,CAAC;QACtC,IAAI,CAAC,KAAK,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,mBAAmB,EAAE,CAAC;YACtD,GAAG,CAAC,MAAc,CAAC,KAAK,GAAG,gBAAgB,CAAC;QAC/C,CAAC;IACH,CAAC;SAAM,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;QAChC,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,IAAI,EAAE,CAAC;QACzC,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,EAAE,IAAI,CAAC,CAAC;QACxF,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;QACrB,WAAW,GAAG,MAAM,CAAC,gBAAgB,IAAI,aAAa,CAAC;QACvD,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YAAC,SAAS,GAAG,aAAa,CAAC;YAAC,MAAM,GAAG,WAAW,CAAC;YAAC,KAAK,GAAG,KAAK,CAAC;QAAC,CAAC;aAClF,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YAAC,SAAS,GAAG,kBAAkB,CAAC;YAAC,MAAM,GAAG,WAAW,CAAC;YAAC,KAAK,GAAG,KAAK,CAAC;QAAC,CAAC;IACnG,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC;IAC3E,CAAC;IAED,IAAI,CAAC,KAAK,IAAI,CAAC,MAAM,EAAE,CAAC;QACtB,SAAS,GAAG,kCAAkC,CAAC;QAC/C,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAAC,oBAAoB,CAAC,CAAC,CAAC,IAAI,YAAY,CAAC;QAC5F,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,gBAAgB,EAAE,CAAC;YAC1C,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC7B,CAAC;QACD,IAAI,MAAM,KAAK,YAAY;YAAE,GAAG,CAAC,UAAU,GAAG,cAAc,EAAE,CAAC;IACjE,CAAC;IAED,GAAG,CAAC,gBAAgB,EAAE,CAAC;IACvB,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACjD,MAAM,KAAK,GAAG,IAAI,CAAC,gBAAgB,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,mBAAmB,CAAC;IAE9H,MAAM,OAAO,GAAG,eAAe,CAAC;QAC9B,SAAS,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB;QACjD,WAAW,EAAE,MAAM;QACnB,WAAW;QACX,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,UAAU;QAC7D,aAAa,EAAE,CAAC,KAAK;QACrB,gBAAgB,EAAE,SAAS;QAC3B,MAAM;QACN,eAAe,EAAE,KAAK;QACtB,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,eAAe,GAAG,CAAC;QACnC,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,YAAY;QACjC,QAAQ,EAAE,GAAG,CAAC,QAAQ;KACvB,CAAC,CAAC;IACH,MAAM,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;IACxC,MAAM,GAAG,CAAC,aAAa,CAAC,qBAAqB,EAAE;QAC7C,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,cAAc,EAAE,CAAC,KAAK;QACtB,kBAAkB,EAAE,MAAM;QAC1B,gBAAgB,EAAE,KAAK;KACxB,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC,IAAI,CAAC;QACd,OAAO,EAAE,IAAI;QACb,KAAK;QACL,cAAc,EAAE,CAAC,KAAK;QACtB,kBAAkB,EAAE,MAAM;QAC1B,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK;QAC9B,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,gBAAgB,EAAE,KAAK;QACvB,iBAAiB,EAAE,GAAG,CAAC,gBAAgB;KACxC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import type { ServerContext } from '../context.js';
|
|
2
|
+
import type { PolicyArtifact } from '../core/types.js';
|
|
3
|
+
export interface VerifyArtifactArgs {
|
|
4
|
+
artifact: PolicyArtifact;
|
|
5
|
+
issuer_public_key: string;
|
|
6
|
+
}
|
|
7
|
+
export declare function handleVerifyArtifact(args: VerifyArtifactArgs, ctx: ServerContext): Promise<{
|
|
8
|
+
content: Array<{
|
|
9
|
+
type: "text";
|
|
10
|
+
text: string;
|
|
11
|
+
}>;
|
|
12
|
+
}>;
|
|
13
|
+
