@attested-intelligence/aga-mcp-server 0.1.1 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (197) hide show
  1. package/README.md +106 -24
  2. package/dist/context.d.ts +39 -0
  3. package/dist/context.d.ts.map +1 -0
  4. package/dist/context.js +113 -0
  5. package/dist/context.js.map +1 -0
  6. package/dist/core/identity.d.ts +14 -0
  7. package/dist/core/identity.d.ts.map +1 -0
  8. package/dist/core/identity.js +16 -0
  9. package/dist/core/identity.js.map +1 -0
  10. package/dist/core/index.d.ts +3 -0
  11. package/dist/core/index.d.ts.map +1 -1
  12. package/dist/core/index.js +3 -0
  13. package/dist/core/index.js.map +1 -1
  14. package/dist/core/measurement.d.ts +16 -0
  15. package/dist/core/measurement.d.ts.map +1 -0
  16. package/dist/core/measurement.js +18 -0
  17. package/dist/core/measurement.js.map +1 -0
  18. package/dist/core/portal.d.ts +1 -1
  19. package/dist/core/portal.d.ts.map +1 -1
  20. package/dist/core/portal.js +10 -5
  21. package/dist/core/portal.js.map +1 -1
  22. package/dist/core/types.d.ts +2 -3
  23. package/dist/core/types.d.ts.map +1 -1
  24. package/dist/crypto/canonicalize.d.ts +7 -0
  25. package/dist/crypto/canonicalize.d.ts.map +1 -0
  26. package/dist/crypto/canonicalize.js +21 -0
  27. package/dist/crypto/canonicalize.js.map +1 -0
  28. package/dist/crypto/hash.d.ts +1 -1
  29. package/dist/crypto/hash.d.ts.map +1 -1
  30. package/dist/crypto/hash.js +1 -1
  31. package/dist/crypto/hash.js.map +1 -1
  32. package/dist/crypto/index.d.ts +6 -5
  33. package/dist/crypto/index.d.ts.map +1 -1
  34. package/dist/crypto/index.js +6 -5
  35. package/dist/crypto/index.js.map +1 -1
  36. package/dist/crypto/keys.d.ts +10 -0
  37. package/dist/crypto/keys.d.ts.map +1 -0
  38. package/dist/crypto/keys.js +19 -0
  39. package/dist/crypto/keys.js.map +1 -0
  40. package/dist/index.js +1 -1
  41. package/dist/index.js.map +1 -1
  42. package/dist/middleware/governance.d.ts +1 -7
  43. package/dist/middleware/governance.d.ts.map +1 -1
  44. package/dist/middleware/governance.js +11 -18
  45. package/dist/middleware/governance.js.map +1 -1
  46. package/dist/prompts/drift-analysis.d.ts +13 -0
  47. package/dist/prompts/drift-analysis.d.ts.map +1 -0
  48. package/dist/prompts/drift-analysis.js +43 -0
  49. package/dist/prompts/drift-analysis.js.map +1 -0
  50. package/dist/prompts/governance-report.d.ts +7 -0
  51. package/dist/prompts/governance-report.d.ts.map +1 -0
  52. package/dist/prompts/governance-report.js +26 -0
  53. package/dist/prompts/governance-report.js.map +1 -0
  54. package/dist/prompts/nccoe-demo.d.ts +14 -0
  55. package/dist/prompts/nccoe-demo.d.ts.map +1 -0
  56. package/dist/prompts/nccoe-demo.js +47 -0
  57. package/dist/prompts/nccoe-demo.js.map +1 -0
  58. package/dist/resources/cosai-mapping.d.ts +24 -0
  59. package/dist/resources/cosai-mapping.d.ts.map +1 -0
  60. package/dist/resources/cosai-mapping.js +127 -0
  61. package/dist/resources/cosai-mapping.js.map +1 -0
  62. package/dist/resources/crypto-primitives.d.ts +3 -0
  63. package/dist/resources/crypto-primitives.d.ts.map +1 -0
  64. package/dist/resources/crypto-primitives.js +52 -0
  65. package/dist/resources/crypto-primitives.js.map +1 -0
  66. package/dist/resources/sample-bundle.d.ts +6 -0
  67. package/dist/resources/sample-bundle.d.ts.map +1 -0
  68. package/dist/resources/sample-bundle.js +58 -0
  69. package/dist/resources/sample-bundle.js.map +1 -0
  70. package/dist/resources/specification.d.ts +3 -0
  71. package/dist/resources/specification.d.ts.map +1 -0
  72. package/dist/resources/specification.js +161 -0
  73. package/dist/resources/specification.js.map +1 -0
  74. package/dist/server.d.ts +3 -7
  75. package/dist/server.d.ts.map +1 -1
  76. package/dist/server.js +214 -343
  77. package/dist/server.js.map +1 -1
  78. package/dist/storage/sqlite.js +1 -1
  79. package/dist/tools/create-artifact.d.ts +25 -0
  80. package/dist/tools/create-artifact.d.ts.map +1 -0
  81. package/dist/tools/create-artifact.js +85 -0
  82. package/dist/tools/create-artifact.js.map +1 -0
  83. package/dist/tools/delegate-subagent.d.ts +18 -0
  84. package/dist/tools/delegate-subagent.d.ts.map +1 -0
  85. package/dist/tools/delegate-subagent.js +50 -0
  86. package/dist/tools/delegate-subagent.js.map +1 -0
  87. package/dist/tools/disclose-claim.d.ts +14 -0
  88. package/dist/tools/disclose-claim.d.ts.map +1 -0
  89. package/dist/tools/disclose-claim.js +23 -0
  90. package/dist/tools/disclose-claim.js.map +1 -0
  91. package/dist/tools/export-bundle.d.ts +8 -0
  92. package/dist/tools/export-bundle.d.ts.map +1 -0
  93. package/dist/tools/export-bundle.js +25 -0
  94. package/dist/tools/export-bundle.js.map +1 -0
  95. package/dist/tools/full-lifecycle.d.ts +16 -0
  96. package/dist/tools/full-lifecycle.d.ts.map +1 -0
  97. package/dist/tools/full-lifecycle.js +121 -0
  98. package/dist/tools/full-lifecycle.js.map +1 -0
  99. package/dist/tools/generate-receipt.d.ts +16 -0
  100. package/dist/tools/generate-receipt.d.ts.map +1 -0
