@attested-intelligence/aga-mcp-server 2.1.0 → 2.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (195) hide show
  1. package/README.md +209 -124
  2. package/dist/adapters/openclaw.d.ts +0 -1
  3. package/dist/adapters/openclaw.d.ts.map +1 -1
  4. package/dist/adapters/openclaw.js +0 -1
  5. package/dist/adapters/openclaw.js.map +1 -1
  6. package/dist/core/bundle.d.ts +9 -2
  7. package/dist/core/bundle.d.ts.map +1 -1
  8. package/dist/core/bundle.js +16 -2
  9. package/dist/core/bundle.js.map +1 -1
  10. package/dist/core/identity.d.ts +19 -10
  11. package/dist/core/identity.d.ts.map +1 -1
  12. package/dist/core/identity.js +45 -11
  13. package/dist/core/identity.js.map +1 -1
  14. package/dist/core/portal.d.ts +10 -1
  15. package/dist/core/portal.d.ts.map +1 -1
  16. package/dist/core/portal.js +16 -12
  17. package/dist/core/portal.js.map +1 -1
  18. package/dist/core/types.d.ts +29 -2
  19. package/dist/core/types.d.ts.map +1 -1
  20. package/dist/crypto/index.d.ts +5 -6
  21. package/dist/crypto/index.d.ts.map +1 -1
  22. package/dist/crypto/index.js +5 -6
  23. package/dist/crypto/index.js.map +1 -1
  24. package/dist/crypto/sign.d.ts +2 -0
  25. package/dist/crypto/sign.d.ts.map +1 -1
  26. package/dist/crypto/sign.js +6 -0
  27. package/dist/crypto/sign.js.map +1 -1
  28. package/dist/index.js +1 -1
  29. package/dist/index.js.map +1 -1
  30. package/dist/middleware/governance.d.ts +7 -1
  31. package/dist/middleware/governance.d.ts.map +1 -1
  32. package/dist/middleware/governance.js +18 -11
  33. package/dist/middleware/governance.js.map +1 -1
  34. package/dist/proxy/evaluator.d.ts +0 -1
  35. package/dist/proxy/evaluator.d.ts.map +1 -1
  36. package/dist/proxy/evaluator.js +0 -1
  37. package/dist/proxy/evaluator.js.map +1 -1
  38. package/dist/proxy/index.d.ts +0 -1
  39. package/dist/proxy/index.d.ts.map +1 -1
  40. package/dist/proxy/index.js +0 -1
  41. package/dist/proxy/index.js.map +1 -1
  42. package/dist/proxy/profiles.d.ts +0 -1
  43. package/dist/proxy/profiles.d.ts.map +1 -1
  44. package/dist/proxy/profiles.js +0 -1
  45. package/dist/proxy/profiles.js.map +1 -1
  46. package/dist/proxy/server.d.ts +0 -1
  47. package/dist/proxy/server.d.ts.map +1 -1
  48. package/dist/proxy/server.js +0 -1
  49. package/dist/proxy/server.js.map +1 -1
  50. package/dist/proxy/stdio-bridge.d.ts +0 -1
  51. package/dist/proxy/stdio-bridge.d.ts.map +1 -1
  52. package/dist/proxy/stdio-bridge.js +0 -1
  53. package/dist/proxy/stdio-bridge.js.map +1 -1
  54. package/dist/proxy/types.d.ts +0 -1
  55. package/dist/proxy/types.d.ts.map +1 -1
  56. package/dist/proxy/types.js +0 -1
  57. package/dist/proxy/types.js.map +1 -1
  58. package/dist/proxy/verify.d.ts +0 -1
  59. package/dist/proxy/verify.d.ts.map +1 -1
  60. package/dist/proxy/verify.js +0 -1
  61. package/dist/proxy/verify.js.map +1 -1
  62. package/dist/server.d.ts +7 -3
  63. package/dist/server.d.ts.map +1 -1
  64. package/dist/server.js +342 -214
  65. package/dist/server.js.map +1 -1
  66. package/dist/storage/sqlite.js +6 -6
  67. package/package.json +28 -12
  68. package/dist/context.d.ts +0 -39
  69. package/dist/context.d.ts.map +0 -1
  70. package/dist/context.js +0 -113
  71. package/dist/context.js.map +0 -1
  72. package/dist/core/measurement.d.ts +0 -16
  73. package/dist/core/measurement.d.ts.map +0 -1
  74. package/dist/core/measurement.js +0 -18
  75. package/dist/core/measurement.js.map +0 -1
  76. package/dist/crypto/canonicalize.d.ts +0 -7
  77. package/dist/crypto/canonicalize.d.ts.map +0 -1
  78. package/dist/crypto/canonicalize.js +0 -21
  79. package/dist/crypto/canonicalize.js.map +0 -1
  80. package/dist/crypto/keys.d.ts +0 -10