//# sourceMappingURL=verify-artifact.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verify-artifact.d.ts","sourceRoot":"","sources":["../../src/tools/verify-artifact.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAEvD,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,cAAc,CAAC;IACzB,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAED,wBAAsB,oBAAoB,CAAC,IAAI,EAAE,kBAAkB,EAAE,GAAG,EAAE,aAAa;;;;;GAGtF"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import { verifyArtifactSignature } from '../core/artifact.js';
|
|
2
|
+
export async function handleVerifyArtifact(args, ctx) {
|
|
3
|
+
const valid = verifyArtifactSignature(args.artifact, args.issuer_public_key);
|
|
4
|
+
return ctx.json({ success: true, signature_valid: valid });
|
|
5
|
+
}
|
|
6
|
+
//# sourceMappingURL=verify-artifact.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verify-artifact.js","sourceRoot":"","sources":["../../src/tools/verify-artifact.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AAS9D,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,IAAwB,EAAE,GAAkB;IACrF,MAAM,KAAK,GAAG,uBAAuB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAC7E,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,eAAe,EAAE,KAAK,EAAE,CAAC,CAAC;AAC7D,CAAC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import type { ServerContext } from '../context.js';
|
|
2
|
+
import type { EvidenceBundle } from '../core/types.js';
|
|
3
|
+
export interface VerifyBundleArgs {
|
|
4
|
+
bundle: EvidenceBundle;
|
|
5
|
+
pinned_public_key: string;
|
|
6
|
+
}
|
|
7
|
+
export declare function handleVerifyBundle(args: VerifyBundleArgs, ctx: ServerContext): Promise<{
|
|
8
|
+
content: Array<{
|
|
9
|
+
type: "text";
|
|
10
|
+
text: string;
|
|
11
|
+
}>;
|
|
12
|
+
}>;
|
|
13
|
+
//# sourceMappingURL=verify-bundle.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verify-bundle.d.ts","sourceRoot":"","sources":["../../src/tools/verify-bundle.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAEvD,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,cAAc,CAAC;IACvB,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAED,wBAAsB,kBAAkB,CAAC,IAAI,EAAE,gBAAgB,EAAE,GAAG,EAAE,aAAa;;;;;GAGlF"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import { verifyBundleOffline } from '../core/bundle.js';
|
|
2
|
+
export async function handleVerifyBundle(args, ctx) {
|
|
3
|
+
const verification = verifyBundleOffline(args.bundle, args.pinned_public_key);
|
|
4
|
+
return ctx.json({ success: true, verification });
|
|
5
|
+
}
|
|
6
|
+
//# sourceMappingURL=verify-bundle.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verify-bundle.js","sourceRoot":"","sources":["../../src/tools/verify-bundle.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AASxD,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,IAAsB,EAAE,GAAkB;IACjF,MAAM,YAAY,GAAG,mBAAmB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAC9E,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC;AACnD,CAAC"}
|
package/dist/types.d.ts
ADDED
|
@@ -0,0 +1,261 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* AGA Protocol V2.0.0 - Unified Type Definitions
|
|
3
|
+