  101. package/dist/tools/generate-receipt.js +31 -0
  102. package/dist/tools/generate-receipt.js.map +1 -0
  103. package/dist/tools/get-chain.d.ts +14 -0
  104. package/dist/tools/get-chain.d.ts.map +1 -0
  105. package/dist/tools/get-chain.js +45 -0
  106. package/dist/tools/get-chain.js.map +1 -0
  107. package/dist/tools/get-portal-state.d.ts +8 -0
  108. package/dist/tools/get-portal-state.d.ts.map +1 -0
  109. package/dist/tools/get-portal-state.js +15 -0
  110. package/dist/tools/get-portal-state.js.map +1 -0
  111. package/dist/tools/init-chain.d.ts +10 -0
  112. package/dist/tools/init-chain.d.ts.map +1 -0
  113. package/dist/tools/init-chain.js +13 -0
  114. package/dist/tools/init-chain.js.map +1 -0
  115. package/dist/tools/measure-behavior.d.ts +12 -0
  116. package/dist/tools/measure-behavior.d.ts.map +1 -0
  117. package/dist/tools/measure-behavior.js +29 -0
  118. package/dist/tools/measure-behavior.js.map +1 -0
  119. package/dist/tools/measure-subject.d.ts +15 -0
  120. package/dist/tools/measure-subject.d.ts.map +1 -0
  121. package/dist/tools/measure-subject.js +106 -0
  122. package/dist/tools/measure-subject.js.map +1 -0
  123. package/dist/tools/quarantine-status.d.ts +8 -0
  124. package/dist/tools/quarantine-status.d.ts.map +1 -0
  125. package/dist/tools/quarantine-status.js +16 -0
  126. package/dist/tools/quarantine-status.js.map +1 -0
  127. package/dist/tools/revoke-artifact.d.ts +13 -0
  128. package/dist/tools/revoke-artifact.d.ts.map +1 -0
  129. package/dist/tools/revoke-artifact.js +24 -0
  130. package/dist/tools/revoke-artifact.js.map +1 -0
  131. package/dist/tools/rotate-keys.d.ts +13 -0
  132. package/dist/tools/rotate-keys.d.ts.map +1 -0
  133. package/dist/tools/rotate-keys.js +39 -0
  134. package/dist/tools/rotate-keys.js.map +1 -0
  135. package/dist/tools/server-info.d.ts +8 -0
  136. package/dist/tools/server-info.d.ts.map +1 -0
  137. package/dist/tools/server-info.js +23 -0
  138. package/dist/tools/server-info.js.map +1 -0
  139. package/dist/tools/set-verification-tier.d.ts +11 -0
  140. package/dist/tools/set-verification-tier.d.ts.map +1 -0
  141. package/dist/tools/set-verification-tier.js +31 -0
  142. package/dist/tools/set-verification-tier.js.map +1 -0
  143. package/dist/tools/start-monitoring.d.ts +12 -0
  144. package/dist/tools/start-monitoring.d.ts.map +1 -0
  145. package/dist/tools/start-monitoring.js +17 -0
  146. package/dist/tools/start-monitoring.js.map +1 -0
  147. package/dist/tools/trigger-measurement.d.ts +15 -0
  148. package/dist/tools/trigger-measurement.d.ts.map +1 -0
  149. package/dist/tools/trigger-measurement.js +86 -0
  150. package/dist/tools/trigger-measurement.js.map +1 -0
  151. package/dist/tools/verify-artifact.d.ts +13 -0
  152. package/dist/tools/verify-artifact.d.ts.map +1 -0
  153. package/dist/tools/verify-artifact.js +6 -0
  154. package/dist/tools/verify-artifact.js.map +1 -0
  155. package/dist/tools/verify-bundle.d.ts +13 -0
  156. package/dist/tools/verify-bundle.d.ts.map +1 -0
  157. package/dist/tools/verify-bundle.js +6 -0
  158. package/dist/tools/verify-bundle.js.map +1 -0
  159. package/dist/types.d.ts +261 -0
  160. package/dist/types.d.ts.map +1 -0
  161. package/dist/types.js +8 -0
  162. package/dist/types.js.map +1 -0
  163. package/package.json +18 -3
  164. package/AGA_MCP_SERVER_SPEC.md +0 -632
  165. package/src/core/artifact.ts +0 -45
  166. package/src/core/attestation.ts +0 -33
  167. package/src/core/behavioral.ts +0 -132
  168. package/src/core/bundle.ts +0 -31
  169. package/src/core/chain.ts +0 -72
  170. package/src/core/checkpoint.ts +0 -22
  171. package/src/core/delegation.ts +0 -146
  172. package/src/core/disclosure.ts +0 -32
  173. package/src/core/index.ts +0 -11
  174. package/src/core/portal.ts +0 -96
  175. package/src/core/quarantine.ts +0 -16
  176. package/src/core/receipt.ts +0 -33
  177. package/src/core/subject.ts +0 -11
  178. package/src/core/types.ts +0 -244
  179. package/src/crypto/hash.ts +0 -33
  180. package/src/crypto/index.ts +0 -5
  181. package/src/crypto/merkle.ts +0 -43
  182. package/src/crypto/salt.ts +0 -18
  183. package/src/crypto/sign.ts +0 -35
  184. package/src/crypto/types.ts +0 -19
  185. package/src/index.ts +0 -12
  186. package/src/middleware/governance.ts +0 -95
  187. package/src/middleware/index.ts +0 -1
  188. package/src/server.ts +0 -436
  189. package/src/storage/index.ts +0 -3
  190. package/src/storage/interface.ts +0 -21
  191. package/src/storage/memory.ts +0 -27
  192. package/src/storage/sqlite.ts +0 -45
  193. package/src/tools/README.md +0 -13
  194. package/src/utils/canonical.ts +0 -14
  195. package/src/utils/constants.ts +0 -3
  196. package/src/utils/timestamp.ts +0 -12
  197. package/src/utils/uuid.ts +0 -2
@@ -0,0 +1,86 @@
1
+ import { hashArtifact } from '../core/artifact.js';
2
+ import { generateReceipt } from '../core/receipt.js';
3
+ import { initQuarantine } from '../core/quarantine.js';
4
+ export async function handleTriggerMeasurement(args, ctx) {
