@attested-intelligence/aga-mcp-server 2.0.1 → 2.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +197 -124
- package/SECURITY.md +59 -0
- package/dist/adapters/openclaw.d.ts +43 -0
- package/dist/adapters/openclaw.d.ts.map +1 -0
- package/dist/adapters/openclaw.js +86 -0
- package/dist/adapters/openclaw.js.map +1 -0
- package/dist/core/bundle.d.ts +9 -2
- package/dist/core/bundle.d.ts.map +1 -1
- package/dist/core/bundle.js +16 -2
- package/dist/core/bundle.js.map +1 -1
- package/dist/core/identity.d.ts +19 -10
- package/dist/core/identity.d.ts.map +1 -1
- package/dist/core/identity.js +45 -11
- package/dist/core/identity.js.map +1 -1
- package/dist/core/portal.d.ts +10 -1
- package/dist/core/portal.d.ts.map +1 -1
- package/dist/core/portal.js +16 -12
- package/dist/core/portal.js.map +1 -1
- package/dist/core/types.d.ts +29 -2
- package/dist/core/types.d.ts.map +1 -1
- package/dist/crypto/index.d.ts +5 -6
- package/dist/crypto/index.d.ts.map +1 -1
- package/dist/crypto/index.js +5 -6
- package/dist/crypto/index.js.map +1 -1
- package/dist/crypto/sign.d.ts +2 -0
- package/dist/crypto/sign.d.ts.map +1 -1
- package/dist/crypto/sign.js +6 -0
- package/dist/crypto/sign.js.map +1 -1
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/dist/middleware/governance.d.ts +7 -1
- package/dist/middleware/governance.d.ts.map +1 -1
- package/dist/middleware/governance.js +18 -11
- package/dist/middleware/governance.js.map +1 -1
- package/dist/proxy/evaluator.d.ts +14 -0
- package/dist/proxy/evaluator.d.ts.map +1 -0
- package/dist/proxy/evaluator.js +141 -0
- package/dist/proxy/evaluator.js.map +1 -0
- package/dist/proxy/index.d.ts +22 -0
- package/dist/proxy/index.d.ts.map +1 -0
- package/dist/proxy/index.js +230 -0
- package/dist/proxy/index.js.map +1 -0
- package/dist/proxy/profiles.d.ts +16 -0
- package/dist/proxy/profiles.d.ts.map +1 -0
- package/dist/proxy/profiles.js +43 -0
- package/dist/proxy/profiles.js.map +1 -0
- package/dist/proxy/server.d.ts +106 -0
- package/dist/proxy/server.d.ts.map +1 -0
- package/dist/proxy/server.js +389 -0
- package/dist/proxy/server.js.map +1 -0
- package/dist/proxy/stdio-bridge.d.ts +42 -0
- package/dist/proxy/stdio-bridge.d.ts.map +1 -0
- package/dist/proxy/stdio-bridge.js +142 -0
- package/dist/proxy/stdio-bridge.js.map +1 -0
- package/dist/proxy/types.d.ts +36 -0
- package/dist/proxy/types.d.ts.map +1 -0
- package/dist/proxy/types.js +11 -0
- package/dist/proxy/types.js.map +1 -0
- package/dist/proxy/verify.d.ts +29 -0
- package/dist/proxy/verify.d.ts.map +1 -0
- package/dist/proxy/verify.js +183 -0
- package/dist/proxy/verify.js.map +1 -0
- package/dist/server.d.ts +7 -3
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +342 -214
- package/dist/server.js.map +1 -1
- package/dist/storage/sqlite.js +6 -6
- package/independent-verifier/README.md +31 -0
- package/independent-verifier/package.json +18 -0
- package/independent-verifier/verify.ts +211 -0
- package/package.json +97 -71
- package/src/adapters/openclaw.ts +125 -0
- package/src/core/artifact.ts +45 -0
- package/src/core/attestation.ts +33 -0
- package/src/core/behavioral.ts +132 -0
- package/src/core/bundle.ts +45 -0
- package/src/core/chain.ts +72 -0
- package/src/core/checkpoint.ts +22 -0
- package/src/core/delegation.ts +146 -0
- package/src/core/disclosure.ts +32 -0
- package/src/core/identity.ts +62 -0
- package/src/core/index.ts +14 -0
- package/src/core/portal.ts +117 -0
- package/src/core/quarantine.ts +16 -0
- package/src/core/receipt.ts +33 -0
- package/src/core/subject.ts +11 -0
- package/src/core/types.ts +285 -0
- package/src/crypto/hash.ts +33 -0
- package/src/crypto/index.ts +5 -0
- package/src/crypto/merkle.ts +43 -0
- package/src/crypto/salt.ts +18 -0
- package/src/crypto/sign.ts +42 -0
- package/src/crypto/types.ts +19 -0
- package/src/index.ts +12 -0
- package/src/middleware/governance.ts +95 -0
- package/src/middleware/index.ts +1 -0
- package/src/proxy/evaluator.ts +176 -0
- package/src/proxy/index.ts +259 -0
- package/src/proxy/profiles.ts +48 -0
- package/src/proxy/server.ts +499 -0
- package/src/proxy/stdio-bridge.ts +171 -0
- package/src/proxy/types.ts +40 -0
- package/src/proxy/verify.ts +202 -0
- package/src/server.ts +435 -0
- package/src/storage/index.ts +3 -0
- package/src/storage/interface.ts +21 -0
- package/src/storage/memory.ts +27 -0
- package/src/storage/sqlite.ts +45 -0
- package/src/tools/README.md +13 -0
- package/src/utils/canonical.ts +14 -0
- package/src/utils/constants.ts +3 -0
- package/src/utils/timestamp.ts +12 -0
- package/src/utils/uuid.ts +2 -0
- package/dist/context.d.ts +0 -39
- package/dist/context.d.ts.map +0 -1
- package/dist/context.js +0 -113
- package/dist/context.js.map +0 -1
- package/dist/core/measurement.d.ts +0 -16
- package/dist/core/measurement.d.ts.map +0 -1
- package/dist/core/measurement.js +0 -18
- package/dist/core/measurement.js.map +0 -1
- package/dist/crypto/canonicalize.d.ts +0 -7
- package/dist/crypto/canonicalize.d.ts.map +0 -1
- package/dist/crypto/canonicalize.js +0 -21
- package/dist/crypto/canonicalize.js.map +0 -1
- package/dist/crypto/keys.d.ts +0 -10
- package/dist/crypto/keys.d.ts.map +0 -1
- package/dist/crypto/keys.js +0 -19
- package/dist/crypto/keys.js.map +0 -1
- package/dist/prompts/drift-analysis.d.ts +0 -13
- package/dist/prompts/drift-analysis.d.ts.map +0 -1
- package/dist/prompts/drift-analysis.js +0 -43
- package/dist/prompts/drift-analysis.js.map +0 -1
- package/dist/prompts/governance-report.d.ts +0 -7
- package/dist/prompts/governance-report.d.ts.map +0 -1
- package/dist/prompts/governance-report.js +0 -26
- package/dist/prompts/governance-report.js.map +0 -1
- package/dist/prompts/nccoe-demo.d.ts +0 -14
- package/dist/prompts/nccoe-demo.d.ts.map +0 -1
- package/dist/prompts/nccoe-demo.js +0 -47
- package/dist/prompts/nccoe-demo.js.map +0 -1
- package/dist/resources/cosai-mapping.d.ts +0 -24
- package/dist/resources/cosai-mapping.d.ts.map +0 -1
- package/dist/resources/cosai-mapping.js +0 -127
- package/dist/resources/cosai-mapping.js.map +0 -1
- package/dist/resources/crypto-primitives.d.ts +0 -3