* NIST-2025-0035, NCCoE AI Agent Identity and Authorization
|
|
4
|
+
*
|
|
5
|
+
* All enums/interfaces aligned to directive specification.
|
|
6
|
+
*/
|
|
7
|
+
export type PublicKey = Uint8Array;
|
|
8
|
+
export type SecretKey = Uint8Array;
|
|
9
|
+
export interface KeyPair {
|
|
10
|
+
publicKey: PublicKey;
|
|
11
|
+
secretKey: SecretKey;
|
|
12
|
+
}
|
|
13
|
+
export type Signature = Uint8Array;
|
|
14
|
+
export type HashHex = string;
|
|
15
|
+
export type SignatureBase64 = string;
|
|
16
|
+
export type SaltHex = string;
|
|
17
|
+
export interface SaltedCommitment {
|
|
18
|
+
commitment: HashHex;
|
|
19
|
+
salt: SaltHex;
|
|
20
|
+
}
|
|
21
|
+
export interface MerkleInclusionProof {
|
|
22
|
+
leafHash: HashHex;
|
|
23
|
+
leafIndex: number;
|
|
24
|
+
siblings: Array<{
|
|
25
|
+
hash: HashHex;
|
|
26
|
+
position: 'left' | 'right';
|
|
27
|
+
}>;
|
|
28
|
+
root: HashHex;
|
|
29
|
+
}
|
|
30
|
+
export type EventType = 'GENESIS' | 'POLICY_ISSUANCE' | 'INTERACTION_RECEIPT' | 'REVOCATION' | 'ATTESTATION' | 'ANCHOR_BATCH' | 'DISCLOSURE' | 'SUBSTITUTION' | 'KEY_ROTATION' | 'BEHAVIORAL_DRIFT' | 'DELEGATION' | 'RE_ATTESTATION';
|
|
31
|
+
export type EnforcementAction = 'TERMINATE' | 'QUARANTINE' | 'NETWORK_ISOLATE' | 'SAFE_STATE' | 'KEY_REVOKE' | 'TOKEN_INVALIDATE' | 'ACTUATOR_DISCONNECT' | 'ALERT_ONLY';
|
|
32
|
+
export type MeasurementType = 'EXECUTABLE_IMAGE' | 'LOADED_MODULES' | 'CONTAINER_IMAGE' | 'CONFIG_MANIFEST' | 'SBOM' | 'TEE_QUOTE' | 'MEMORY_REGIONS' | 'CONTROL_FLOW' | 'FILE_SYSTEM_STATE' | 'NETWORK_CONFIG';
|
|
33
|
+
export type PortalState = 'INITIALIZATION' | 'ARTIFACT_VERIFICATION' | 'ACTIVE_MONITORING' | 'DRIFT_DETECTED' | 'PHANTOM_QUARANTINE' | 'SAFE_STATE' | 'TERMINATED';
|
|
34
|
+
export type VerificationTier = 'BRONZE' | 'SILVER' | 'GOLD';
|
|
35
|
+
export type DisclosureMode = 'PROOF_ONLY' | 'REVEAL_MIN' | 'REVEAL_FULL';
|
|
36
|
+
export type Sensitivity = 'S1_LOW' | 'S2_MODERATE' | 'S3_HIGH' | 'S4_CRITICAL';
|
|
37
|
+
export interface SubjectIdentifier {
|
|
38
|
+
bytes_hash: HashHex;
|
|
39
|
+
metadata_hash: HashHex;
|
|
40
|
+
}
|
|
41
|
+
export interface SubjectMetadata {
|
|
42
|
+
filename?: string;
|
|
43
|
+
creation_timestamp?: string;
|
|
44
|
+
author?: string;
|
|
45
|
+
version?: string;
|
|
46
|
+
content_type?: string;
|
|
47
|
+
[key: string]: unknown;
|
|
48
|
+
}
|
|
49
|
+
export interface EnforcementParams {
|
|
50
|
+
measurement_cadence_ms: number;
|
|
51
|
+
ttl_seconds: number;
|
|
52
|
+
enforcement_triggers: EnforcementAction[];
|
|
53
|
+
re_attestation_required: boolean;
|
|
54
|
+
measurement_types: MeasurementType[];
|
|
55
|
+
}
|
|
56
|
+
export interface ClaimRecord {
|
|
57
|
+
claim_id: string;
|
|
58
|
+
sensitivity: Sensitivity;
|
|
59
|
+
substitutes: string[];
|
|
60
|
+
inference_risks: string[];
|
|
61
|
+
permitted_modes: DisclosureMode[];
|
|
62
|
+
}
|
|
63
|
+
export interface ClaimsTaxonomy {
|
|
64
|
+
claims: ClaimRecord[];
|
|
65
|
+
version: string;
|
|
66
|
+
}
|
|
67
|
+
export interface SubstitutionRule {
|
|
68
|
+
original_claim_id: string;
|
|
69
|
+