5
+ if (!ctx.portal.artifact)
6
+ return ctx.error('No artifact loaded.');
7
+ if (ctx.portal.state === 'TERMINATED' || ctx.portal.state === 'SAFE_STATE') {
8
+ return ctx.error(`Portal is ${ctx.portal.state}. Artifact revoked or expired.`);
9
+ }
10
+ let match;
11
+ let action = null;
12
+ let driftDesc = null;
13
+ let currentHash = 'UNAVAILABLE';
14
+ if (args.subject_bytes_hash) {
15
+ // Pre-computed hash mode
16
+ const bMatch = args.subject_bytes_hash === ctx.portal.artifact.subject_identifier.bytes_hash;
17
+ const mMatch = !args.subject_metadata_hash || args.subject_metadata_hash === ctx.portal.artifact.subject_identifier.metadata_hash;
18
+ match = bMatch && mMatch;
19
+ currentHash = args.subject_bytes_hash;
20
+ if (!match && ctx.portal.state === 'ACTIVE_MONITORING') {
21
+ ctx.portal.state = 'DRIFT_DETECTED';
22
+ }
23
+ }
24
+ else if (args.subject_content) {
25
+ const meta = args.subject_metadata ?? {};
26
+ const result = ctx.portal.measure(new TextEncoder().encode(args.subject_content), meta);
27
+ match = result.match;
28
+ currentHash = result.currentBytesHash || 'UNAVAILABLE';
29
+ if (!result.ttl_ok) {
30
+ driftDesc = 'TTL expired';
31
+ action = 'TERMINATE';
32
+ match = false;
33
+ }
34
+ else if (result.revoked) {
35
+ driftDesc = 'Artifact revoked';
36
+ action = 'TERMINATE';
37
+ match = false;
38
+ }
39
+ }
40
+ else {
41
+ return ctx.error('Provide either subject_content or subject_bytes_hash');
42
+ }
43
+ if (!match && !action) {
44
+ driftDesc = 'Subject modified - hash mismatch';
45
+ action = ctx.portal.artifact.enforcement_parameters.enforcement_triggers[0] ?? 'ALERT_ONLY';
46
+ if (ctx.portal.state === 'DRIFT_DETECTED') {
47
+ ctx.portal.enforce(action);
48
+ }
49
+ if (action === 'QUARANTINE')
50
+ ctx.quarantine = initQuarantine();
51
+ }
52
+ ctx.measurementCount++;
53
+ const artRef = hashArtifact(ctx.portal.artifact);
54
+ const mType = args.measurement_type ?? ctx.portal.artifact.enforcement_parameters.measurement_types[0] ?? 'FILE_SYSTEM_STATE';
55
+ const receipt = generateReceipt({
56
+ subjectId: ctx.portal.artifact.subject_identifier,
57
+ artifactRef: artRef,
58
+ currentHash,
59
+ sealedHash: ctx.portal.artifact.subject_identifier.bytes_hash,
60
+ driftDetected: !match,
61
+ driftDescription: driftDesc,
62
+ action,
63
+ measurementType: mType,
64
+ seq: ctx.portal.sequenceCounter + 1,
65
+ prevLeaf: ctx.portal.lastLeafHash,
66
+ portalKP: ctx.portalKP,
67
+ });
68
+ await ctx.storage.storeReceipt(receipt);
69
+ await ctx.appendToChain('INTERACTION_RECEIPT', {
70
+ receipt_id: receipt.receipt_id,
71
+ drift_detected: !match,
72
+ enforcement_action: action,
73
+ measurement_type: mType,
74
+ });
75
+ return ctx.json({
76
+ success: true,
77
+ match,
78
+ drift_detected: !match,
79
+ enforcement_action: action,
80
+ portal_state: ctx.portal.state,
81
+ receipt_id: receipt.receipt_id,
82
+ measurement_type: mType,
83
+ measurement_count: ctx.measurementCount,
84
+ });
85
+ }
86
+ //# sourceMappingURL=trigger-measurement.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"trigger-measurement.js","sourceRoot":"","sources":["../../src/tools/trigger-measurement.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAYvD,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAAC,IAA4B,EAAE,GAAkB;IAC7F,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ;QAAE,OAAO,GAAG,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;IAClE,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,YAAY,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,YAAY,EAAE,CAAC;QAC3E,OAAO,GAAG,CAAC,KAAK,CAAC,aAAa,GAAG,CAAC,MAAM,CAAC,KAAK,gCAAgC,CAAC,CAAC;IAClF,CAAC;IAED,IAAI,KAAc,CAAC;IACnB,IAAI,MAAM,GAA6B,IAAI,CAAC;IAC5C,IAAI,SAAS,GAAkB,IAAI,CAAC;IACpC,IAAI,WAAW,GAAG,aAAa,CAAC;IAEhC,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAC5B,yBAAyB;QACzB,MAAM,MAAM,GAAG,IAAI,CAAC,kBAAkB,KAAK,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,UAAU,CAAC;QAC7F,MAAM,MAAM,GAAG,CAAC,IAAI,CAAC,qBAAqB,IAAI,IAAI,CAAC,qBAAqB,KAAK,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,aAAa,CAAC;QAClI,KAAK,GAAG,MAAM,IAAI,MAAM,CAAC;QACzB,WAAW,GAAG,IAAI,CAAC,kBAAkB,CAAC;QACtC,IAAI,CAAC,KAAK,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,mBAAmB,EAAE,CAAC;YACtD,GAAG,CAAC,MAAc,CAAC,KAAK,GAAG,gBAAgB,CAAC;QAC/C,CAAC;IACH,CAAC;SAAM,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;QAChC,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,IAAI,EAAE,CAAC;QACzC,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,EAAE,IAAI,CAAC,CAAC;QACxF,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;QACrB,WAAW,GAAG,MAAM,CAAC,gBAAgB,IAAI,aAAa,CAAC;QACvD,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YAAC,SAAS,GAAG,aAAa,CAAC;YAAC,MAAM,GAAG,WAAW,CAAC;YAAC,KAAK,GAAG,KAAK,CAAC;QAAC,CAAC;aAClF,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YAAC,SAAS,GAAG,kBAAkB,CAAC;YAAC,MAAM,GAAG,WAAW,CAAC;YAAC,KAAK,GAAG,KAAK,CAAC;QAAC,CAAC;IACnG,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC;IAC3E,CAAC;IAED,IAAI,CAAC,KAAK,IAAI,CAAC,MAAM,EAAE,CAAC;QACtB,SAAS,GAAG,kCAAkC,CAAC;QAC/C,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAAC,oBAAoB,CAAC,CAAC,CAAC,IAAI,YAAY,CAAC;QAC5F,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,gBAAgB,EAAE,CAAC;YAC1C,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC7B,CAAC;QACD,IAAI,MAAM,KAAK,YAAY;YAAE,GAAG,CAAC,UAAU,GAAG,cAAc,EAAE,CAAC;IACjE,CAAC;IAED,GAAG,CAAC,gBAAgB,EAAE,CAAC;IACvB,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACjD,MAAM,KAAK,GAAG,IAAI,CAAC,gBAAgB,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,mBAAmB,CAAC;IAE9H,MAAM,OAAO,GAAG,eAAe,CAAC;QAC9B,SAAS,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB;QACjD,WAAW,EAAE,MAAM;QACnB,WAAW;QACX,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,UAAU;QAC7D,aAAa,EAAE,CAAC,KAAK;QACrB,gBAAgB,EAAE,SAAS;QAC3B,MAAM;QACN,eAAe,EAAE,KAAK;QACtB,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,eAAe,GAAG,CAAC;QACnC,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,YAAY;QACjC,QAAQ,EAAE,GAAG,CAAC,QAAQ;KACvB,CAAC,CAAC;IACH,MAAM,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;IACxC,MAAM,GAAG,CAAC,aAAa,CAAC,qBAAqB,EAAE;QAC7C,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,cAAc,EAAE,CAAC,KAAK;QACtB,kBAAkB,EAAE,MAAM;QAC1B,gBAAgB,EAAE,KAAK;KACxB,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC,IAAI,CAAC;QACd,OAAO,EAAE,IAAI;QACb,KAAK;QACL,cAAc,EAAE,CAAC,KAAK;QACtB,kBAAkB,EAAE,MAAM;QAC1B,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK;QAC9B,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,gBAAgB,EAAE,KAAK;QACvB,iBAAiB,EAAE,GAAG,CAAC,gBAAgB;KACxC,CAAC,CAAC;AACL,CAAC"}
@@ -0,0 +1,13 @@
1
+ import type { ServerContext } from '../context.js';
2
+ import type { PolicyArtifact } from '../core/types.js';
3
+ export interface VerifyArtifactArgs {
4
+ artifact: PolicyArtifact;
5
+ issuer_public_key: string;
6
+ }
7
+ export declare function handleVerifyArtifact(args: VerifyArtifactArgs, ctx: ServerContext): Promise<{
8
+ content: Array<{
9
+ type: "text";
10
+ text: string;
11
+ }>;
12
+ }>;
13
+ //# sourceMappingURL=verify-artifact.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"verify-artifact.d.ts","sourceRoot":"","sources":["../../src/tools/verify-artifact.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAEvD,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,cAAc,CAAC;IACzB,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAED,wBAAsB,oBAAoB,CAAC,IAAI,EAAE,kBAAkB,EAAE,GAAG,EAAE,aAAa;;;;;GAGtF"}
@@ -0,0 +1,6 @@
1
+ import { verifyArtifactSignature } from '../core/artifact.js';
2
+ export async function handleVerifyArtifact(args, ctx) {
3
+ const valid = verifyArtifactSignature(args.artifact, args.issuer_public_key);
4
+ return ctx.json({ success: true, signature_valid: valid });
5
+ }
6
+ //# sourceMappingURL=verify-artifact.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"verify-artifact.js","sourceRoot":"","sources":["../../src/tools/verify-artifact.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AAS9D,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,IAAwB,EAAE,GAAkB;IACrF,MAAM,KAAK,GAAG,uBAAuB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAC7E,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,eAAe,EAAE,KAAK,EAAE,CAAC,CAAC;AAC7D,CAAC"}
@@ -0,0 +1,13 @@
1
+ import type { ServerContext } from '../context.js';
2
+ import type { EvidenceBundle } from '../core/types.js';
3
+ export interface VerifyBundleArgs {
4
+ bundle: EvidenceBundle;
5
+ pinned_public_key: string;
6
+ }
7
+ export declare function handleVerifyBundle(args: VerifyBundleArgs, ctx: ServerContext): Promise<{
8
+ content: Array<{
9
+ type: "text";
10
+ text: string;
11
+ }>;
12
+ }>;
13
+ //# sourceMappingURL=verify-bundle.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"verify-bundle.d.ts","sourceRoot":"","sources":["../../src/tools/verify-bundle.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAEvD,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,cAAc,CAAC;IACvB,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAED,wBAAsB,kBAAkB,CAAC,IAAI,EAAE,gBAAgB,EAAE,GAAG,EAAE,aAAa;;;;;GAGlF"}
@@ -0,0 +1,6 @@
1
+ import { verifyBundleOffline } from '../core/bundle.js';
2
+ export async function handleVerifyBundle(args, ctx) {
3
+ const verification = verifyBundleOffline(args.bundle, args.pinned_public_key);
4
+ return ctx.json({ success: true, verification });
5
+ }
6
+ //# sourceMappingURL=verify-bundle.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"verify-bundle.js","sourceRoot":"","sources":["../../src/tools/verify-bundle.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AASxD,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,IAAsB,EAAE,GAAkB;IACjF,MAAM,YAAY,GAAG,mBAAmB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAC9E,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC;AACnD,CAAC"}
@@ -0,0 +1,261 @@
1
+ /**
2
+ * AGA Protocol V2.0.0 - Unified Type Definitions
3
+ * NIST-2025-0035, NCCoE AI Agent Identity and Authorization
4
+ *
5
+ * All enums/interfaces aligned to directive specification.