- package/dist/resources/crypto-primitives.d.ts.map +0 -1
- package/dist/resources/crypto-primitives.js +0 -52
- package/dist/resources/crypto-primitives.js.map +0 -1
- package/dist/resources/sample-bundle.d.ts +0 -6
- package/dist/resources/sample-bundle.d.ts.map +0 -1
- package/dist/resources/sample-bundle.js +0 -58
- package/dist/resources/sample-bundle.js.map +0 -1
- package/dist/resources/specification.d.ts +0 -3
- package/dist/resources/specification.d.ts.map +0 -1
- package/dist/resources/specification.js +0 -161
- package/dist/resources/specification.js.map +0 -1
- package/dist/tools/create-artifact.d.ts +0 -25
- package/dist/tools/create-artifact.d.ts.map +0 -1
- package/dist/tools/create-artifact.js +0 -85
- package/dist/tools/create-artifact.js.map +0 -1
- package/dist/tools/delegate-subagent.d.ts +0 -18
- package/dist/tools/delegate-subagent.d.ts.map +0 -1
- package/dist/tools/delegate-subagent.js +0 -50
- package/dist/tools/delegate-subagent.js.map +0 -1
- package/dist/tools/disclose-claim.d.ts +0 -14
- package/dist/tools/disclose-claim.d.ts.map +0 -1
- package/dist/tools/disclose-claim.js +0 -23
- package/dist/tools/disclose-claim.js.map +0 -1
- package/dist/tools/export-bundle.d.ts +0 -8
- package/dist/tools/export-bundle.d.ts.map +0 -1
- package/dist/tools/export-bundle.js +0 -25
- package/dist/tools/export-bundle.js.map +0 -1
- package/dist/tools/full-lifecycle.d.ts +0 -16
- package/dist/tools/full-lifecycle.d.ts.map +0 -1
- package/dist/tools/full-lifecycle.js +0 -121
- package/dist/tools/full-lifecycle.js.map +0 -1
- package/dist/tools/generate-receipt.d.ts +0 -16
- package/dist/tools/generate-receipt.d.ts.map +0 -1
- package/dist/tools/generate-receipt.js +0 -31
- package/dist/tools/generate-receipt.js.map +0 -1
- package/dist/tools/get-chain.d.ts +0 -14
- package/dist/tools/get-chain.d.ts.map +0 -1
- package/dist/tools/get-chain.js +0 -45
- package/dist/tools/get-chain.js.map +0 -1
- package/dist/tools/get-portal-state.d.ts +0 -8
- package/dist/tools/get-portal-state.d.ts.map +0 -1
- package/dist/tools/get-portal-state.js +0 -15
- package/dist/tools/get-portal-state.js.map +0 -1
- package/dist/tools/init-chain.d.ts +0 -10
- package/dist/tools/init-chain.d.ts.map +0 -1
- package/dist/tools/init-chain.js +0 -13
- package/dist/tools/init-chain.js.map +0 -1
- package/dist/tools/measure-behavior.d.ts +0 -12
- package/dist/tools/measure-behavior.d.ts.map +0 -1
- package/dist/tools/measure-behavior.js +0 -29
- package/dist/tools/measure-behavior.js.map +0 -1
- package/dist/tools/measure-subject.d.ts +0 -15
- package/dist/tools/measure-subject.d.ts.map +0 -1
- package/dist/tools/measure-subject.js +0 -106
- package/dist/tools/measure-subject.js.map +0 -1
- package/dist/tools/quarantine-status.d.ts +0 -8
- package/dist/tools/quarantine-status.d.ts.map +0 -1
- package/dist/tools/quarantine-status.js +0 -16
- package/dist/tools/quarantine-status.js.map +0 -1
- package/dist/tools/revoke-artifact.d.ts +0 -13
- package/dist/tools/revoke-artifact.d.ts.map +0 -1
- package/dist/tools/revoke-artifact.js +0 -24
- package/dist/tools/revoke-artifact.js.map +0 -1
- package/dist/tools/rotate-keys.d.ts +0 -13
- package/dist/tools/rotate-keys.d.ts.map +0 -1
- package/dist/tools/rotate-keys.js +0 -39
- package/dist/tools/rotate-keys.js.map +0 -1
- package/dist/tools/server-info.d.ts +0 -8
- package/dist/tools/server-info.d.ts.map +0 -1
- package/dist/tools/server-info.js +0 -23
- package/dist/tools/server-info.js.map +0 -1
- package/dist/tools/set-verification-tier.d.ts +0 -11
- package/dist/tools/set-verification-tier.d.ts.map +0 -1
- package/dist/tools/set-verification-tier.js +0 -31
- package/dist/tools/set-verification-tier.js.map +0 -1
- package/dist/tools/start-monitoring.d.ts +0 -12
- package/dist/tools/start-monitoring.d.ts.map +0 -1
- package/dist/tools/start-monitoring.js +0 -17
- package/dist/tools/start-monitoring.js.map +0 -1
- package/dist/tools/trigger-measurement.d.ts +0 -15
- package/dist/tools/trigger-measurement.d.ts.map +0 -1
- package/dist/tools/trigger-measurement.js +0 -86
- package/dist/tools/trigger-measurement.js.map +0 -1
- package/dist/tools/verify-artifact.d.ts +0 -13
- package/dist/tools/verify-artifact.d.ts.map +0 -1
- package/dist/tools/verify-artifact.js +0 -6
- package/dist/tools/verify-artifact.js.map +0 -1
- package/dist/tools/verify-bundle.d.ts +0 -13
- package/dist/tools/verify-bundle.d.ts.map +0 -1
- package/dist/tools/verify-bundle.js +0 -6
- package/dist/tools/verify-bundle.js.map +0 -1
- package/dist/types.d.ts +0 -261
- package/dist/types.d.ts.map +0 -1
- package/dist/types.js +0 -8
- package/dist/types.js.map +0 -1
|
@@ -0,0 +1,141 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* AGA Governance Proxy - Tool Policy Evaluator
|
|
3
|
+
* Ported from aga-mcp-gateway/src/governance/policy.ts with rate limiting.
|
|
4
|
+
*
|
|
5
|
+
* Patent: USPTO App. No. 19/433,835
|
|
6
|
+
* Copyright (c) 2026 Attested Intelligence Holdings LLC
|
|
7
|
+
* SPDX-License-Identifier: MIT
|
|
8
|
+
*/
|
|
9
|
+
const rateLimits = new Map();
|
|
10
|
+
function checkRateLimit(toolName, maxPerMinute) {
|
|
11
|
+
const now = Date.now();
|
|
12
|
+
const cutoff = now - 60_000;
|
|
13
|
+
let window = rateLimits.get(toolName);
|
|
14
|
+
if (!window) {
|
|
15
|
+
window = { timestamps: [] };
|
|
16
|
+
rateLimits.set(toolName, window);
|
|
17
|
+
}
|
|
18
|
+
// Prune expired entries
|
|
19
|
+
window.timestamps = window.timestamps.filter(t => t > cutoff);
|
|
20
|
+
if (window.timestamps.length >= maxPerMinute)
|
|
21
|
+
return false;
|
|
22
|
+
window.timestamps.push(now);
|
|
23
|
+
return true;
|
|
24
|
+
}
|
|
25
|
+
export function resetRateLimits() {
|
|
26
|
+
rateLimits.clear();
|
|
27
|
+
}
|
|
28
|
+
// ── Path Utilities (from aga-mcp-gateway) ───────────────────
|
|
29
|
+
export function cleanPath(p) {
|
|
30
|
+
p = p.replace(/\\/g, '/');
|
|
31
|
+
p = p.replace(/\/+/g, '/');
|
|
32
|
+
const segments = p.split('/');
|
|
33
|
+
const resolved = [];
|
|
34
|
+
const absolute = segments[0] === '';
|
|
35
|
+
for (const seg of segments) {
|
|
36
|
+
if (seg === '' || seg === '.')