  81. package/dist/crypto/keys.d.ts.map +0 -1
  82. package/dist/crypto/keys.js +0 -19
  83. package/dist/crypto/keys.js.map +0 -1
  84. package/dist/prompts/drift-analysis.d.ts +0 -13
  85. package/dist/prompts/drift-analysis.d.ts.map +0 -1
  86. package/dist/prompts/drift-analysis.js +0 -43
  87. package/dist/prompts/drift-analysis.js.map +0 -1
  88. package/dist/prompts/governance-report.d.ts +0 -7
  89. package/dist/prompts/governance-report.d.ts.map +0 -1
  90. package/dist/prompts/governance-report.js +0 -26
  91. package/dist/prompts/governance-report.js.map +0 -1
  92. package/dist/prompts/nccoe-demo.d.ts +0 -14
  93. package/dist/prompts/nccoe-demo.d.ts.map +0 -1
  94. package/dist/prompts/nccoe-demo.js +0 -47
  95. package/dist/prompts/nccoe-demo.js.map +0 -1
  96. package/dist/resources/cosai-mapping.d.ts +0 -24
  97. package/dist/resources/cosai-mapping.d.ts.map +0 -1
  98. package/dist/resources/cosai-mapping.js +0 -127
  99. package/dist/resources/cosai-mapping.js.map +0 -1
  100. package/dist/resources/crypto-primitives.d.ts +0 -3
  101. package/dist/resources/crypto-primitives.d.ts.map +0 -1
  102. package/dist/resources/crypto-primitives.js +0 -52
  103. package/dist/resources/crypto-primitives.js.map +0 -1
  104. package/dist/resources/sample-bundle.d.ts +0 -6
  105. package/dist/resources/sample-bundle.d.ts.map +0 -1
  106. package/dist/resources/sample-bundle.js +0 -58
  107. package/dist/resources/sample-bundle.js.map +0 -1
  108. package/dist/resources/specification.d.ts +0 -3
  109. package/dist/resources/specification.d.ts.map +0 -1
  110. package/dist/resources/specification.js +0 -161
  111. package/dist/resources/specification.js.map +0 -1
  112. package/dist/tools/create-artifact.d.ts +0 -25
  113. package/dist/tools/create-artifact.d.ts.map +0 -1
  114. package/dist/tools/create-artifact.js +0 -85
  115. package/dist/tools/create-artifact.js.map +0 -1
  116. package/dist/tools/delegate-subagent.d.ts +0 -18
  117. package/dist/tools/delegate-subagent.d.ts.map +0 -1
  118. package/dist/tools/delegate-subagent.js +0 -50
  119. package/dist/tools/delegate-subagent.js.map +0 -1
  120. package/dist/tools/disclose-claim.d.ts +0 -14
  121. package/dist/tools/disclose-claim.d.ts.map +0 -1
  122. package/dist/tools/disclose-claim.js +0 -23
  123. package/dist/tools/disclose-claim.js.map +0 -1
  124. package/dist/tools/export-bundle.d.ts +0 -8
  125. package/dist/tools/export-bundle.d.ts.map +0 -1
  126. package/dist/tools/export-bundle.js +0 -25
  127. package/dist/tools/export-bundle.js.map +0 -1
  128. package/dist/tools/full-lifecycle.d.ts +0 -16
  129. package/dist/tools/full-lifecycle.d.ts.map +0 -1
  130. package/dist/tools/full-lifecycle.js +0 -121
  131. package/dist/tools/full-lifecycle.js.map +0 -1
  132. package/dist/tools/generate-receipt.d.ts +0 -16
  133. package/dist/tools/generate-receipt.d.ts.map +0 -1
  134. package/dist/tools/generate-receipt.js +0 -31
  135. package/dist/tools/generate-receipt.js.map +0 -1
  136. package/dist/tools/get-chain.d.ts +0 -14
  137. package/dist/tools/get-chain.d.ts.map +0 -1
  138. package/dist/tools/get-chain.js +0 -45
  139. package/dist/tools/get-chain.js.map +0 -1
  140. package/dist/tools/get-portal-state.d.ts +0 -8
  141. package/dist/tools/get-portal-state.d.ts.map +0 -1
  142. package/dist/tools/get-portal-state.js +0 -15
  143. package/dist/tools/get-portal-state.js.map +0 -1
  144. package/dist/tools/init-chain.d.ts +0 -10
  145. package/dist/tools/init-chain.d.ts.map +0 -1
  146. package/dist/tools/init-chain.js +0 -13
  147. package/dist/tools/init-chain.js.map +0 -1
  148. package/dist/tools/measure-behavior.d.ts +0 -12