6
+ */
7
+ export type PublicKey = Uint8Array;
8
+ export type SecretKey = Uint8Array;
9
+ export interface KeyPair {
10
+ publicKey: PublicKey;
11
+ secretKey: SecretKey;
12
+ }
13
+ export type Signature = Uint8Array;
14
+ export type HashHex = string;
15
+ export type SignatureBase64 = string;
16
+ export type SaltHex = string;
17
+ export interface SaltedCommitment {
18
+ commitment: HashHex;
19
+ salt: SaltHex;
20
+ }
21
+ export interface MerkleInclusionProof {
22
+ leafHash: HashHex;
23
+ leafIndex: number;
24
+ siblings: Array<{
25
+ hash: HashHex;
26
+ position: 'left' | 'right';
27
+ }>;
28
+ root: HashHex;
29
+ }
30
+ export type EventType = 'GENESIS' | 'POLICY_ISSUANCE' | 'INTERACTION_RECEIPT' | 'REVOCATION' | 'ATTESTATION' | 'ANCHOR_BATCH' | 'DISCLOSURE' | 'SUBSTITUTION' | 'KEY_ROTATION' | 'BEHAVIORAL_DRIFT' | 'DELEGATION' | 'RE_ATTESTATION';
31
+ export type EnforcementAction = 'TERMINATE' | 'QUARANTINE' | 'NETWORK_ISOLATE' | 'SAFE_STATE' | 'KEY_REVOKE' | 'TOKEN_INVALIDATE' | 'ACTUATOR_DISCONNECT' | 'ALERT_ONLY';
32
+ export type MeasurementType = 'EXECUTABLE_IMAGE' | 'LOADED_MODULES' | 'CONTAINER_IMAGE' | 'CONFIG_MANIFEST' | 'SBOM' | 'TEE_QUOTE' | 'MEMORY_REGIONS' | 'CONTROL_FLOW' | 'FILE_SYSTEM_STATE' | 'NETWORK_CONFIG';
33
+ export type PortalState = 'INITIALIZATION' | 'ARTIFACT_VERIFICATION' | 'ACTIVE_MONITORING' | 'DRIFT_DETECTED' | 'PHANTOM_QUARANTINE' | 'SAFE_STATE' | 'TERMINATED';
34
+ export type VerificationTier = 'BRONZE' | 'SILVER' | 'GOLD';
35
+ export type DisclosureMode = 'PROOF_ONLY' | 'REVEAL_MIN' | 'REVEAL_FULL';
36
+ export type Sensitivity = 'S1_LOW' | 'S2_MODERATE' | 'S3_HIGH' | 'S4_CRITICAL';
37
+ export interface SubjectIdentifier {
38
+ bytes_hash: HashHex;
39
+ metadata_hash: HashHex;
40
+ }
41
+ export interface SubjectMetadata {
42
+ filename?: string;
43
+ creation_timestamp?: string;
44
+ author?: string;
45
+ version?: string;
46
+ content_type?: string;
47
+ [key: string]: unknown;
48
+ }
49
+ export interface EnforcementParams {
50
+ measurement_cadence_ms: number;
51
+ ttl_seconds: number;
52
+ enforcement_triggers: EnforcementAction[];
53
+ re_attestation_required: boolean;
54
+ measurement_types: MeasurementType[];
55
+ }
56
+ export interface ClaimRecord {
57
+ claim_id: string;
58
+ sensitivity: Sensitivity;
59
+ substitutes: string[];
60
+ inference_risks: string[];
61
+ permitted_modes: DisclosureMode[];
62
+ }
63
+ export interface ClaimsTaxonomy {
64
+ claims: ClaimRecord[];
65
+ version: string;
66
+ }
67
+ export interface SubstitutionRule {
68
+ original_claim_id: string;
69
+ substitute_claim_id: string;
70
+ conditions: Record<string, unknown>;
71
+ }
72
+ export interface DisclosurePolicy {
73
+ claims_taxonomy: ClaimRecord[];
74
+ substitution_rules: SubstitutionRule[];
75
+ }
76
+ export interface DisclosureRequest {
77
+ requested_claim_id: string;
78
+ requester_id: string;
79
+ mode: DisclosureMode;
80
+ timestamp: string;
81
+ }
82
+ export interface SubstitutionReceipt {
83
+ receipt_id: string;
84
+ original_claim_id: string;
85
+ substitute_claim_id: string | null;
86
+ policy_version: number;
87
+ reason_code: string;
88
+ timestamp: string;
89
+ chain_sequence_ref: number;
90
+ signature: SignatureBase64;
91
+ }
92
+ export interface EvidenceCommitmentRecord {
93
+ commitment: HashHex;
94
+ salt: SaltHex;
95
+ label: string;
96
+ }
97
+ export interface EvidenceBundle {
98
+ artifact: PolicyArtifact;
99
+ receipts: SignedReceipt[];
100
+ merkle_proofs: MerkleInclusionProof[];
101
+ checkpoint_reference: CheckpointReference;
102
+ public_key: string;
103
+ bundle_signature: SignatureBase64;
104
+ }
105
+ export interface PolicyArtifact {
106
+ schema_version: string;
107
+ protocol_version: string;
108
+ subject_identifier: SubjectIdentifier;
109
+ policy_reference: HashHex;
110
+ policy_version: number;
111
+ sealed_hash: HashHex;
112
+ seal_salt: SaltHex;
113
+ issued_timestamp: string;
114
+ effective_timestamp: string;
115
+ expiration_timestamp: string | null;
116
+ issuer_identifier: string;
117
+ enforcement_parameters: EnforcementParams;
118
+ disclosure_policy: DisclosurePolicy;
119
+ evidence_commitments: EvidenceCommitmentRecord[];
120
+ signature: SignatureBase64;
121
+ }
122