|
|
37
|
+
continue;
|
|
38
|
+
if (seg === '..') {
|
|
39
|
+
if (resolved.length > 0 && resolved[resolved.length - 1] !== '..') {
|
|
40
|
+
resolved.pop();
|
|
41
|
+
}
|
|
42
|
+
else if (!absolute) {
|
|
43
|
+
resolved.push('..');
|
|
44
|
+
}
|
|
45
|
+
}
|
|
46
|
+
else {
|
|
47
|
+
resolved.push(seg);
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
let result = (absolute ? '/' : '') + resolved.join('/');
|
|
51
|
+
if (result === '')
|
|
52
|
+
result = '.';
|
|
53
|
+
return result;
|
|
54
|
+
}
|
|
55
|
+
export function matchesPrefix(prefix, candidate) {
|
|
56
|
+
const cleanPrefix = cleanPath(prefix);
|
|
57
|
+
const cleanCandidate = cleanPath(candidate);
|
|
58
|
+
if (cleanCandidate === cleanPrefix)
|
|
59
|
+
return true;
|
|
60
|
+
const prefixWithSlash = cleanPrefix.endsWith('/') ? cleanPrefix : cleanPrefix + '/';
|
|
61
|
+
return cleanCandidate.startsWith(prefixWithSlash);
|
|
62
|
+
}
|
|
63
|
+
function checkPathConstraints(constraint, args) {
|
|
64
|
+
if (!constraint.path_prefix)
|
|
65
|
+
return null;
|
|
66
|
+
const keys = constraint.path_keys?.length ? constraint.path_keys : ['path'];
|
|
67
|
+
if (!args)
|
|
68
|
+
return null;
|
|
69
|
+
for (const key of keys) {
|
|
70
|
+
const val = args[key];
|
|
71
|
+
if (typeof val === 'string') {
|
|
72
|
+
if (!matchesPrefix(constraint.path_prefix, val)) {
|
|
73
|
+
return `path "${val}" outside allowed prefix "${constraint.path_prefix}"`;
|
|
74
|
+
}
|
|
75
|
+
}
|
|
76
|
+
}
|
|
77
|
+
return null;
|
|
78
|
+
}
|
|
79
|
+
function checkDeniedPatterns(constraint, args) {
|
|
80
|
+
if (!constraint.denied_patterns?.length)
|
|
81
|
+
return null;
|
|
82
|
+
if (!args)
|
|
83
|
+
return null;
|
|
84
|
+
for (const [, val] of Object.entries(args)) {
|
|
85
|
+
if (typeof val !== 'string')
|
|
86
|
+
continue;
|
|
87
|
+
for (const pattern of constraint.denied_patterns) {
|
|
88
|
+
if (val.includes(pattern)) {
|
|
89
|
+
return `argument value matches denied pattern "${pattern}"`;
|
|
90
|
+
}
|
|
91
|
+
}
|
|
92
|
+
}
|
|
93
|
+
return null;
|
|
94
|
+
}
|
|
95
|
+
// ── Main Evaluator ──────────────────────────────────────────
|
|
96
|
+
export function evaluate(policy, toolName, args) {
|
|
97
|
+
const base = { tool_name: toolName, policy_mode: policy.mode };
|
|
98
|
+
// Audit-only mode: always permit
|
|
99
|
+
if (policy.mode === 'audit_only') {
|
|
100
|
+
return { ...base, allowed: true, reason: 'audit_only: all calls permitted' };
|
|
101
|
+
}
|
|
102
|
+
if (policy.mode !== 'allowlist' && policy.mode !== 'denylist') {
|
|
103
|
+
return { ...base, allowed: false, reason: `unknown policy mode: ${policy.mode}` };
|
|
104
|
+
}
|
|
105
|
+
const constraint = policy.constraints[toolName];
|
|
106
|
+
if (policy.mode === 'allowlist') {
|
|
107
|
+
if (!constraint) {
|
|
108
|
+
return { ...base, allowed: false, reason: 'tool not in allowlist' };
|
|
109
|
+
}
|
|
110
|
+
if (!constraint.allowed) {
|
|
111
|
+
return { ...base, allowed: false, reason: 'tool explicitly disallowed' };
|
|
112
|
+
}
|
|
113
|
+
// Rate limit check
|
|
114
|
+
if (constraint.max_calls_per_minute) {
|
|
115
|
+
if (!checkRateLimit(toolName, constraint.max_calls_per_minute)) {
|
|
116
|
+
return { ...base, allowed: false, reason: `rate limit exceeded: ${constraint.max_calls_per_minute}/min` };
|
|
117
|
+
}
|
|
118
|
+
}
|
|
119
|
+
const pathResult = checkPathConstraints(constraint, args);
|
|
120
|
+
if (pathResult !== null) {
|
|
121
|
+
return { ...base, allowed: false, reason: pathResult };
|
|
122
|
+
}
|
|
123
|
+
const patternResult = checkDeniedPatterns(constraint, args);
|
|
124
|
+
if (patternResult !== null) {
|
|
125
|
+
return { ...base, allowed: false, reason: patternResult };
|
|
126
|
+
}
|
|
127
|
+
return { ...base, allowed: true, reason: 'tool permitted by allowlist' };
|
|
128
|
+
}
|
|
129
|
+
// Denylist mode
|
|
130
|
+
if (constraint && !constraint.allowed) {
|
|
131
|
+
return { ...base, allowed: false, reason: 'tool denied by denylist' };
|
|
132
|
+
}
|
|
133
|
+
// Rate limit check for denylist mode (tool not explicitly denied)
|
|
134
|
+
if (constraint?.max_calls_per_minute) {
|
|
135
|
+
if (!checkRateLimit(toolName, constraint.max_calls_per_minute)) {
|
|
136
|
+
return { ...base, allowed: false, reason: `rate limit exceeded: ${constraint.max_calls_per_minute}/min` };
|
|
137
|
+
}
|
|
138
|
+
}
|
|
139
|
+
return { ...base, allowed: true, reason: 'tool not denied' };
|
|
140
|
+
}
|
|
141
|
+
//# sourceMappingURL=evaluator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"evaluator.js","sourceRoot":"","sources":["../../src/proxy/evaluator.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAUH,MAAM,UAAU,GAAG,IAAI,GAAG,EAAsB,CAAC;AAEjD,SAAS,cAAc,CAAC,QAAgB,EAAE,YAAoB;IAC5D,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,MAAM,MAAM,GAAG,GAAG,GAAG,MAAM,CAAC;IAE5B,IAAI,MAAM,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACtC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,GAAG,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;QAC5B,UAAU,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACnC,CAAC;IAED,wBAAwB;IACxB,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;IAE9D,IAAI,MAAM,CAAC,UAAU,CAAC,MAAM,IAAI,YAAY;QAAE,OAAO,KAAK,CAAC;IAE3D,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC5B,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,eAAe;IAC7B,UAAU,CAAC,KAAK,EAAE,CAAC;AACrB,CAAC;AAED,+DAA+D;AAE/D,MAAM,UAAU,SAAS,CAAC,CAAS;IACjC,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAC1B,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAE3B,MAAM,QAAQ,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC9B,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,MAAM,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC;IAEpC,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;QAC3B,IAAI,GAAG,KAAK,EAAE,IAAI,GAAG,KAAK,GAAG;YAAE,SAAS;QACxC,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;YACjB,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAClE,QAAQ,CAAC,GAAG,EAAE,CAAC;YACjB,CAAC;iBAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACrB,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACtB,CAAC;QACH,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC;IACH,CAAC;IAED,IAAI,MAAM,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACxD,IAAI,MAAM,KAAK,EAAE;QAAE,MAAM,GAAG,GAAG,CAAC;IAChC,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,MAAc,EAAE,SAAiB;IAC7D,MAAM,WAAW,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,cAAc,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC;IAE5C,IAAI,cAAc,KAAK,WAAW;QAAE,OAAO,IAAI,CAAC;IAChD,MAAM,eAAe,GAAG,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,WAAW,GAAG,GAAG,CAAC;IACpF,OAAO,cAAc,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;AACpD,CAAC;AAED,SAAS,oBAAoB,CAC3B,UAA0D,EAC1D,IAA8B;IAE9B,IAAI,CAAC,UAAU,CAAC,WAAW;QAAE,OAAO,