  149. package/dist/tools/measure-behavior.d.ts.map +0 -1
  150. package/dist/tools/measure-behavior.js +0 -29
  151. package/dist/tools/measure-behavior.js.map +0 -1
  152. package/dist/tools/measure-subject.d.ts +0 -15
  153. package/dist/tools/measure-subject.d.ts.map +0 -1
  154. package/dist/tools/measure-subject.js +0 -106
  155. package/dist/tools/measure-subject.js.map +0 -1
  156. package/dist/tools/quarantine-status.d.ts +0 -8
  157. package/dist/tools/quarantine-status.d.ts.map +0 -1
  158. package/dist/tools/quarantine-status.js +0 -16
  159. package/dist/tools/quarantine-status.js.map +0 -1
  160. package/dist/tools/revoke-artifact.d.ts +0 -13
  161. package/dist/tools/revoke-artifact.d.ts.map +0 -1
  162. package/dist/tools/revoke-artifact.js +0 -24
  163. package/dist/tools/revoke-artifact.js.map +0 -1
  164. package/dist/tools/rotate-keys.d.ts +0 -13
  165. package/dist/tools/rotate-keys.d.ts.map +0 -1
  166. package/dist/tools/rotate-keys.js +0 -39
  167. package/dist/tools/rotate-keys.js.map +0 -1
  168. package/dist/tools/server-info.d.ts +0 -8
  169. package/dist/tools/server-info.d.ts.map +0 -1
  170. package/dist/tools/server-info.js +0 -23
  171. package/dist/tools/server-info.js.map +0 -1
  172. package/dist/tools/set-verification-tier.d.ts +0 -11
  173. package/dist/tools/set-verification-tier.d.ts.map +0 -1
  174. package/dist/tools/set-verification-tier.js +0 -31
  175. package/dist/tools/set-verification-tier.js.map +0 -1
  176. package/dist/tools/start-monitoring.d.ts +0 -12
  177. package/dist/tools/start-monitoring.d.ts.map +0 -1
  178. package/dist/tools/start-monitoring.js +0 -17
  179. package/dist/tools/start-monitoring.js.map +0 -1
  180. package/dist/tools/trigger-measurement.d.ts +0 -15
  181. package/dist/tools/trigger-measurement.d.ts.map +0 -1
  182. package/dist/tools/trigger-measurement.js +0 -86
  183. package/dist/tools/trigger-measurement.js.map +0 -1
  184. package/dist/tools/verify-artifact.d.ts +0 -13
  185. package/dist/tools/verify-artifact.d.ts.map +0 -1
  186. package/dist/tools/verify-artifact.js +0 -6
  187. package/dist/tools/verify-artifact.js.map +0 -1
  188. package/dist/tools/verify-bundle.d.ts +0 -13
  189. package/dist/tools/verify-bundle.d.ts.map +0 -1
  190. package/dist/tools/verify-bundle.js +0 -6
  191. package/dist/tools/verify-bundle.js.map +0 -1
  192. package/dist/types.d.ts +0 -261
  193. package/dist/types.d.ts.map +0 -1
  194. package/dist/types.js +0 -8
  195. package/dist/types.js.map +0 -1
@@ -1,12 +0,0 @@
1
- import type { ServerContext } from '../context.js';
2
- export interface MeasureBehaviorArgs {
3
- tool_name?: string;
4
- record_only?: boolean;
5
- }
6
- export declare function handleMeasureBehavior(args: MeasureBehaviorArgs, ctx: ServerContext): Promise<{
7
- content: Array<{
8
- type: "text";
9
- text: string;
10
- }>;
11
- }>;
12
- //# sourceMappingURL=measure-behavior.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"measure-behavior.d.ts","sourceRoot":"","sources":["../../src/tools/measure-behavior.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAEnD,MAAM,WAAW,mBAAmB;IAClC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED,wBAAsB,qBAAqB,CAAC,IAAI,EAAE,mBAAmB,EAAE,GAAG,EAAE,aAAa;;;;;GA4BxF"}
@@ -1,29 +0,0 @@
1
- import { sha256Str } from '../crypto/hash.js';
2
- export async function handleMeasureBehavior(args, ctx) {
3
- // If a tool_name is provided, record the invocation first
4
- if (args.tool_name) {
5
- ctx.behavioralMonitor.recordInvocation(args.tool_name, sha256Str(args.tool_name));
6
- }
7
- // If record_only, just acknowledge the recording
8
- if (args.record_only) {
9
- return ctx.json({
10
- success: true,
11