substitute_claim_id: string;
|
|
70
|
+
conditions: Record<string, unknown>;
|
|
71
|
+
}
|
|
72
|
+
export interface DisclosurePolicy {
|
|
73
|
+
claims_taxonomy: ClaimRecord[];
|
|
74
|
+
substitution_rules: SubstitutionRule[];
|
|
75
|
+
}
|
|
76
|
+
export interface DisclosureRequest {
|
|
77
|
+
requested_claim_id: string;
|
|
78
|
+
requester_id: string;
|
|
79
|
+
mode: DisclosureMode;
|
|
80
|
+
timestamp: string;
|
|
81
|
+
}
|
|
82
|
+
export interface SubstitutionReceipt {
|
|
83
|
+
receipt_id: string;
|
|
84
|
+
original_claim_id: string;
|
|
85
|
+
substitute_claim_id: string | null;
|
|
86
|
+
policy_version: number;
|
|
87
|
+
reason_code: string;
|
|
88
|
+
timestamp: string;
|
|
89
|
+
chain_sequence_ref: number;
|
|
90
|
+
signature: SignatureBase64;
|
|
91
|
+
}
|
|
92
|
+
export interface EvidenceCommitmentRecord {
|
|
93
|
+
commitment: HashHex;
|
|
94
|
+
salt: SaltHex;
|
|
95
|
+
label: string;
|
|
96
|
+
}
|
|
97
|
+
export interface EvidenceBundle {
|
|
98
|
+
artifact: PolicyArtifact;
|
|
99
|
+
receipts: SignedReceipt[];
|
|
100
|
+
merkle_proofs: MerkleInclusionProof[];
|
|
101
|
+
checkpoint_reference: CheckpointReference;
|
|
102
|
+
public_key: string;
|
|
103
|
+
bundle_signature: SignatureBase64;
|
|
104
|
+
}
|
|
105
|
+
export interface PolicyArtifact {
|
|
106
|
+
schema_version: string;
|
|
107
|
+
protocol_version: string;
|
|
108
|
+
subject_identifier: SubjectIdentifier;
|
|
109
|
+
policy_reference: HashHex;
|
|
110
|
+
policy_version: number;
|
|
111
|
+
sealed_hash: HashHex;
|
|
112
|
+
seal_salt: SaltHex;
|
|
113
|
+
issued_timestamp: string;
|
|
114
|
+
effective_timestamp: string;
|
|
115
|
+
expiration_timestamp: string | null;
|
|
116
|
+
issuer_identifier: string;
|
|
117
|
+
enforcement_parameters: EnforcementParams;
|
|
118
|
+
disclosure_policy: DisclosurePolicy;
|
|
119
|
+
evidence_commitments: EvidenceCommitmentRecord[];
|
|
120
|
+
signature: SignatureBase64;
|
|
121
|
+
}
|
|
122
|
+
export interface SignedReceipt {
|
|
123
|
+
receipt_id: string;
|
|
124
|
+
subject_identifier: SubjectIdentifier;
|
|
125
|
+
artifact_reference: HashHex;
|
|
126
|
+
current_hash: string;
|
|
127
|
+
sealed_hash: string;
|
|
128
|
+
drift_detected: boolean;
|
|
129
|
+
drift_description: string | null;
|
|
130
|
+
enforcement_action: EnforcementAction | null;
|
|
131
|
+
measurement_type: string;
|
|
132
|
+
timestamp: string;
|
|
133
|
+
sequence_number: number;
|
|
134
|
+
previous_leaf_hash: HashHex | null;
|
|
135
|
+
portal_signature: SignatureBase64;
|
|
136
|
+
}
|
|
137
|
+
export interface GenesisPayload {
|
|
138
|
+
protocol_version: string;
|
|
139
|
+
taxonomy_version: string;
|
|
140
|
+
root_fingerprint: string;
|
|
141
|
+
specification_hash: HashHex;
|
|
142
|
+
marker: 'GENESIS';
|
|
143
|
+
}
|
|
144
|
+
export interface StructuralMetadata {
|
|
145
|
+
schema_version: string;
|
|
146
|
+
protocol_version: string;
|
|
147
|
+
event_type: EventType;
|
|
148
|
+
event_id: string;
|
|
149
|
+
sequence_number: number;
|
|
150
|
+
timestamp: string;
|
|
151
|
+