IAAI,CAAC;IACzC,MAAM,IAAI,GAAG,UAAU,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IAC5E,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEvB,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC;QACtB,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,WAAW,EAAE,GAAG,CAAC,EAAE,CAAC;gBAChD,OAAO,SAAS,GAAG,6BAA6B,UAAU,CAAC,WAAW,GAAG,CAAC;YAC5E,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,mBAAmB,CAC1B,UAA0C,EAC1C,IAA8B;IAE9B,IAAI,CAAC,UAAU,CAAC,eAAe,EAAE,MAAM;QAAE,OAAO,IAAI,CAAC;IACrD,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEvB,KAAK,MAAM,CAAC,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QAC3C,IAAI,OAAO,GAAG,KAAK,QAAQ;YAAE,SAAS;QACtC,KAAK,MAAM,OAAO,IAAI,UAAU,CAAC,eAAe,EAAE,CAAC;YACjD,IAAI,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC1B,OAAO,0CAA0C,OAAO,GAAG,CAAC;YAC9D,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,+DAA+D;AAE/D,MAAM,UAAU,QAAQ,CACtB,MAAkB,EAClB,QAAgB,EAChB,IAA8B;IAE9B,MAAM,IAAI,GAAG,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC;IAE/D,iCAAiC;IACjC,IAAI,MAAM,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;QACjC,OAAO,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,iCAAiC,EAAE,CAAC;IAC/E,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,KAAK,WAAW,IAAI,MAAM,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;QAC9D,OAAO,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,wBAAwB,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;IACpF,CAAC;IAED,MAAM,UAAU,GAAG,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IAEhD,IAAI,MAAM,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;QAChC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,uBAAuB,EAAE,CAAC;QACtE,CAAC;QACD,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;YACxB,OAAO,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,4BAA4B,EAAE,CAAC;QAC3E,CAAC;QAED,mBAAmB;QACnB,IAAI,UAAU,CAAC,oBAAoB,EAAE,CAAC;YACpC,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,UAAU,CAAC,oBAAoB,CAAC,EAAE,CAAC;gBAC/D,OAAO,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,wBAAwB,UAAU,CAAC,oBAAoB,MAAM,EAAE,CAAC;YAC5G,CAAC;QACH,CAAC;QAED,MAAM,UAAU,GAAG,oBAAoB,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;QAC1D,IAAI,UAAU,KAAK,IAAI,EAAE,CAAC;YACxB,OAAO,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;QACzD,CAAC;QACD,MAAM,aAAa,GAAG,mBAAmB,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;QAC5D,IAAI,aAAa,KAAK,IAAI,EAAE,CAAC;YAC3B,OAAO,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;QAC5D,CAAC;QACD,OAAO,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,6BAA6B,EAAE,CAAC;IAC3E,CAAC;IAED,gBAAgB;IAChB,IAAI,UAAU,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;QACtC,OAAO,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,yBAAyB,EAAE,CAAC;IACxE,CAAC;IAED,kEAAkE;IAClE,IAAI,UAAU,EAAE,oBAAoB,EAAE,CAAC;QACrC,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,UAAU,CAAC,oBAAoB,CAAC,EAAE,CAAC;YAC/D,OAAO,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,wBAAwB,UAAU,CAAC,oBAAoB,MAAM,EAAE,CAAC;QAC5G,CAAC;IACH,CAAC;IAED,OAAO,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,iBAAiB,EAAE,CAAC;AAC/D,CAAC"}
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
/**
|
|
3
|
+
* AGA Governance Proxy - CLI Entry Point
|
|
4
|
+
*
|
|
5
|
+
* Usage:
|
|
6
|
+
* aga-proxy start --upstream "node server.js" # stdio upstream
|
|
7
|
+
* aga-proxy start --upstream-url http://host:port # HTTP upstream
|
|
8
|
+
* aga-proxy start --profile standard # policy profile
|
|
9
|
+
* aga-proxy stop
|
|
10
|
+
* aga-proxy status
|
|
11
|
+
* aga-proxy export --output bundle.json
|
|
12
|
+
* aga-proxy verify bundle.json
|
|
13
|
+
*
|
|
14
|
+
* Patent: USPTO App. No. 19/433,835
|
|
15
|
+
* Copyright (c) 2026 Attested Intelligence Holdings LLC
|
|
16
|
+
* SPDX-License-Identifier: MIT
|
|
17
|
+
*/
|
|
18
|
+
export { GovernanceProxy } from './server.js';
|
|
19
|
+
export { evaluate, resetRateLimits } from './evaluator.js';
|
|
20
|
+
export { PROFILES, PERMISSIVE, STANDARD, RESTRICTIVE } from './profiles.js';
|
|
21
|
+
export type { ToolPolicy, ToolConstraint, ToolCallDecision, ProxyConfig } from './types.js';
|
|
22
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/proxy/index.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;;GAeG;AAsOH,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAC3D,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5E,YAAY,EAAE,UAAU,EAAE,cAAc,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC"}
|
|
@@ -0,0 +1,230 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
/**
|
|
3
|
+
* AGA Governance Proxy - CLI Entry Point
|
|
4
|
+
*
|
|
5
|
+
* Usage:
|
|
6
|
+
* aga-proxy start --upstream "node server.js" # stdio upstream
|
|
7
|
+
* aga-proxy start --upstream-url http://host:port # HTTP upstream
|
|
8
|
+
* aga-proxy start --profile standard # policy profile
|
|
9
|
+
* aga-proxy stop
|
|
10
|
+
* aga-proxy status
|
|
11
|
+
* aga-proxy export --output bundle.json
|
|
12
|
+
* aga-proxy verify bundle.json
|
|
13
|
+
*
|
|
14
|
+
* Patent: USPTO App. No. 19/433,835
|
|
15
|
+
* Copyright (c) 2026 Attested Intelligence Holdings LLC
|
|
16
|
+
* SPDX-License-Identifier: MIT
|
|
17
|
+
*/
|
|
18
|
+
import { Command } from 'commander';
|
|
19
|
+
import * as fs from 'node:fs';
|
|
20
|
+
import * as path from 'node:path';
|
|
21
|
+
import * as os from 'node:os';
|
|
22
|
+
import { GovernanceProxy } from './server.js';
|
|
23
|
+
import { PROFILES } from './profiles.js';
|
|
24
|
+
const program = new Command();
|
|
25
|
+
let proxy = null;
|
|
26
|
+
function getDataDir() {
|
|
27
|
+
return path.join(os.homedir(), '.aga-proxy');
|
|
28
|
+
}
|
|
29
|
+
function getPidFile() {
|
|
30
|
+
return path.join(getDataDir(), 'proxy.pid');
|
|
31
|
+
}
|
|
32
|
+
program
|
|
33
|
+
.name('aga-proxy')
|
|
34
|
+
.description('AGA Governance Proxy - cryptographic runtime governance for MCP tool calls')
|
|
35
|
+
.version('0.1.0');
|
|
36
|
+
// ── start ────────────────────────────────────────────────────
|
|
37
|
+
program
|
|
38
|
+
.command('start')
|
|
39
|
+
.description('Start the governance proxy')
|
|
40
|
+
.option('-p, --port <port>', 'Proxy port', '18800')
|
|
41
|
+
.option('--upstream <command>', 'Downstream MCP server command (stdio)')
|
|
42
|
+
.option('--upstream-url <url>', 'Downstream MCP server URL (HTTP)')
|
|
43
|
+
.option('--profile <name>', 'Policy profile: permissive, standard, restrictive', 'permissive')
|
|
44
|
+
.option('--policy <path>', 'Custom policy JSON file')
|
|
45
|
+
.action(async (opts) => {
|
|
46
|
+
const port = parseInt(opts.port, 10);
|
|
47
|
+
let policy;
|
|
48
|
+
if (opts.policy) {
|
|
49
|
+
policy = JSON.parse(fs.readFileSync(opts.policy, 'utf-8'));
|
|
50
|
+
}
|
|
51
|
+
else {
|
|
52
|
+
policy = PROFILES[opts.profile] ?? PROFILES.permissive;
|
|
53
|
+
}
|
|
54
|
+