- recorded: args.tool_name,
12
- record_only: true,
13
- });
14
- }
15
- // Measure behavioral patterns
16
- const measurement = ctx.behavioralMonitor.measure();
17
- if (measurement.drift_detected) {
18
- await ctx.appendToChain('BEHAVIORAL_DRIFT', {
19
- violations: measurement.violations,
20
- behavioral_hash: measurement.behavioral_hash,
21
- });
22
- }
23
- return ctx.json({
24
- success: true,
25
- ...measurement,
26
- violation_count: measurement.violations.length,
27
- });
28
- }
29
- //# sourceMappingURL=measure-behavior.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"measure-behavior.js","sourceRoot":"","sources":["../../src/tools/measure-behavior.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAQ9C,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,IAAyB,EAAE,GAAkB;IACvF,0DAA0D;IAC1D,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;QACnB,GAAG,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IACpF,CAAC;IAED,iDAAiD;IACjD,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,OAAO,GAAG,CAAC,IAAI,CAAC;YACd,OAAO,EAAE,IAAI;YACb,QAAQ,EAAE,IAAI,CAAC,SAAS;YACxB,WAAW,EAAE,IAAI;SAClB,CAAC,CAAC;IACL,CAAC;IAED,8BAA8B;IAC9B,MAAM,WAAW,GAAG,GAAG,CAAC,iBAAiB,CAAC,OAAO,EAAE,CAAC;IACpD,IAAI,WAAW,CAAC,cAAc,EAAE,CAAC;QAC/B,MAAM,GAAG,CAAC,aAAa,CAAC,kBAAkB,EAAE;YAC1C,UAAU,EAAE,WAAW,CAAC,UAAU;YAClC,eAAe,EAAE,WAAW,CAAC,eAAe;SAC7C,CAAC,CAAC;IACL,CAAC;IACD,OAAO,GAAG,CAAC,IAAI,CAAC;QACd,OAAO,EAAE,IAAI;QACb,GAAG,WAAW;QACd,eAAe,EAAE,WAAW,CAAC,UAAU,CAAC,MAAM;KAC/C,CAAC,CAAC;AACL,CAAC"}
@@ -1,15 +0,0 @@
1
- import type { ServerContext } from '../context.js';
2
- import type { SubjectMetadata } from '../core/types.js';
3
- export interface MeasureSubjectArgs {
4
- subject_content?: string;
5
- subject_bytes_hash?: string;
6
- subject_metadata_hash?: string;
7
- subject_metadata?: SubjectMetadata;
8
- }
9
- export declare function handleMeasureSubject(args: MeasureSubjectArgs, ctx: ServerContext): Promise<{
10
- content: Array<{
11
- type: "text";
12
- text: string;
13
- }>;
14
- }>;
15
- //# sourceMappingURL=measure-subject.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"measure-subject.d.ts","sourceRoot":"","sources":["../../src/tools/measure-subject.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,KAAK,EAAE,eAAe,EAAqB,MAAM,kBAAkB,CAAC;AAE3E,MAAM,WAAW,kBAAkB;IACjC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,gBAAgB,CAAC,EAAE,eAAe,CAAC;CACpC;AAED,wBAAsB,oBAAoB,CAAC,IAAI,EAAE,kBAAkB,EAAE,GAAG,EAAE,aAAa;;;;;GA0GtF"}
@@ -1,106 +0,0 @@
1
- import { hashArtifact } from '../core/artifact.js';
2
- import { generateReceipt } from '../core/receipt.js';
3
- import { initQuarantine } from '../core/quarantine.js';
4
- export async function handleMeasureSubject(args, ctx) {
5
- if (!ctx.portal.artifact)
6
- return ctx.error('No artifact loaded. Call aga_create_artifact first.');
7
- if (ctx.portal.state === 'TERMINATED')
8
- return ctx.error('Portal is terminated. Re-attest required.');
9
- if (ctx.portal.state === 'SAFE_STATE')
10
- return ctx.error('Portal is in safe state. Re-attest required.');
11
- let currentBytesHash;
12
- let currentMetaHash;
13
- let match;
14
- if (args.subject_bytes_hash) {
15
- // Pre-computed hash mode
16
- currentBytesHash = args.subject_bytes_hash;
17
- currentMetaHash = args.subject_metadata_hash ?? ctx.portal.artifact.subject_identifier.metadata_hash;
18
- match = currentBytesHash === ctx.portal.artifact.subject_identifier.bytes_hash &&
19
- currentMetaHash === ctx.portal.artifact.subject_identifier.metadata_hash;
20
- if (!match && ctx.portal.state === 'ACTIVE_MONITORING') {
21
- ctx.portal.state = 'DRIFT_DETECTED';
22
- }
23
- }
24
- else if (args.subject_content) {
25