previous_leaf_hash: HashHex | null;
|
|
152
|
+
}
|
|
153
|
+
export interface ContinuityEvent {
|
|
154
|
+
schema_version: string;
|
|
155
|
+
protocol_version: string;
|
|
156
|
+
event_type: EventType;
|
|
157
|
+
event_id: string;
|
|
158
|
+
sequence_number: number;
|
|
159
|
+
timestamp: string;
|
|
160
|
+
previous_leaf_hash: HashHex | null;
|
|
161
|
+
leaf_hash: HashHex;
|
|
162
|
+
payload: unknown;
|
|
163
|
+
payload_hash: HashHex;
|
|
164
|
+
event_signature: SignatureBase64;
|
|
165
|
+
}
|
|
166
|
+
export interface CheckpointReference {
|
|
167
|
+
merkle_root: HashHex;
|
|
168
|
+
batch_start_sequence: number;
|
|
169
|
+
batch_end_sequence: number;
|
|
170
|
+
anchor_network: string;
|
|
171
|
+
transaction_id: string;
|
|
172
|
+
timestamp: string;
|
|
173
|
+
}
|
|
174
|
+
export interface AnchorBatchPayload {
|
|
175
|
+
checkpoint_reference: CheckpointReference;
|
|
176
|
+
leaf_count: number;
|
|
177
|
+
}
|
|
178
|
+
export interface QuarantineState {
|
|
179
|
+
active: boolean;
|
|
180
|
+
started_at: string | null;
|
|
181
|
+
inputs_captured: number;
|
|
182
|
+
outputs_severed: boolean;
|
|
183
|
+
forensic_buffer: Array<{
|
|
184
|
+
timestamp: string;
|
|
185
|
+
type: string;
|
|
186
|
+
data: unknown;
|
|
187
|
+
}>;
|
|
188
|
+
}
|
|
189
|
+
export interface RevocationRecord {
|
|
190
|
+
artifact_sealed_hash: HashHex;
|
|
191
|
+
reason: string;
|
|
192
|
+
revoked_by: string;
|
|
193
|
+
timestamp: string;
|
|
194
|
+
}
|
|
195
|
+
export interface BehavioralBaseline {
|
|
196
|
+
permitted_tools: string[];
|
|
197
|
+
rate_limits: Record<string, number>;
|
|
198
|
+
forbidden_sequences: string[][];
|
|
199
|
+
window_ms: number;
|
|
200
|
+
}
|
|
201
|
+
export interface ToolInvocation {
|
|
202
|
+
tool_name: string;
|
|
203
|
+
timestamp: string;
|
|
204
|
+
args_hash: HashHex;
|
|
205
|
+
}
|
|
206
|
+
export type BehavioralViolation = {
|
|
207
|
+
type: 'UNAUTHORIZED_TOOL';
|
|
208
|
+
tool: string;
|
|
209
|
+
} | {
|
|
210
|
+
type: 'RATE_EXCEEDED';
|
|
211
|
+
tool: string;
|
|
212
|
+
count: number;
|
|
213
|
+
limit: number;
|
|
214
|
+
} | {
|
|
215
|
+
type: 'FORBIDDEN_SEQUENCE';
|
|
216
|
+
sequence: string[];
|
|
217
|
+
};
|
|
218
|
+
export interface BehavioralMeasurement {
|
|
219
|
+
window_start: string;
|
|
220
|
+
window_end: string;
|
|
221
|
+
invocations: ToolInvocation[];
|
|
222
|
+
violations: BehavioralViolation[];
|
|
223
|
+
behavioral_hash: HashHex;
|
|
224
|
+
drift_detected: boolean;
|
|
225
|
+
}
|
|
226
|
+
export interface BehavioralMonitor {
|
|
227
|
+
setBaseline(baseline: BehavioralBaseline): void;
|
|
228
|
+
recordInvocation(toolName: string, argsHash: HashHex): void;
|
|
229
|
+
measure(): BehavioralMeasurement;
|
|
230
|
+
reset(): void;
|
|
231
|
+
}
|
|
232
|
+
export interface DelegationRecord {
|
|
233
|
+
parent_artifact_hash: HashHex;
|
|
234
|
+
child_artifact_hash: HashHex;
|
|
235
|
+
effective_ttl_seconds: number;
|
|
236
|
+
scope_reduction: {
|
|
237
|
+
triggers_removed: string[];
|
|
238
|
+
measurement_types_removed: string[];
|
|
239
|
+
};
|
|
240