+ export interface SignedReceipt {
123
+ receipt_id: string;
124
+ subject_identifier: SubjectIdentifier;
125
+ artifact_reference: HashHex;
126
+ current_hash: string;
127
+ sealed_hash: string;
128
+ drift_detected: boolean;
129
+ drift_description: string | null;
130
+ enforcement_action: EnforcementAction | null;
131
+ measurement_type: string;
132
+ timestamp: string;
133
+ sequence_number: number;
134
+ previous_leaf_hash: HashHex | null;
135
+ portal_signature: SignatureBase64;
136
+ }
137
+ export interface GenesisPayload {
138
+ protocol_version: string;
139
+ taxonomy_version: string;
140
+ root_fingerprint: string;
141
+ specification_hash: HashHex;
142
+ marker: 'GENESIS';
143
+ }
144
+ export interface StructuralMetadata {
145
+ schema_version: string;
146
+ protocol_version: string;
147
+ event_type: EventType;
148
+ event_id: string;
149
+ sequence_number: number;
150
+ timestamp: string;
151
+ previous_leaf_hash: HashHex | null;
152
+ }
153
+ export interface ContinuityEvent {
154
+ schema_version: string;
155
+ protocol_version: string;
156
+ event_type: EventType;
157
+ event_id: string;
158
+ sequence_number: number;
159
+ timestamp: string;
160
+ previous_leaf_hash: HashHex | null;
161
+ leaf_hash: HashHex;
162
+ payload: unknown;
163
+ payload_hash: HashHex;
164
+ event_signature: SignatureBase64;
165
+ }
166
+ export interface CheckpointReference {
167
+ merkle_root: HashHex;
168
+ batch_start_sequence: number;
169
+ batch_end_sequence: number;
170
+ anchor_network: string;
171
+ transaction_id: string;
172
+ timestamp: string;
173
+ }
174
+ export interface AnchorBatchPayload {
175
+ checkpoint_reference: CheckpointReference;
176
+ leaf_count: number;
177
+ }
178
+ export interface QuarantineState {
179
+ active: boolean;
180
+ started_at: string | null;
181
+ inputs_captured: number;
182
+ outputs_severed: boolean;
183
+ forensic_buffer: Array<{
184
+ timestamp: string;
185
+ type: string;
186
+ data: unknown;
187
+ }>;
188
+ }
189
+ export interface RevocationRecord {
190
+ artifact_sealed_hash: HashHex;
191
+ reason: string;
192
+ revoked_by: string;
193
+ timestamp: string;
194
+ }
195
+ export interface BehavioralBaseline {
196
+ permitted_tools: string[];
197
+ rate_limits: Record<string, number>;
198
+ forbidden_sequences: string[][];
199
+ window_ms: number;
200
+ }
201
+ export interface ToolInvocation {
202
+ tool_name: string;
203
+ timestamp: string;
204
+ args_hash: HashHex;
205
+ }
206
+ export type BehavioralViolation = {
207
+ type: 'UNAUTHORIZED_TOOL';
208
+ tool: string;
209
+ } | {
210
+ type: 'RATE_EXCEEDED';
211
+ tool: string;
212
+ count: number;
213
+ limit: number;
214
+ } | {
215
+ type: 'FORBIDDEN_SEQUENCE';
216
+ sequence: string[];
217
+ };
218
+ export interface BehavioralMeasurement {
219
+ window_start: string;
220
+ window_end: string;
221
+ invocations: ToolInvocation[];
222
+ violations: BehavioralViolation[];
223
+ behavioral_hash: HashHex;
224
+ drift_detected: boolean;
225
+ }
226
+ export interface BehavioralMonitor {
227
+ setBaseline(baseline: BehavioralBaseline): void;
228
+ recordInvocation(toolName: string, argsHash: HashHex): void;
229
+ measure(): BehavioralMeasurement;
230
+ reset(): void;
231
+ }
232
+ export interface DelegationRecord {
233
+ parent_artifact_hash: HashHex;
234
+ child_artifact_hash: HashHex;
235
+ effective_ttl_seconds: number;
236
+ scope_reduction: {
237
+ triggers_removed: string[];
238
+ measurement_types_removed: string[];
239
+ };
240
+ purpose: string;
241
+ timestamp: string;
242
+ }
243
+ export interface DelegationRequest {
244
+ enforcement_triggers: EnforcementAction[];
245
+ measurement_types: MeasurementType[];
246
+ requested_ttl_seconds: number;
247
+ delegation_purpose: string;
248
+ }
249
+ export interface DelegationResult {
250
+ success: boolean;
251
+ child_artifact?: PolicyArtifact;
252
+ child_artifact_hash?: string;
253
+ parent_artifact_hash: string;
254
+ effective_ttl_seconds?: number;
255
+ scope_reduction?: {
256
+ triggers_removed: string[];
257
+ measurement_types_removed: string[];
258
+ };
259
+ error?: string;
260
+ }
261
+ //# sourceMappingURL=types.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,MAAM,MAAM,SAAS,GAAG,UAAU,CAAC;AACnC,MAAM,MAAM,SAAS,GAAG,UAAU,CAAC;AACnC,MAAM,WAAW,OAAO;IAAG,SAAS,EAAE,SAAS,CAAC;IAAC,SAAS,EAAE,SAAS,CAAC;CAAE;AACxE,MAAM,MAAM,SAAS,GAAG,UAAU,CAAC;AACnC,MAAM,MAAM,OAAO,GAAG,MAAM,CAAC;AAC7B,MAAM,MAAM,eAAe,GAAG,MAAM,CAAC;AACrC,MAAM,MAAM,OAAO,GAAG,MAAM,CAAC;AAE7B,MAAM,WAAW,gBAAgB;IAC/B,UAAU,EAAE,OAAO,CAAC;IACpB,IAAI,EAAE,OAAO,CAAC;CACf;AAED,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,OAAO,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,OAAO,CAAC;QAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAA;KAAE,CAAC,CAAC;IAC/D,IAAI,EAAE,OAAO,CAAC;CACf;AAID,MAAM,MAAM,SAAS,GACjB,SAAS,GACT,iBAAiB,GACjB,qBAAqB,GACrB,YAAY,GACZ,aAAa,GACb,cAAc,GACd,YAAY,GACZ,cAAc,GACd,cAAc,GACd,kBAAkB,GAClB,YAAY,GACZ,gBAAgB,CAAC;AAIrB,MAAM,MAAM,iBAAiB,GACzB,WAAW,GACX,YAAY,GACZ,iBAAiB,GACjB,YAAY,GACZ,YAAY,GACZ,kBAAkB,GAClB,qBAAqB,GACrB,YAAY,CAAC;AAIjB,MAAM,MAAM,eAAe,GACvB,kBAAkB,GAClB,gBAAgB,GAChB,iBAAiB,GACjB,iBAAiB,GACjB,MAAM,GACN,WAAW,GACX,gBAAgB,GAChB,cAAc,GACd,mBAAmB,GACnB,gBAAgB,CAAC;AAIrB,MAAM,MAAM,WAAW,GACnB,gBAAgB,GAChB,uBAAuB,GACvB,mBAAmB,GACnB,gBAAgB,GAChB,oBAAoB,GACpB,YAAY,GACZ,YAAY,CAAC;AAIjB,MAAM,MAAM,gBAAgB,GAAG,QAAQ,GAAG,QAAQ,GAAG,MAAM,CAAC;AAI5D,MAAM,MAAM,cAAc,GAAG,YAAY,GAAG,YAAY,GAAG,aAAa,CAAC;AAIzE,MAAM,MAAM,WAAW,GAAG,QAAQ,GAAG,aAAa,GAAG,SAAS,GAAG,aAAa,CAAC;AAI/E,MAAM,WAAW,iBAAiB;IAChC,UAAU,EAAE,OAAO,CAAC;IACpB,aAAa,EAAE,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAID,MAAM,WAAW,iBAAiB;IAChC,sBAAsB,EAAE,MAAM,CAAC;IAC/B,WAAW,EAAE,MAAM,CAAC;IACpB,oBAAoB,EAAE,iBAAiB,EAAE,CAAC;IAC1C,uBAAuB,EAAE,OAAO,CAAC;IACjC,iBAAiB,EAAE,eAAe,EAAE,CAAC;CACtC;AAID,MAAM,WAAW,WAAW;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,WAAW,CAAC;IACzB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,eAAe,EAAE,cAAc,EAAE,CAAC;CACnC;AAED,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,WAAW,EAAE,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,gBAAgB;IAC/B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC;AAED,MAAM,WAAW,gBAAgB;IAC/B,eAAe,EAAE,WAAW,EAAE,CAAC;IAC/B,kBAAkB,EAAE,gBAAgB,EAAE,CAAC;CACxC;AAED,MAAM,WAAW,iBAAiB;IAChC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,YAAY,EAAE,MAAM,CAAC;IACrB,IAAI,EAAE,cAAc,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,mBAAmB;IAClC,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,mBAAmB,EAAE,MAAM,GAAG,IAAI,CAAC;IACnC,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,SAAS,EAAE,eAAe,CAAC;CAC5B;AAID,MAAM,WAAW,wBAAwB;IACvC,UAAU,EAAE,OAAO,CAAC;IACpB,IAAI,EAAE,OAAO,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,cAAc,CAAC;IACzB,QAAQ,EAAE,aAAa,EAAE,CAAC;IAC1B,aAAa,EAAE,oBAAoB,EAAE,CAAC;IACtC,oBAAoB,EAAE,mBAAmB,CAAC;IAC1C,UAAU,EAAE,MAAM,CAAC;IACnB,gBAAgB,EAAE,eAAe,CAAC;CACnC;AAID,MAAM,WAAW,cAAc;IAC7B,cAAc,EAAE,MAAM,CAAC;IACvB,gBAAgB,EAAE,MAAM,CAAC;IACzB,kBAAkB,EAAE,iBAAiB,CAAC;IACtC,gBAAgB,EAAE,OAAO,CAAC;IAC1B,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,OAAO,CAAC;IACrB,SAAS,EAAE,OAAO,CAAC;IACnB,gBAAgB,EAAE,MAAM,CAAC;IACzB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,oBAAoB,EAAE,MAAM,GAAG,IAAI,CAAC;IACpC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,sBAAsB,EAAE,iBAAiB,CAAC;IAC1C,iBAAiB,EAAE,gBAAgB,CAAC;IACpC,oBAAoB,EAAE,wBAAwB,EAAE,CAAC;IACjD,SAAS,EAAE,eAAe,CAAC;CAC5B;AAID,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,MAAM,CAAC;IACnB,kBAAkB,EAAE,iBAAiB,CAAC;IACtC,kBAAkB,EAAE,OAAO,CAAC;IAC5B,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,OAAO,CAAC;IACxB,iBAAiB,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,kBAAkB,EAAE,iBAAiB,GAAG,IAAI,CAAC;IAC7C,gBAAgB,EAAE,MAAM,CAAC;IACzB,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,EAAE,MAAM,CAAC;IACxB,kBAAkB,EAAE,OAAO,GAAG,IAAI,CAAC;IACnC,gBAAgB,EAAE,eAAe,CAAC;CACnC;AAID,MAAM,WAAW,cAAc;IAC7B,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,EAAE,MAAM,CAAC;IACzB,kBAAkB,EAAE,OAAO,CAAC;IAC5B,MAAM,EAAE,SAAS,CAAC;CACnB;AAED,MAAM,WAAW,kBAAkB;IACjC,cAAc,EAAE,MAAM,CAAC;IACvB,gBAAgB,EAAE,MAAM,CAAC;IACzB,UAAU,EAAE,SAAS,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,MAAM,CAAC;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,kBAAkB,EAAE,OAAO,GAAG,IAAI,CAAC;CACpC;AAED,MAAM,WAAW,eAAe;IAC9B,cAAc,EAAE,MAAM,CAAC;IACvB,gBAAgB,EAAE,MAAM,CAAC;IACzB,UAAU,EAAE,SAAS,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