const upstream = opts.upstream ? parseUpstreamCommand(opts.upstream) : undefined;
|
|
55
|
+
proxy = new GovernanceProxy({
|
|
56
|
+
port,
|
|
57
|
+
policy,
|
|
58
|
+
upstream,
|
|
59
|
+
upstreamUrl: opts.upstreamUrl,
|
|
60
|
+
});
|
|
61
|
+
proxy.on('started', ({ port: p }) => {
|
|
62
|
+
console.log(`AGA Governance Proxy started on port ${p}`);
|
|
63
|
+
console.log(`Policy mode: ${policy.mode}`);
|
|
64
|
+
if (opts.upstream)
|
|
65
|
+
console.log(`Upstream (stdio): ${opts.upstream}`);
|
|
66
|
+
if (opts.upstreamUrl)
|
|
67
|
+
console.log(`Upstream (HTTP): ${opts.upstreamUrl}`);
|
|
68
|
+
});
|
|
69
|
+
proxy.on('error', (err) => {
|
|
70
|
+
console.error(`Proxy error: ${err.message}`);
|
|
71
|
+
});
|
|
72
|
+
// Ensure data dir exists
|
|
73
|
+
const dataDir = getDataDir();
|
|
74
|
+
if (!fs.existsSync(dataDir))
|
|
75
|
+
fs.mkdirSync(dataDir, { recursive: true });
|
|
76
|
+
await proxy.start();
|
|
77
|
+
// Write PID file
|
|
78
|
+
fs.writeFileSync(getPidFile(), String(process.pid));
|
|
79
|
+
// Graceful shutdown
|
|
80
|
+
const shutdown = async () => {
|
|
81
|
+
console.log('\nShutting down...');
|
|
82
|
+
if (proxy) {
|
|
83
|
+
await proxy.stop();
|
|
84
|
+
try {
|
|
85
|
+
fs.unlinkSync(getPidFile());
|
|
86
|
+
}
|
|
87
|
+
catch { /* ok */ }
|
|
88
|
+
}
|
|
89
|
+
process.exit(0);
|
|
90
|
+
};
|
|
91
|
+
process.on('SIGINT', shutdown);
|
|
92
|
+
process.on('SIGTERM', shutdown);
|
|
93
|
+
});
|
|
94
|
+
// ── run (foreground, alias for start) ────────────────────────
|
|
95
|
+
program
|
|
96
|
+
.command('run')
|
|
97
|
+
.description('Run proxy in foreground (same as start, Ctrl+C to stop)')
|
|
98
|
+
.option('-p, --port <port>', 'Proxy port', '18800')
|
|
99
|
+
.option('--upstream <command>', 'Downstream MCP server command (stdio)')
|
|
100
|
+
.option('--upstream-url <url>', 'Downstream MCP server URL (HTTP)')
|
|
101
|
+
.option('--profile <name>', 'Policy profile', 'permissive')
|
|
102
|
+
.option('--policy <path>', 'Custom policy JSON file')
|
|
103
|
+
.action(async (opts) => {
|
|
104
|
+
// Delegate to start - identical behavior in Node.js
|
|
105
|
+
await program.commands.find(c => c.name() === 'start').parseAsync(['node', 'aga-proxy', 'start', ...process.argv.slice(3)]);
|
|
106
|
+
});
|
|
107
|
+
// ── stop ─────────────────────────────────────────────────────
|
|
108
|
+
program
|
|
109
|
+
.command('stop')
|
|
110
|
+
.description('Stop the running proxy')
|
|
111
|
+
.action(async () => {
|
|
112
|
+
const pidFile = getPidFile();
|
|
113
|
+
if (!fs.existsSync(pidFile)) {
|
|
114
|
+
console.log('No running proxy found');
|
|
115
|
+
return;
|
|
116
|
+
}
|
|
117
|
+
const pid = parseInt(fs.readFileSync(pidFile, 'utf-8').trim(), 10);
|
|
118
|
+
try {
|
|
119
|
+
process.kill(pid, 'SIGTERM');
|
|
120
|
+
console.log(`Sent SIGTERM to proxy (PID ${pid})`);
|
|
121
|
+
fs.unlinkSync(pidFile);
|
|
122
|
+
}
|
|
123
|
+
catch {
|
|
124
|
+
console.log('Proxy process not found, cleaning up PID file');
|
|
125
|
+
fs.unlinkSync(pidFile);
|
|
126
|
+
}
|
|
127
|
+
});
|
|
128
|
+
// ── status ───────────────────────────────────────────────────
|
|
129
|
+
program
|
|
130
|
+
.command('status')
|
|
131
|
+
.description('Show proxy status')
|
|
132
|
+
.action(async () => {
|
|
133
|
+
if (proxy) {
|
|
134
|
+
console.log(JSON.stringify(proxy.getStatus(), null, 2));
|
|
135
|
+
}
|
|
136
|
+
else {
|
|
137
|
+
const pidFile = getPidFile();
|
|
138
|
+
if (fs.existsSync(pidFile)) {
|
|
139
|
+
const pid = parseInt(fs.readFileSync(pidFile, 'utf-8').trim(), 10);
|
|
140
|
+
try {
|
|
141
|
+
process.kill(pid, 0); // Check if alive
|
|
142
|
+
console.log(JSON.stringify({ running: true, pid }, null, 2));
|
|
143
|
+
}
|
|
144
|
+
catch {
|
|
145
|
+
console.log(JSON.stringify({ running: false, stale_pid: pid }, null, 2));
|
|
146
|
+
}
|
|
147
|
+
}
|
|
148
|
+
else {
|
|
149
|
+
console.log(JSON.stringify({ running: false }, null, 2));
|
|
150
|
+
}
|
|
151
|
+
}
|
|
152
|
+
});
|
|
153
|
+
// ── export ───────────────────────────────────────────────────
|
|
154
|
+
program
|
|
155
|
+
.command('export')
|
|
156
|
+
.description('Export evidence bundle')
|
|
157
|
+
.option('-o, --output <path>', 'Output file', 'evidence-bundle.json')
|
|
158
|
+
.action(async (opts) => {
|
|
159
|
+
if (!proxy) {
|
|
160
|
+
console.error('Proxy not running in this process. Start the proxy first.');
|
|
161
|
+
process.exit(1);
|
|
162
|
+
}
|
|
163
|
+
const bundle = await proxy.exportBundle();
|
|
164
|
+
fs.writeFileSync(opts.output, JSON.stringify(bundle, null, 2));
|
|
165
|
+
console.log(`Evidence bundle exported to ${opts.output}`);
|
|
166
|
+
});
|
|
167
|
+
// ── verify ───────────────────────────────────────────────────
|
|
168
|
+
program
|
|
169
|
+
.command('verify <bundle>')
|
|
170
|
+
.description('Verify an evidence bundle (Ed25519-SHA256-JCS format)')
|
|
171
|
+
.action(async (bundlePath) => {
|
|
172
|
+
const { verifyGatewayBundle } = await import('./verify.js');
|
|
173
|
+
const bundleJson = fs.readFileSync(bundlePath, 'utf-8');
|
|
174
|
+
const result = await verifyGatewayBundle(bundleJson);
|
|
175
|
+
console.log(`Algorithm: ${result.algorithm_valid ? 'PASS' : 'FAIL'}`);
|
|
176
|
+
console.log(`Signatures: ${result.receipt_signatures_valid ? 'PASS' : 'FAIL'} (${result.receipts_checked} receipts)`);
|
|
177
|
+
console.log(`Chain integrity: ${result.chain_integrity_valid ? 'PASS' : 'FAIL'}`);
|
|
178
|
+
console.log(`Merkle proofs: ${result.merkle_proofs_valid ? 'PASS' : 'FAIL'}`);
|
|
179
|
+
console.log(`Consistency: ${result.bundle_consistent ? 'PASS' : 'FAIL'}`);
|
|
180
|
+
console.log(`\nOVERALL: ${result.overall_valid ? 'VERIFIED' : 'FAILED'}`);
|
|
181
|
+
if (result.error)
|
|
182
|
+
console.log(`Error: ${result.error}`);
|
|
183
|
+
process.exit(result.overall_valid ? 0 : 1);
|
|
184
|
+
});
|
|
185
|
+
// ── policy ───────────────────────────────────────────────────
|
|
186
|
+
const policyCmd = program.command('policy').description('Policy management');
|
|
187
|
+
policyCmd
|
|
188
|
+
.command('show')
|
|
189
|
+
.description('Show current policy')
|
|
190
|
+
.action(() => {
|
|
191
|
+
if (!proxy) {
|
|
192
|
+
console.error('Proxy not running in this process.');
|
|
193
|
+
process.exit(1);
|
|
194
|
+
}
|
|
195
|
+
console.log(JSON.stringify(proxy.getStatus(), null, 2));
|
|
196
|
+
});
|
|
197
|
+
policyCmd
|
|
198
|
+
.command('switch <profile>')
|
|
199
|
+
.description('Switch policy profile')
|
|
200
|
+
.action(async (profile) => {
|
|
201
|
+
if (!proxy) {
|
|
202
|
+
console.error('Proxy not running in this process.');
|
|
203
|
+
process.exit(1);
|
|
204
|
+
}
|
|
205
|
+
const newPolicy = PROFILES[profile];
|
|
206
|
+
if (!newPolicy) {
|
|
207
|
+
console.error(`Unknown profile: ${profile}. Available: ${Object.keys(PROFILES).join(', ')}`);
|
|
208
|
+
process.exit(1);
|
|
209