|
+
purpose: string;
|
|
241
|
+
timestamp: string;
|
|
242
|
+
}
|
|
243
|
+
export interface DelegationRequest {
|
|
244
|
+
enforcement_triggers: EnforcementAction[];
|
|
245
|
+
measurement_types: MeasurementType[];
|
|
246
|
+
requested_ttl_seconds: number;
|
|
247
|
+
delegation_purpose: string;
|
|
248
|
+
}
|
|
249
|
+
export interface DelegationResult {
|
|
250
|
+
success: boolean;
|
|
251
|
+
child_artifact?: PolicyArtifact;
|
|
252
|
+
child_artifact_hash?: string;
|
|
253
|
+
parent_artifact_hash: string;
|
|
254
|
+
effective_ttl_seconds?: number;
|
|
255
|
+
scope_reduction?: {
|
|
256
|
+
triggers_removed: string[];
|
|
257
|
+
measurement_types_removed: string[];
|
|
258
|
+
};
|
|
259
|
+
error?: string;
|
|
260
|
+
}
|
|
261
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,MAAM,MAAM,SAAS,GAAG,UAAU,CAAC;AACnC,MAAM,MAAM,SAAS,GAAG,UAAU,CAAC;AACnC,MAAM,WAAW,OAAO;IAAG,SAAS,EAAE,SAAS,CAAC;IAAC,SAAS,EAAE,SAAS,CAAC;CAAE;AACxE,MAAM,MAAM,SAAS,GAAG,UAAU,CAAC;AACnC,MAAM,MAAM,OAAO,GAAG,MAAM,CAAC;AAC7B,MAAM,MAAM,eAAe,GAAG,MAAM,CAAC;AACrC,MAAM,MAAM,OAAO,GAAG,MAAM,CAAC;AAE7B,MAAM,WAAW,gBAAgB;IAC/B,UAAU,EAAE,OAAO,CAAC;IACpB,IAAI,EAAE,OAAO,CAAC;CACf;AAED,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,OAAO,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,OAAO,CAAC;QAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAA;KAAE,CAAC,CAAC;IAC/D,IAAI,EAAE,OAAO,CAAC;CACf;AAID,MAAM,MAAM,SAAS,GACjB,SAAS,GACT,iBAAiB,GACjB,qBAAqB,GACrB,YAAY,GACZ,aAAa,GACb,cAAc,GACd,YAAY,GACZ,cAAc,GACd,cAAc,GACd,kBAAkB,GAClB,YAAY,GACZ,gBAAgB,CAAC;AAIrB,MAAM,MAAM,iBAAiB,GACzB,WAAW,GACX,YAAY,GACZ,iBAAiB,GACjB,YAAY,GACZ,YAAY,GACZ,kBAAkB,GAClB,qBAAqB,GACrB,YAAY,CAAC;AAIjB,MAAM,MAAM,eAAe,GACvB,kBAAkB,GAClB,gBAAgB,GAChB,iBAAiB,GACjB,iBAAiB,GACjB,MAAM,GACN,WAAW,GACX,gBAAgB,GAChB,cAAc,GACd,mBAAmB,GACnB,gBAAgB,CAAC;AAIrB,MAAM,MAAM,WAAW,GACnB,gBAAgB,GAChB,uBAAuB,GACvB,mBAAmB,GACnB,gBAAgB,GAChB,oBAAoB,GACpB,YAAY,GACZ,YAAY,CAAC;AAIjB,MAAM,MAAM,gBAAgB,GAAG,QAAQ,GAAG,QAAQ,GAAG,MAAM,CAAC;AAI5D,MAAM,MAAM,cAAc,GAAG,YAAY,GAAG,YAAY,GAAG,aAAa,CAAC;AAIzE,MAAM,MAAM,WAAW,GAAG,QAAQ,GAAG,aAAa,GAAG,SAAS,GAAG,aAAa,CAAC;AAI/E,MAAM,WAAW,iBAAiB;IAChC,UAAU,EAAE,OAAO,CAAC;IACpB,aAAa,EAAE,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAID,MAAM,WAAW,iBAAiB;IAChC,sBAAsB,EAAE,MAAM,CAAC;IAC/B,WAAW,EAAE,MAAM,CAAC;IACpB,oBAAoB,EAAE,iBAAiB,EAAE,CAAC;IAC1C,uBAAuB,EAAE,OAAO,CAAC;IACjC,iBAAiB,EAAE,eAAe,EAAE,CAAC;CACtC;AAID,MAAM,WAAW,WAAW;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,WAAW,CAAC;IACzB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,eAAe,EAAE,cAAc,EAAE,CAAC;CACnC;AAED,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,WAAW,EAAE,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,gBAAgB;IAC/B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC;AAED,MAAM,WAAW,gBAAgB;IAC/B,eAAe,EAAE,WAAW,EAAE,CAAC;IAC/B,kBAAkB,EAAE,gBAAgB,EAAE,CAAC;CACxC;AAED,MAAM,WAAW,iBAAiB;IAChC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,YAAY,EAAE,MAAM,CAAC;IACrB,IAAI,EAAE,cAAc,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,mBAAmB;IAClC,