,MAAM,CAAC;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,kBAAkB,EAAE,OAAO,GAAG,IAAI,CAAC;IACnC,SAAS,EAAE,OAAO,CAAC;IACnB,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,EAAE,OAAO,CAAC;IACtB,eAAe,EAAE,eAAe,CAAC;CAClC;AAID,MAAM,WAAW,mBAAmB;IAClC,WAAW,EAAE,OAAO,CAAC;IACrB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,cAAc,EAAE,MAAM,CAAC;IACvB,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,kBAAkB;IACjC,oBAAoB,EAAE,mBAAmB,CAAC;IAC1C,UAAU,EAAE,MAAM,CAAC;CACpB;AAID,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,OAAO,CAAC;IAChB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,eAAe,EAAE,MAAM,CAAC;IACxB,eAAe,EAAE,OAAO,CAAC;IACzB,eAAe,EAAE,KAAK,CAAC;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,OAAO,CAAA;KAAE,CAAC,CAAC;CAC5E;AAID,MAAM,WAAW,gBAAgB;IAC/B,oBAAoB,EAAE,OAAO,CAAC;IAC9B,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;CACnB;AAID,MAAM,WAAW,kBAAkB;IACjC,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACpC,mBAAmB,EAAE,MAAM,EAAE,EAAE,CAAC;IAChC,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,MAAM,mBAAmB,GAC3B;IAAE,IAAI,EAAE,mBAAmB,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,GAC3C;IAAE,IAAI,EAAE,eAAe,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,GACrE;IAAE,IAAI,EAAE,oBAAoB,CAAC;IAAC,QAAQ,EAAE,MAAM,EAAE,CAAA;CAAE,CAAC;AAEvD,MAAM,WAAW,qBAAqB;IACpC,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,cAAc,EAAE,CAAC;IAC9B,UAAU,EAAE,mBAAmB,EAAE,CAAC;IAClC,eAAe,EAAE,OAAO,CAAC;IACzB,cAAc,EAAE,OAAO,CAAC;CACzB;AAED,MAAM,WAAW,iBAAiB;IAChC,WAAW,CAAC,QAAQ,EAAE,kBAAkB,GAAG,IAAI,CAAC;IAChD,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,GAAG,IAAI,CAAC;IAC5D,OAAO,IAAI,qBAAqB,CAAC;IACjC,KAAK,IAAI,IAAI,CAAC;CACf;AAID,MAAM,WAAW,gBAAgB;IAC/B,oBAAoB,EAAE,OAAO,CAAC;IAC9B,mBAAmB,EAAE,OAAO,CAAC;IAC7B,qBAAqB,EAAE,MAAM,CAAC;IAC9B,eAAe,EAAE;QACf,gBAAgB,EAAE,MAAM,EAAE,CAAC;QAC3B,yBAAyB,EAAE,MAAM,EAAE,CAAC;KACrC,CAAC;IACF,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,iBAAiB;IAChC,oBAAoB,EAAE,iBAAiB,EAAE,CAAC;IAC1C,iBAAiB,EAAE,eAAe,EAAE,CAAC;IACrC,qBAAqB,EAAE,MAAM,CAAC;IAC9B,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,OAAO,CAAC;IACjB,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,eAAe,CAAC,EAAE;QAChB,gBAAgB,EAAE,MAAM,EAAE,CAAC;QAC3B,yBAAyB,EAAE,MAAM,EAAE,CAAC;KACrC,CAAC;IACF,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB"}
package/dist/types.js ADDED
@@ -0,0 +1,8 @@
1
+ /**
2
+ * AGA Protocol V2.0.0 - Unified Type Definitions
3
+ * NIST-2025-0035, NCCoE AI Agent Identity and Authorization
4
+ *
5
+ * All enums/interfaces aligned to directive specification.
6
+ */
7
+ export {};
8
+ //# sourceMappingURL=types.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG"}
package/package.json CHANGED
@@ -1,12 +1,17 @@
1
1
  {
2
2
  "name": "@attested-intelligence/aga-mcp-server",
3
- "version": "0.1.1",
4
- "description": "MCP server implementing the Attested Governance Artifact protocol cryptographic compliance for autonomous systems",
3
+ "version": "2.0.1",
4
+ "description": "MCP server implementing the Attested Governance Artifact (AGA) protocol - cryptographic compliance enforcement for autonomous AI systems. 20 tools, 3 resources, 3 prompts.",
5
5
  "author": "Attested Intelligence Holdings LLC",
6
6
  "license": "MIT",
7
7
  "type": "module",
8
8
  "main": "dist/index.js",
9
9
  "types": "dist/index.d.ts",
10
+ "files": [
11
+ "dist/",
12
+ "README.md",
13
+ "LICENSE"
14
+ ],
10
15
  "bin": {
11
16
  "aga-mcp-server": "dist/index.js"
12
17
  },
@@ -18,6 +23,7 @@
18
23
  "test:watch": "vitest",
19
24
  "test:crypto": "vitest run tests/crypto/",
20
25
  "test:core": "vitest run tests/core/",
26
+ "test:tools": "vitest run tests/tools/",
21
27
  "test:integration": "vitest run tests/integration/",
22
28
  "demo": "tsx scripts/demo.ts",
23
29
  "benchmark": "tsx scripts/benchmark.ts",
@@ -47,10 +53,19 @@
47
53
  },
48
54
  "keywords": [
49
55
  "mcp",
56
+ "mcp-server",
50
57
  "attestation",
51
58
  "governance",
52
59
  "ai-governance",
60
+ "ai-safety",
53
61
  "runtime-integrity",
54
- "continuity-chain"
62
+ "continuity-chain",
63
+ "zero-trust",
64
+ "nist",
65
+ "nccoe",
66
+ "spiffe",
67
+ "ed25519",
68
+ "evidence-bundle",
69
+ "policy-enforcement"
55
70
  ]
56
71
  }