- // Content mode - use portal.measure()
26
- const result = ctx.portal.measure(new TextEncoder().encode(args.subject_content), args.subject_metadata ?? {});
27
- currentBytesHash = result.currentBytesHash;
28
- currentMetaHash = result.currentMetaHash;
29
- match = result.match;
30
- if (!result.ttl_ok) {
31
- ctx.measurementCount++;
32
- const receipt = generateReceipt({
33
- subjectId: ctx.portal.artifact.subject_identifier, artifactRef: hashArtifact(ctx.portal.artifact),
34
- currentHash: 'UNAVAILABLE', sealedHash: `${result.expectedBytesHash}||${result.expectedMetaHash}`,
35
- driftDetected: true, driftDescription: 'TTL expired - fail-closed termination', action: 'TERMINATE',
36
- measurementType: ctx.portal.artifact.enforcement_parameters.measurement_types.join(','),
37
- seq: ctx.portal.sequenceCounter + 1, prevLeaf: ctx.portal.lastLeafHash, portalKP: ctx.portalKP,
38
- });
39
- await ctx.storage.storeReceipt(receipt);
40
- await ctx.appendToChain('INTERACTION_RECEIPT', { receipt_id: receipt.receipt_id, drift_detected: true, enforcement_action: 'TERMINATE' });
41
- return ctx.json({ success: true, match: false, drift_detected: true, ttl_ok: false, revoked: false, enforcement_action: 'TERMINATE', portal_state: ctx.portal.state, receipt_id: receipt.receipt_id, measurement_count: ctx.measurementCount });
42
- }
43
- if (result.revoked) {
44
- ctx.measurementCount++;
45
- const receipt = generateReceipt({
46
- subjectId: ctx.portal.artifact.subject_identifier, artifactRef: hashArtifact(ctx.portal.artifact),
47
- currentHash: 'UNAVAILABLE', sealedHash: `${result.expectedBytesHash}||${result.expectedMetaHash}`,
48
- driftDetected: true, driftDescription: 'Artifact revoked - fail-closed termination', action: 'TERMINATE',
49
- measurementType: ctx.portal.artifact.enforcement_parameters.measurement_types.join(','),
50
- seq: ctx.portal.sequenceCounter + 1, prevLeaf: ctx.portal.lastLeafHash, portalKP: ctx.portalKP,
51
- });
52
- await ctx.storage.storeReceipt(receipt);
53
- await ctx.appendToChain('INTERACTION_RECEIPT', { receipt_id: receipt.receipt_id, drift_detected: true, enforcement_action: 'TERMINATE' });
54
- return ctx.json({ success: true, match: false, drift_detected: true, ttl_ok: true, revoked: true, enforcement_action: 'TERMINATE', portal_state: ctx.portal.state, receipt_id: receipt.receipt_id, measurement_count: ctx.measurementCount });
55
- }
56
- }
57
- else {
58
- return ctx.error('Provide either subject_content or subject_bytes_hash');
59
- }
60
- const artRef = hashArtifact(ctx.portal.artifact);
61
- const currentStr = `${currentBytesHash}||${currentMetaHash}`;
62
- const sealedStr = `${ctx.portal.artifact.subject_identifier.bytes_hash}||${ctx.portal.artifact.subject_identifier.metadata_hash}`;
63
- let action = null;
64
- let driftDesc = null;
65
- if (!match) {
66
- driftDesc = 'Subject modified - hash mismatch';
67
- action = ctx.portal.artifact.enforcement_parameters.enforcement_triggers[0] ?? 'ALERT_ONLY';
68
- if (ctx.portal.state === 'DRIFT_DETECTED') {
69
- ctx.portal.enforce(action);
70
- }
71
- if (action === 'QUARANTINE')
72
- ctx.quarantine = initQuarantine();
73
- }
74
- ctx.measurementCount++;
75
- const receipt = generateReceipt({
76
- subjectId: ctx.portal.artifact.subject_identifier,
77
- artifactRef: artRef,
78
- currentHash: currentStr,
79
- sealedHash: sealedStr,
80
- driftDetected: !match,
81
- driftDescription: driftDesc,
82
- action,
83
- measurementType: ctx.portal.artifact.enforcement_parameters.measurement_types.join(','),
84
- seq: ctx.portal.sequenceCounter + 1,
85
- prevLeaf: ctx.portal.lastLeafHash,
86
- portalKP: ctx.portalKP,
87
- });
88
- await ctx.storage.storeReceipt(receipt);