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,mBAAmB,EAAE,MAAM,GAAG,IAAI,CAAC;IACnC,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,SAAS,EAAE,eAAe,CAAC;CAC5B;AAID,MAAM,WAAW,wBAAwB;IACvC,UAAU,EAAE,OAAO,CAAC;IACpB,IAAI,EAAE,OAAO,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,cAAc,CAAC;IACzB,QAAQ,EAAE,aAAa,EAAE,CAAC;IAC1B,aAAa,EAAE,oBAAoB,EAAE,CAAC;IACtC,oBAAoB,EAAE,mBAAmB,CAAC;IAC1C,UAAU,EAAE,MAAM,CAAC;IACnB,gBAAgB,EAAE,eAAe,CAAC;CACnC;AAID,MAAM,WAAW,cAAc;IAC7B,cAAc,EAAE,MAAM,CAAC;IACvB,gBAAgB,EAAE,MAAM,CAAC;IACzB,kBAAkB,EAAE,iBAAiB,CAAC;IACtC,gBAAgB,EAAE,OAAO,CAAC;IAC1B,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,OAAO,CAAC;IACrB,SAAS,EAAE,OAAO,CAAC;IACnB,gBAAgB,EAAE,MAAM,CAAC;IACzB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,oBAAoB,EAAE,MAAM,GAAG,IAAI,CAAC;IACpC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,sBAAsB,EAAE,iBAAiB,CAAC;IAC1C,iBAAiB,EAAE,gBAAgB,CAAC;IACpC,oBAAoB,EAAE,wBAAwB,EAAE,CAAC;IACjD,SAAS,EAAE,eAAe,CAAC;CAC5B;AAID,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,MAAM,CAAC;IACnB,kBAAkB,EAAE,iBAAiB,CAAC;IACtC,kBAAkB,EAAE,OAAO,CAAC;IAC5B,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,OAAO,CAAC;IACxB,iBAAiB,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,kBAAkB,EAAE,iBAAiB,GAAG,IAAI,CAAC;IAC7C,gBAAgB,EAAE,MAAM,CAAC;IACzB,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,EAAE,MAAM,CAAC;IACxB,kBAAkB,EAAE,OAAO,GAAG,IAAI,CAAC;IACnC,gBAAgB,EAAE,eAAe,CAAC;CACnC;AAID,MAAM,WAAW,cAAc;IAC7B,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,EAAE,MAAM,CAAC;IACzB,kBAAkB,EAAE,OAAO,CAAC;IAC5B,MAAM,EAAE,SAAS,CAAC;CACnB;AAED,MAAM,WAAW,kBAAkB;IACjC,cAAc,EAAE,MAAM,CAAC;IACvB,gBAAgB,EAAE,MAAM,CAAC;IACzB,UAAU,EAAE,SAAS,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,MAAM,CAAC;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,kBAAkB,EAAE,OAAO,GAAG,IAAI,CAAC;CACpC;AAED,MAAM,WAAW,eAAe;IAC9B,cAAc,EAAE,MAAM,CAAC;IACvB,gBAAgB,EAAE,MAAM,CAAC;IACzB,UAAU,EAAE,SAAS,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,MAAM,CAAC;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,kBAAkB,EAAE,OAAO,GAAG,IAAI,CAAC;IACnC,SAAS,EAAE,OAAO,CAAC;IACnB,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,EAAE,OAAO,CAAC;IACtB,eAAe,EAAE,eAAe,CAAC;CAClC;AAID,MAAM,WAAW,mBAAmB;IAClC,WAAW,EAAE,OAAO,CAAC;IACrB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,cAAc,EAAE,MAAM,CAAC;IACvB,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,kBAAkB;IACjC,oBAAoB,EAAE,mBAAmB,CAAC;IAC1C,UAAU,EAAE,MAAM,CAAC;CACpB;AAID,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,OAAO,CAAC;IAChB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,eAAe,EAAE,MAAM,CAAC;IACxB,eAAe,EAAE,OAAO,CAAC;IACzB,eAAe,EAAE,KAAK,CAAC;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,OAAO,CAAA;KAAE,CAAC,CAAC;CAC5E;AAID,MAAM,WAAW,gBAAgB;IAC/B,oBAAoB,EAAE,OAAO,CAAC;IAC9B,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;CACnB;AAID,MAAM,WAAW,kBAAkB;IACjC,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACpC,mBAAmB,EAAE,MAAM,EAAE,EAAE,CAAC;IAChC,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,MAAM,mBAAmB,GAC3B;IAAE,IAAI