|
+
}
|
|
210
|
+
await proxy.switchPolicy(newPolicy);
|
|
211
|
+
console.log(`Switched to ${profile} profile`);
|
|
212
|
+
});
|
|
213
|
+
// ── helpers ──────────────────────────────────────────────────
|
|
214
|
+
function parseUpstreamCommand(cmd) {
|
|
215
|
+
const parts = cmd.split(/\s+/);
|
|
216
|
+
return { command: parts[0], args: parts.slice(1) };
|
|
217
|
+
}
|
|
218
|
+
// ── main ─────────────────────────────────────────────────────
|
|
219
|
+
export { GovernanceProxy } from './server.js';
|
|
220
|
+
export { evaluate, resetRateLimits } from './evaluator.js';
|
|
221
|
+
export { PROFILES, PERMISSIVE, STANDARD, RESTRICTIVE } from './profiles.js';
|
|
222
|
+
// Only parse CLI if run directly
|
|
223
|
+
const isDirectRun = process.argv[1]?.includes('proxy') || process.argv[1]?.includes('aga-proxy');
|
|
224
|
+
if (isDirectRun) {
|
|
225
|
+
program.parseAsync().catch((err) => {
|
|
226
|
+
console.error(err);
|
|
227
|
+
process.exit(1);
|
|
228
|
+
});
|
|
229
|
+
}
|
|
230
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/proxy/index.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAGzC,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAC9B,IAAI,KAAK,GAA2B,IAAI,CAAC;AAEzC,SAAS,UAAU;IACjB,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,YAAY,CAAC,CAAC;AAC/C,CAAC;AAED,SAAS,UAAU;IACjB,OAAO,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,EAAE,WAAW,CAAC,CAAC;AAC9C,CAAC;AAED,OAAO;KACJ,IAAI,CAAC,WAAW,CAAC;KACjB,WAAW,CAAC,4EAA4E,CAAC;KACzF,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpB,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,4BAA4B,CAAC;KACzC,MAAM,CAAC,mBAAmB,EAAE,YAAY,EAAE,OAAO,CAAC;KAClD,MAAM,CAAC,sBAAsB,EAAE,uCAAuC,CAAC;KACvE,MAAM,CAAC,sBAAsB,EAAE,kCAAkC,CAAC;KAClE,MAAM,CAAC,kBAAkB,EAAE,mDAAmD,EAAE,YAAY,CAAC;KAC7F,MAAM,CAAC,iBAAiB,EAAE,yBAAyB,CAAC;KACpD,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IACrC,IAAI,MAAkB,CAAC;IAEvB,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChB,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAC7D,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC;IACzD,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,oBAAoB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAEjF,KAAK,GAAG,IAAI,eAAe,CAAC;QAC1B,IAAI;QACJ,MAAM;QACN,QAAQ;QACR,WAAW,EAAE,IAAI,CAAC,WAAW;KAC9B,CAAC,CAAC;IAEH,KAAK,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAoB,EAAE,EAAE;QACpD,OAAO,CAAC,GAAG,CAAC,wCAAwC,CAAC,EAAE,CAAC,CAAC;QACzD,OAAO,CAAC,GAAG,CAAC,gBAAgB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3C,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;QACrE,IAAI,IAAI,CAAC,WAAW;YAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;IAC5E,CAAC,CAAC,CAAC;IAEH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;QAC/B,OAAO,CAAC,KAAK,CAAC,gBAAgB,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,yBAAyB;IACzB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAExE,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC;IAEpB,iBAAiB;IACjB,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;IAEpD,oBAAoB;IACpB,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE;QAC1B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QAClC,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,KAAK,CAAC,IAAI,EAAE,CAAC;YACnB,IAAI,CAAC;gBAAC,EAAE,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC,CAAC;YAAC,CAAC;YAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,CAAC;QACzD,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC;IAEF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/B,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;AAClC,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,KAAK,CAAC;KACd,WAAW,CAAC,yDAAyD,CAAC;KACtE,MAAM,CAAC,mBAAmB,EAAE,YAAY,EAAE,OAAO,CAAC;KAClD,MAAM,CAAC,sBAAsB,EAAE,uCAAuC,CAAC;KACvE,MAAM,CAAC,sBAAsB,EAAE,kCAAkC,CAAC;KAClE,MAAM,CAAC,kBAAkB,EAAE,gBAAgB,EAAE,YAAY,CAAC;KAC1D,MAAM,CAAC,iBAAiB,EAAE,yBAAyB,CAAC;KACpD,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,oDAAoD;IACpD,MAAM,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,OAAO,CAAE,CAAC,UAAU,CAChE,CAAC,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CACzD,CAAC;AACJ,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,wBAAwB,CAAC;KACrC,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;QACtC,OAAO;IACT,CAAC;IACD,MAAM,GAAG,GAAG,QAAQ,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,CAAC;QACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QAC7B,OAAO,CAAC,GAAG,CAAC,8BAA8B,GAAG,GAAG,CAAC,CAAC;QAClD,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;QAC7D,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,mBAAmB,CAAC;KAChC,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC1D,CAAC;SAAM,CAAC;QACN,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;QAC7B,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YAC3B,MAAM,GAAG,GAAG,QAAQ,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;YACnE,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,iBAAiB;gBACvC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/D,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC3E,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,wBAAwB,CAAC;KACrC,MAAM,CAAC,qBAAqB,EAAE,aAAa,EAAE,sBAAsB,CAAC;KACpE,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,2DAA2D,CAAC,CAAC;QAC3E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,YAAY,EAAE,CAAC;IAC1C,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,CAAC,+BAA+B,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;AAC5D,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,iBAAiB,CAAC;KAC1B,WAAW,CAAC,uDAAuD,CAAC;KACpE,MAAM,CAAC,KAAK,EAAE,UAAU,EAAE,EAAE;IAC3B,MAAM,EAAE,mBAAmB,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;IAC5D,MAAM,UAAU,GAAG,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IACxD,MAAM,MAAM,GAAG,MAAM,mBAAmB,CAAC,UAAU,CAAC,CAAC;IAErD,OAAO,CAAC,GAAG,CAAC,qBAAqB,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IAC7E,OAAO,CAAC,GAAG,CAAC,qBAAqB,MAAM,CAAC,wBAAwB,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,gBAAgB,YAAY,CAAC,CAAC;IAC5H,OAAO,CAAC,GAAG,CAAC,qBAAqB,MAAM,CAAC,qBAAqB,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IACnF,OAAO,CAAC,GAAG,CAAC,qBAAqB,MAAM,CAAC,mBAAmB,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IACjF,OAAO,CAAC,GAAG,CAAC,qBAAqB,MAAM,CAAC,iBAAiB,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IAC/E,OAAO,CAAC,GAAG,CAAC,cAAc,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC1E,IAAI,MAAM,CAAC,KAAK;QAAE,OAAO,CAAC,GAAG,CAAC,UAAU,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC;IAExD,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC7C,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,CAAC,mBAAmB,CAAC,CAAC;AAE7E,SAAS;KACN,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,qBAAqB,CAAC;KAClC,MAAM,CAAC,GAAG,EAAE;IACX,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAC1D,CAAC,CAAC,CAAC;AAEL,SAAS;KACN,OAAO,CAAC,kBAAkB,CAAC;KAC3B,WAAW,CAAC,uBAAuB,CAAC;KACpC,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;IACxB,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,SAAS,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;IACpC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,oBAAoB,OAAO,gBAAgB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC7F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,KAAK,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;IACpC,OAAO,CAAC,GAAG,CAAC,eAAe,OAAO,UAAU,CAAC,CAAC;AAChD,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,SAAS,oBAAoB,CAAC,GAAW;IACvC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC/B,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;AACrD,CAAC;AAED,gEAAgE;AAEhE,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAC3D,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAG5E,iCAAiC;AACjC,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAC;AACjG,IAAI,WAAW,EAAE,CAAC;IAChB,OAAO,CAAC,UAAU,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;QACjC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* AGA Governance Proxy - Built-in Policy Profiles
|
|
3
|
+
*
|
|
4
|
+
* Patent: USPTO App. No. 19/433,835
|
|
5
|
+
* Copyright (c) 2026 Attested Intelligence Holdings LLC
|
|
6
|
+
* SPDX-License-Identifier: MIT
|
|
7
|
+
*/
|
|
8
|
+
import type { ToolPolicy } from './types.js';
|
|
9
|
+
/** All tools permitted, no rate limits, logging only. */
|
|
10
|
+
export declare const PERMISSIVE: ToolPolicy;
|
|
11
|
+
/** All common tools allowed with rate limits. Dangerous patterns denied. */
|
|
12
|
+
export declare const STANDARD: ToolPolicy;
|
|
13
|
+
/** Explicit allowlist only. All unrecognized tools denied. Low rate limits. */
|
|
14
|
+
export declare const RESTRICTIVE: ToolPolicy;
|
|
15
|
+
export declare const PROFILES: Record<string, ToolPolicy>;
|
|
16
|
+
//# sourceMappingURL=profiles.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"profiles.d.ts","sourceRoot":"","sources":["../../src/proxy/profiles.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAE7C,yDAAyD;AACzD,eAAO,MAAM,UAAU,EAAE,UAGxB,CAAC;AAEF,4EAA4E;AAC5E,eAAO,MAAM,QAAQ,EAAE,UActB,CAAC;AAEF,+EAA+E;AAC/E,eAAO,MAAM,WAAW,EAAE,UAOzB,CAAC;AAEF,eAAO,MAAM,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,UAAU,CAI/C,CAAC"}
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* AGA Governance Proxy - Built-in Policy Profiles
|
|
3
|
+
*
|
|
4
|
+
* Patent: USPTO App. No. 19/433,835
|
|
5
|
+
* Copyright (c) 2026 Attested Intelligence Holdings LLC
|
|
6
|
+
* SPDX-License-Identifier: MIT
|
|
7
|
+
*/
|
|
8
|
+
/** All tools permitted, no rate limits, logging only. */
|
|
9
|
+
export const PERMISSIVE = {
|
|
10
|
+
mode: 'audit_only',
|
|
11
|
+
constraints: {},
|
|
12
|
+
};
|
|
13
|
+
/** All common tools allowed with rate limits. Dangerous patterns denied. */
|
|
14
|
+
export const STANDARD = {
|
|
15
|
+
mode: 'allowlist',
|
|
16
|
+
constraints: {
|
|
17
|
+
filesystem_read: { name: 'filesystem_read', allowed: true, max_calls_per_minute: 30 },
|
|
18
|
+
filesystem_write: { name: 'filesystem_write', allowed: true, max_calls_per_minute: 30, denied_patterns: ['/etc/', '/sys/', '/proc/'] },
|
|
19
|
+
shell_execute: { name: 'shell_execute', allowed: true, max_calls_per_minute: 10, denied_patterns: ['rm -rf', 'mkfs', 'dd if=', ':(){:|:&};:'] },
|
|
20
|
+
web_search: { name: 'web_search', allowed: true, max_calls_per_minute: 20 },
|
|
21
|
+
web_fetch: { name: 'web_fetch', allowed: true, max_calls_per_minute: 20 },
|
|
22
|
+
send_message: { name: 'send_message', allowed: true, max_calls_per_minute: 5 },
|
|
23
|
+
calendar_create: { name: 'calendar_create', allowed: true, max_calls_per_minute: 5 },
|
|
24
|
+
memory_search: { name: 'memory_search', allowed: true, max_calls_per_minute: 30 },
|
|
25
|
+
memory_store: { name: 'memory_store', allowed: true, max_calls_per_minute: 10 },
|
|
26
|
+
code_execute: { name: 'code_execute', allowed: true, max_calls_per_minute: 10 },
|
|
27
|
+
},
|
|
28
|
+
};
|
|
29
|
+
/** Explicit allowlist only. All unrecognized tools denied. Low rate limits. */
|
|
30
|
+
export const RESTRICTIVE = {
|
|
31
|
+
mode: 'allowlist',
|
|
32
|
+
constraints: {
|
|
33
|
+
filesystem_read: { name: 'filesystem_read', allowed: true, max_calls_per_minute: 10, path_prefix: '/home' },
|
|
34
|
+
web_search: { name: 'web_search', allowed: true, max_calls_per_minute: 5 },
|
|
35
|
+
memory_search: { name: 'memory_search', allowed: true, max_calls_per_minute: 10 },
|
|
36
|
+
},
|
|
37
|
+
};
|
|
38
|
+
export const PROFILES = {
|
|
39
|
+
permissive: PERMISSIVE,
|
|
40
|
+
standard: STANDARD,
|
|
41
|
+
restrictive: RESTRICTIVE,
|
|
42
|
+
};
|
|
43
|
+
//# sourceMappingURL=profiles.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"profiles.js","sourceRoot":"","sources":["../../src/proxy/profiles.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,yDAAyD;AACzD,MAAM,CAAC,MAAM,UAAU,GAAe;IACpC,IAAI,EAAE,YAAY;IAClB,WAAW,EAAE,EAAE;CAChB,CAAC;AAEF,4EAA4E;AAC5E,MAAM,CAAC,MAAM,QAAQ,GAAe;IAClC,IAAI,EAAE,WAAW;IACjB,WAAW,EAAE;QACX,eAAe,EAAI,EAAE,IAAI,EAAE,iBAAiB,EAAI,OAAO,EAAE,IAAI,EAAE,oBAAoB,EAAE,EAAE,EAAE;QACzF,gBAAgB,EAAG,EAAE,IAAI,EAAE,kBAAkB,EAAG,OAAO,EAAE,IAAI,EAAE,oBAAoB,EAAE,EAAE,EAAE,eAAe,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,QAAQ,CAAC,EAAE;QACxI,aAAa,EAAM,EAAE,IAAI,EAAE,eAAe,EAAM,OAAO,EAAE,IAAI,EAAE,oBAAoB,EAAE,EAAE,EAAE,eAAe,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,CAAC,EAAE;QACvJ,UAAU,EAAS,EAAE,IAAI,EAAE,YAAY,EAAS,OAAO,EAAE,IAAI,EAAE,oBAAoB,EAAE,EAAE,EAAE;QACzF,SAAS,EAAU,EAAE,IAAI,EAAE,WAAW,EAAU,OAAO,EAAE,IAAI,EAAE,oBAAoB,EAAE,EAAE,EAAE;QACzF,YAAY,EAAO,EAAE,IAAI,EAAE,cAAc,EAAO,OAAO,EAAE,IAAI,EAAE,oBAAoB,EAAE,CAAC,EAAE;QACxF,eAAe,EAAI,EAAE,IAAI,EAAE,iBAAiB,EAAI,OAAO,EAAE,IAAI,EAAE,oBAAoB,EAAE,CAAC,EAAE;QACxF,aAAa,EAAM,EAAE,IAAI,EAAE,eAAe,EAAM,OAAO,EAAE,IAAI,EAAE,oBAAoB,EAAE,EAAE,EAAE;QACzF,YAAY,EAAO,EAAE,IAAI,EAAE,cAAc,EAAO,OAAO,EAAE,IAAI,EAAE,oBAAoB,EAAE,EAAE,EAAE;QACzF,YAAY,EAAO,EAAE,IAAI,EAAE,cAAc,EAAO,OAAO,EAAE,IAAI,EAAE,oBAAoB,EAAE,EAAE,EAAE;KAC1F;CACF,CAAC;AAEF,+EAA+E;AAC/E,MAAM,CAAC,MAAM,WAAW,GAAe;IACrC,IAAI,EAAE,WAAW;IACjB,WAAW,EAAE;QACX,eAAe,EAAG,EAAE,IAAI,EAAE,iBAAiB,EAAG,OAAO,EAAE,IAAI,EAAE,oBAAoB,EAAE,EAAE,EAAE,WAAW,EAAE,OAAO,EAAE;QAC7G,UAAU,EAAQ,EAAE,IAAI,EAAE,YAAY,EAAQ,OAAO,EAAE,IAAI,EAAE,oBAAoB,EAAE,CAAC,EAAE;QACtF,aAAa,EAAK,EAAE,IAAI,EAAE,eAAe,EAAK,OAAO,EAAE,IAAI,EAAE,oBAAoB,EAAE,EAAE,EAAE;KACxF;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,QAAQ,GAA+B;IAClD,UAAU,EAAE,UAAU;IACtB,QAAQ,EAAE,QAAQ;IAClB,WAAW,EAAE,WAAW;CACzB,CAAC"}
|
|
@@ -0,0 +1,106 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* AGA Governance Proxy Server
|
|
3
|
+
* TCP proxy that intercepts MCP JSON-RPC 2.0 tool calls,
|
|
4
|
+
* evaluates them against a sealed policy, and produces
|
|
5
|
+
* Ed25519-signed governance receipts.