89
- await ctx.appendToChain('INTERACTION_RECEIPT', {
90
- receipt_id: receipt.receipt_id,
91
- drift_detected: !match,
92
- enforcement_action: action,
93
- });
94
- return ctx.json({
95
- success: true,
96
- match,
97
- drift_detected: !match,
98
- ttl_ok: true,
99
- revoked: false,
100
- enforcement_action: action,
101
- portal_state: ctx.portal.state,
102
- receipt_id: receipt.receipt_id,
103
- measurement_count: ctx.measurementCount,
104
- });
105
- }
106
- //# sourceMappingURL=measure-subject.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"measure-subject.js","sourceRoot":"","sources":["../../src/tools/measure-subject.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAYvD,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,IAAwB,EAAE,GAAkB;IACrF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ;QAAE,OAAO,GAAG,CAAC,KAAK,CAAC,qDAAqD,CAAC,CAAC;IAClG,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,YAAY;QAAE,OAAO,GAAG,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC;IACrG,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,YAAY;QAAE,OAAO,GAAG,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAExG,IAAI,gBAAwB,CAAC;IAC7B,IAAI,eAAuB,CAAC;IAC5B,IAAI,KAAc,CAAC;IAEnB,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAC5B,yBAAyB;QACzB,gBAAgB,GAAG,IAAI,CAAC,kBAAkB,CAAC;QAC3C,eAAe,GAAG,IAAI,CAAC,qBAAqB,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,aAAa,CAAC;QACrG,KAAK,GAAG,gBAAgB,KAAK,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,UAAU;YACtE,eAAe,KAAK,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,aAAa,CAAC;QACjF,IAAI,CAAC,KAAK,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,mBAAmB,EAAE,CAAC;YACtD,GAAG,CAAC,MAAc,CAAC,KAAK,GAAG,gBAAgB,CAAC;QAC/C,CAAC;IACH,CAAC;SAAM,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;QAChC,sCAAsC;QACtC,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,OAAO,CAC/B,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,EAC9C,IAAI,CAAC,gBAAgB,IAAI,EAAE,CAC5B,CAAC;QACF,gBAAgB,GAAG,MAAM,CAAC,gBAAgB,CAAC;QAC3C,eAAe,GAAG,MAAM,CAAC,eAAe,CAAC;QACzC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;QACrB,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YACnB,GAAG,CAAC,gBAAgB,EAAE,CAAC;YACvB,MAAM,OAAO,GAAG,eAAe,CAAC;gBAC9B,SAAS,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,EAAE,WAAW,EAAE,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC;gBACjG,WAAW,EAAE,aAAa,EAAE,UAAU,EAAE,GAAG,MAAM,CAAC,iBAAiB,KAAK,MAAM,CAAC,gBAAgB,EAAE;gBACjG,aAAa,EAAE,IAAI,EAAE,gBAAgB,EAAE,uCAAuC,EAAE,MAAM,EAAE,WAAW;gBACnG,eAAe,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAAC,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC;gBACvF,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,eAAe,GAAG,CAAC,EAAE,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,YAAY,EAAE,QAAQ,EAAE,GAAG,CAAC,QAAQ;aAC/F,CAAC,CAAC;YACH,MAAM,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;YACxC,MAAM,GAAG,CAAC,aAAa,CAAC,qBAAqB,EAAE,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,cAAc,EAAE,IAAI,EAAE,kBAAkB,EAAE,WAAW,EAAE,CAAC,CAAC;YAC1I,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,kBAAkB,EAAE,WAAW,EAAE,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,iBAAiB,EAAE,GAAG,CAAC,gBAAgB,EAAE,CAAC,CAAC;QAClP,CAAC;QACD,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,GAAG,CAAC,gBAAgB,EAAE,CAAC;YACvB,MAAM,OAAO,GAAG,eAAe,CAAC;gBAC9B,SAAS,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,EAAE,WAAW,EAAE,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC;gBACjG,WAAW,EAAE,aAAa,EAAE,UAAU,EAAE,GAAG,MAAM,CAAC,iBAAiB,KAAK,MAAM,CAAC,gBAAgB,EAAE;gBACjG,aAAa,EAAE,IAAI,EAAE,gBAAgB,EAAE,4CAA4C,EAAE,MAAM,EAAE,WAAW;gBACxG,eAAe,