,EAAE,mBAAmB,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,GAC3C;IAAE,IAAI,EAAE,eAAe,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,GACrE;IAAE,IAAI,EAAE,oBAAoB,CAAC;IAAC,QAAQ,EAAE,MAAM,EAAE,CAAA;CAAE,CAAC;AAEvD,MAAM,WAAW,qBAAqB;IACpC,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,cAAc,EAAE,CAAC;IAC9B,UAAU,EAAE,mBAAmB,EAAE,CAAC;IAClC,eAAe,EAAE,OAAO,CAAC;IACzB,cAAc,EAAE,OAAO,CAAC;CACzB;AAED,MAAM,WAAW,iBAAiB;IAChC,WAAW,CAAC,QAAQ,EAAE,kBAAkB,GAAG,IAAI,CAAC;IAChD,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,GAAG,IAAI,CAAC;IAC5D,OAAO,IAAI,qBAAqB,CAAC;IACjC,KAAK,IAAI,IAAI,CAAC;CACf;AAID,MAAM,WAAW,gBAAgB;IAC/B,oBAAoB,EAAE,OAAO,CAAC;IAC9B,mBAAmB,EAAE,OAAO,CAAC;IAC7B,qBAAqB,EAAE,MAAM,CAAC;IAC9B,eAAe,EAAE;QACf,gBAAgB,EAAE,MAAM,EAAE,CAAC;QAC3B,yBAAyB,EAAE,MAAM,EAAE,CAAC;KACrC,CAAC;IACF,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,iBAAiB;IAChC,oBAAoB,EAAE,iBAAiB,EAAE,CAAC;IAC1C,iBAAiB,EAAE,eAAe,EAAE,CAAC;IACrC,qBAAqB,EAAE,MAAM,CAAC;IAC9B,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,OAAO,CAAC;IACjB,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,eAAe,CAAC,EAAE;QAChB,gBAAgB,EAAE,MAAM,EAAE,CAAC;QAC3B,yBAAyB,EAAE,MAAM,EAAE,CAAC;KACrC,CAAC;IACF,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB"}
|
package/dist/types.js
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG"}
|
package/package.json
CHANGED
|
@@ -1,12 +1,17 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@attested-intelligence/aga-mcp-server",
|
|
3
|
-
"version": "0.1
|
|
4
|
-
"description": "MCP server implementing the Attested Governance Artifact protocol
|
|
3
|
+
"version": "2.0.1",
|
|
4
|
+
"description": "MCP server implementing the Attested Governance Artifact (AGA) protocol - cryptographic compliance enforcement for autonomous AI systems. 20 tools, 3 resources, 3 prompts.",
|
|
5
5
|
"author": "Attested Intelligence Holdings LLC",
|
|
6
6
|
"license": "MIT",
|
|
7
7
|
"type": "module",
|
|
8
8
|
"main": "dist/index.js",
|
|
9
9
|
"types": "dist/index.d.ts",
|
|
10
|
+
"files": [
|
|
11
|
+
"dist/",
|
|
12
|
+
"README.md",
|
|
13
|
+
"LICENSE"
|
|
14
|
+
],
|
|
10
15
|
"bin": {
|
|
11
16
|
"aga-mcp-server": "dist/index.js"
|
|
12
17
|
},
|
|
@@ -18,6 +23,7 @@
|
|
|
18
23
|
"test:watch": "vitest",
|
|
19
24
|
"test:crypto": "vitest run tests/crypto/",
|
|
20
25
|
"test:core": "vitest run tests/core/",
|
|
26
|
+
"test:tools": "vitest run tests/tools/",
|
|
21
27
|
"test:integration": "vitest run tests/integration/",
|
|
22
28
|
"demo": "tsx scripts/demo.ts",
|
|
23
29
|
"benchmark": "tsx scripts/benchmark.ts",
|
|
@@ -47,10 +53,19 @@
|
|
|
47
53
|
},
|
|
48
54
|
"keywords": [
|
|
49
55
|
"mcp",
|
|
56
|
+
"mcp-server",
|
|
50
57
|
"attestation",
|
|
51
58
|
"governance",
|
|
52
59
|
"ai-governance",
|
|
60
|
+
"ai-safety",
|
|
53
61
|
"runtime-integrity",
|
|
54
|
-
"continuity-chain"
|
|
62
|
+
"continuity-chain",
|
|
63
|
+
"zero-trust",
|
|
64
|
+
"nist",
|
|
65
|
+
"nccoe",
|
|
66
|
+
"spiffe",
|
|
67
|
+
"ed25519",
|
|
68
|
+
"evidence-bundle",
|
|
69
|
+
"policy-enforcement"
|
|
55
70
|
]
|
|
56
71
|
}
|