|
|
6
|
+
*
|
|
7
|
+
* Receipt format: Ed25519-SHA256-JCS (canonical across TS gateway,
|
|
8
|
+
* Python SDK, Go CLI, and browser verifier).
|
|
9
|
+
*
|
|
10
|
+
* Architecture: Client → Proxy (:18800) → Downstream MCP Server
|
|
11
|
+
* The proxy holds ALL signing keys. The client holds NONE.
|
|
12
|
+
*
|
|
13
|
+
* Patent: USPTO App. No. 19/433,835
|
|
14
|
+
* Copyright (c) 2026 Attested Intelligence Holdings LLC
|
|
15
|
+
* SPDX-License-Identifier: MIT
|
|
16
|
+
*/
|
|
17
|
+
import { EventEmitter } from 'node:events';
|
|
18
|
+
import { type StdioBridgeOptions } from './stdio-bridge.js';
|
|
19
|
+
import type { ToolPolicy } from './types.js';
|
|
20
|
+
export interface GovernanceReceipt {
|
|
21
|
+
receipt_id: string;
|
|
22
|
+
receipt_version: string;
|
|
23
|
+
algorithm: string;
|
|
24
|
+
timestamp: string;
|
|
25
|
+
request_id: string | number | null;
|
|
26
|
+
method: string;
|
|
27
|
+
tool_name: string;
|
|
28
|
+
decision: 'PERMITTED' | 'DENIED';
|
|
29
|
+
reason: string;
|
|
30
|
+
policy_reference: string;
|
|
31
|
+
arguments_hash: string;
|
|
32
|
+
previous_receipt_hash: string;
|
|
33
|
+
gateway_id: string;
|
|
34
|
+
signature: string;
|
|
35
|
+
public_key: string;
|
|
36
|
+
}
|
|
37
|
+
export interface EvidenceBundle {
|
|
38
|
+
schema_version: string;
|
|
39
|
+
bundle_id: string;
|
|
40
|
+
algorithm: string;
|
|
41
|
+
generated_at: string;
|
|
42
|
+
gateway_id: string;
|
|
43
|
+
public_key: string;
|
|
44
|
+
policy_reference: string;
|
|
45
|
+
receipts: GovernanceReceipt[];
|
|
46
|
+
merkle_root: string;
|
|
47
|
+
merkle_proofs: MerkleProof[];
|
|
48
|
+
offline_capable: boolean;
|
|
49
|
+
}
|
|
50
|
+
export interface MerkleProof {
|
|
51
|
+
leaf_hash: string;
|
|
52
|
+
leaf_index: number;
|
|
53
|
+
siblings: string[];
|
|
54
|
+
directions: ('left' | 'right')[];
|
|
55
|
+
merkle_root: string;
|
|
56
|
+
}
|
|
57
|
+
export interface ProxyServerOptions {
|
|
58
|
+
port?: number;
|
|
59
|
+
policy?: ToolPolicy;
|
|
60
|
+
upstream?: StdioBridgeOptions;
|
|
61
|
+
upstreamUrl?: string;
|
|
62
|
+
gatewayId?: string;
|
|
63
|
+
}
|
|
64
|
+
export declare class GovernanceProxy extends EventEmitter {
|
|
65
|
+
private server;
|
|
66
|
+
private bridge;
|
|
67
|
+
private signingKP;
|
|
68
|
+
private policy;
|
|
69
|
+
private port;
|
|
70
|
+
private started;
|
|
71
|
+
private upstreamOptions;
|
|
72
|
+
private upstreamUrl;
|
|
73
|
+
private gatewayId;
|
|
74
|
+
private receipts;
|
|
75
|
+
private lastReceiptHash;
|
|
76
|
+
private policyHash;
|
|
77
|
+
private stats;
|
|
78
|
+
constructor(options?: ProxyServerOptions);
|
|
79
|
+
start(): Promise<void>;
|
|
80
|
+
stop(): Promise<void>;
|
|
81
|
+
private handleConnection;
|
|
82
|
+
private handleMessage;
|
|
83
|
+
private interceptToolCall;
|
|
84
|
+
private generateReceipt;
|
|
85
|
+
private merkleNodeHash;
|
|
86
|
+
private computeMerkleRoot;
|
|
87
|
+
private computeMerkleProof;
|
|
88
|
+
private forwardHttp;
|
|
89
|
+
private respond;
|
|
90
|
+
switchPolicy(newPolicy: ToolPolicy): Promise<void>;
|
|
91
|
+
exportBundle(): EvidenceBundle;
|
|
92
|
+
getStatus(): {
|
|
93
|
+
public_key: string;
|
|
94
|
+
permitted: number;
|
|
95
|
+
denied: number;
|
|
96
|
+
total: number;
|
|
97
|
+
started_at: string;
|
|
98
|
+
running: boolean;
|
|
99
|
+
port: number;
|
|
100
|
+
policy_mode: "allowlist" | "denylist" | "audit_only";
|
|
101
|
+
receipt_count: number;
|
|
102
|
+
};
|
|
103
|
+
getPublicKey(): string;
|
|
104
|
+
getReceipts(): GovernanceReceipt[];
|
|
105
|
+
}
|
|
106
|
+
//# sourceMappingURL=server.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/proxy/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAO3C,OAAO,EAAe,KAAK,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAIzE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAK7C,MAAM,WAAW,iBAAiB;IAChC,UAAU,EAAE,MAAM,CAAC;IACnB,eAAe,EAAE,MAAM,CAAC;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;IACnC,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,WAAW,GAAG,QAAQ,CAAC;IACjC,MAAM,EAAE,MAAM,CAAC;IACf,gBAAgB,EAAE,MAAM,CAAC;IACzB,cAAc,EAAE,MAAM,CAAC;IACvB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,cAAc;IAC7B,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,gBAAgB,EAAE,MAAM,CAAC;IACzB,QAAQ,EAAE,iBAAiB,EAAE,CAAC;IAC9B,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,WAAW,EAAE,CAAC;IAC7B,eAAe,EAAE,OAAO,CAAC;CAC1B;AAED,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,UAAU,EAAE,CAAC,MAAM,GAAG,OAAO,CAAC,EAAE,CAAC;IACjC,WAAW,EAAE,MAAM,CAAC;CACrB;AAID,MAAM,WAAW,kBAAkB;IACjC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,UAAU,CAAC;IACpB,QAAQ,CAAC,EAAE,kBAAkB,CAAC;IAC9B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,qBAAa,eAAgB,SAAQ,YAAY;IAC/C,OAAO,CAAC,MAAM,CAA2B;IACzC,OAAO,CAAC,MAAM,CAA4B;IAG1C,OAAO,CAAC,SAAS,CAAU;IAG3B,OAAO,CAAC,MAAM,CAAa;IAC3B,OAAO,CAAC,IAAI,CAAS;IACrB,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,eAAe,CAA4B;IACnD,OAAO,CAAC,WAAW,CAAgB;IACnC,OAAO,CAAC,SAAS,CAAS;IAG1B,OAAO,CAAC,QAAQ,CAA2B;IAC3C,OAAO,CAAC,eAAe,CAAc;IACrC,OAAO,CAAC,UAAU,CAAc;IAGhC,OAAO,CAAC,KAAK,CAAyD;gBAE1D,OAAO,GAAE,kBAAuB;IAYtC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IA4BtB,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAqB3B,OAAO,CAAC,gBAAgB;YAoBV,aAAa;YAgDb,iBAAiB;IAiF/B,OAAO,CAAC,eAAe;IA6CvB,OAAO,CAAC,cAAc;IAStB,OAAO,CAAC,iBAAiB;IAkBzB,OAAO,CAAC,kBAAkB;YAuCZ,WAAW;IAoBzB,OAAO,CAAC,OAAO;IAQT,YAAY,CAAC,SAAS,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IAOxD,YAAY,IAAI,cAAc;IAsB9B,SAAS;;;;;;;;;;;IAWT,YAAY,IAAI,MAAM;IACtB,WAAW,IAAI,iBAAiB,EAAE;CACnC"}
|