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAAC,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC;gBACvF,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,eAAe,GAAG,CAAC,EAAE,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,YAAY,EAAE,QAAQ,EAAE,GAAG,CAAC,QAAQ;aAC/F,CAAC,CAAC;YACH,MAAM,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;YACxC,MAAM,GAAG,CAAC,aAAa,CAAC,qBAAqB,EAAE,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,cAAc,EAAE,IAAI,EAAE,kBAAkB,EAAE,WAAW,EAAE,CAAC,CAAC;YAC1I,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,kBAAkB,EAAE,WAAW,EAAE,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,iBAAiB,EAAE,GAAG,CAAC,gBAAgB,EAAE,CAAC,CAAC;QAChP,CAAC;IACH,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC;IAC3E,CAAC;IAED,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACjD,MAAM,UAAU,GAAG,GAAG,gBAAgB,KAAK,eAAe,EAAE,CAAC;IAC7D,MAAM,SAAS,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,UAAU,KAAK,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,aAAa,EAAE,CAAC;IAElI,IAAI,MAAM,GAA6B,IAAI,CAAC;IAC5C,IAAI,SAAS,GAAkB,IAAI,CAAC;IAEpC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,SAAS,GAAG,kCAAkC,CAAC;QAC/C,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAAC,oBAAoB,CAAC,CAAC,CAAC,IAAI,YAAY,CAAC;QAC5F,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,gBAAgB,EAAE,CAAC;YAC1C,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC7B,CAAC;QACD,IAAI,MAAM,KAAK,YAAY;YAAE,GAAG,CAAC,UAAU,GAAG,cAAc,EAAE,CAAC;IACjE,CAAC;IAED,GAAG,CAAC,gBAAgB,EAAE,CAAC;IAEvB,MAAM,OAAO,GAAG,eAAe,CAAC;QAC9B,SAAS,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB;QACjD,WAAW,EAAE,MAAM;QACnB,WAAW,EAAE,UAAU;QACvB,UAAU,EAAE,SAAS;QACrB,aAAa,EAAE,CAAC,KAAK;QACrB,gBAAgB,EAAE,SAAS;QAC3B,MAAM;QACN,eAAe,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAAC,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC;QACvF,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,eAAe,GAAG,CAAC;QACnC,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,YAAY;QACjC,QAAQ,EAAE,GAAG,CAAC,QAAQ;KACvB,CAAC,CAAC;IACH,MAAM,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;IACxC,MAAM,GAAG,CAAC,aAAa,CAAC,qBAAqB,EAAE;QAC7C,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,cAAc,EAAE,CAAC,KAAK;QACtB,kBAAkB,EAAE,MAAM;KAC3B,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC,IAAI,CAAC;QACd,OAAO,EAAE,IAAI;QACb,KAAK;QACL,cAAc,EAAE,CAAC,KAAK;QACtB,MAAM,EAAE,IAAI;QACZ,OAAO,EAAE,KAAK;QACd,kBAAkB,EAAE,MAAM;QAC1B,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK;QAC9B,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,iBAAiB,EAAE,GAAG,CAAC,gBAAgB;KACxC,CAAC,CAAC;AACL,CAAC"}
@@ -1,8 +0,0 @@
1
- import type { ServerContext } from '../context.js';
2
- export declare function handleQuarantineStatus(_args: Record<string, never>, ctx: ServerContext): Promise<{
3
- content: Array<{
4
- type: "text";
5
- text: string;
6
- }>;
7
- }>;
8
- //# sourceMappingURL=quarantine-status.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"quarantine-status.d.ts","sourceRoot":"","sources":["../../src/tools/quarantine-status.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAEnD,wBAAsB,sBAAsB,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,aAAa;;;;;GAe5F"}
@@ -1,16 +0,0 @@
1
- export async function handleQuarantineStatus(_args, ctx) {
2
- if (ctx.portal.state !== 'PHANTOM_QUARANTINE' && !ctx.quarantine?.active) {
3
- return ctx.error('Quarantine status unavailable - portal is not in quarantine state', {
4
- portal_state: ctx.portal.state,
5
- });
6
- }
7
- return ctx.json({
8
- quarantine_active: ctx.quarantine?.active ?? false,
9
- started_at: ctx.quarantine?.started_at ?? null,
10
- inputs_captured: ctx.quarantine?.inputs_captured ?? 0,
11
- outputs_severed: ctx.quarantine?.outputs_severed ?? false,
12
- forensic_buffer_size: ctx.quarantine?.forensic_buffer.length ?? 0,
13
- portal_state: ctx.portal.state,
14
- });
15
- }
16
- //# sourceMappingURL=quarantine-status.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"quarantine-status.js","sourceRoot":"","sources":["../../src/tools/quarantine-status.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,KAA4B,EAAE,GAAkB;IAC3F,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,oBAAoB,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,CAAC;QACzE,OAAO,GAAG,CAAC,KAAK,CAAC,mEAAmE,EAAE;YACpF,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK;SAC/B,CAAC,CAAC;IACL,CAAC;IAED,OAAO,GAAG,CAAC,IAAI,CAAC;QACd,iBAAiB,EAAE,GAAG,CAAC,UAAU,EAAE,MAAM,IAAI,KAAK;QAClD,UAAU,EAAE,GAAG,CAAC,UAAU,EAAE,UAAU,IAAI,IAAI;QAC9C,eAAe,EAAE,GAAG,CAAC,UAAU,EAAE,eAAe,IAAI,CAAC;QACrD,eAAe,EAAE,GAAG,CAAC,UAAU,EAAE,eAAe,IAAI,KAAK;QACzD,oBAAoB,EAAE,GAAG,CAAC,UAAU,EAAE,eAAe,CAAC,MAAM,IAAI,CAAC;QACjE,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK;KAC/B,CAAC,CAAC;AACL,CAAC"}
@@ -1,13 +0,0 @@
1
- import type { ServerContext } from '../context.js';
2
- export interface RevokeArtifactArgs {
3
- sealed_hash?: string;
4
- reason: string;
5
- transition_to?: 'TERMINATED' | 'SAFE_STATE';
6
- }
7
- export declare function handleRevokeArtifact(args: RevokeArtifactArgs, ctx: ServerContext): Promise<{
8
- content: Array<{
9
- type: "text";
10
- text: string;
11
- }>;
12
- }>;
13
- //# sourceMappingURL=revoke-artifact.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"revoke-artifact.d.ts","sourceRoot":"","sources":["../../src/tools/revoke-artifact.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAGnD,MAAM,WAAW,kBAAkB;IACjC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,YAAY,GAAG,YAAY,CAAC;CAC7C;AAED,wBAAsB,oBAAoB,CAAC,IAAI,EAAE,kBAAkB,EAAE,GAAG,EAAE,aAAa;;;;;GAsBtF"}
@@ -1,24 +0,0 @@
1
- import { pkToHex } from '../crypto/sign.js';
2
- import { utcNow } from '../utils/timestamp.js';
3
- export async function handleRevokeArtifact(args, ctx) {
4
- const sealedHash = args.sealed_hash ?? ctx.activeArtifact?.sealed_hash;
5
- if (!sealedHash)
6
- return ctx.error('No sealed_hash provided and no active artifact.');
7
- const transition = args.transition_to ?? 'TERMINATED';
8
- ctx.portal.revoke(sealedHash, transition);
9
- const record = {
10
- artifact_sealed_hash: sealedHash,
11
- reason: args.reason,
12
- revoked_by: pkToHex(ctx.issuerKP.publicKey),
13
- timestamp: utcNow(),
14
- };
15
- await ctx.appendToChain('REVOCATION', { ...record, transition_to: transition });
16
- return ctx.json({
17
- success: true,
18
- revoked: sealedHash,
19
- portal_state: ctx.portal.state,
20
- reason: args.reason,
21
- transition_to: transition,
22
- });
23
- }
24
- //# sourceMappingURL=revoke-artifact.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"revoke-artifact.js","sourceRoot":"","sources":["../../src/tools/revoke-artifact.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAC5C,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAU/C,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,IAAwB,EAAE,GAAkB;IACrF,MAAM,UAAU,GAAG,IAAI,CAAC,WAAW,IAAI,GAAG,CAAC,cAAc,EAAE,WAAW,CAAC;IACvE,IAAI,CAAC,UAAU;QAAE,OAAO,GAAG,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;IAErF,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,IAAI,YAAY,CAAC;IACtD,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;IAE1C,MAAM,MAAM,GAAqB;QAC/B,oBAAoB,EAAE,UAAU;QAChC,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC3C,SAAS,EAAE,MAAM,EAAE;KACpB,CAAC;IACF,MAAM,GAAG,CAAC,aAAa,CAAC,YAAY,EAAE,EAAE,GAAG,MAAM,EAAE,aAAa,EAAE,UAAU,EAAE,CAAC,CAAC;IAEhF,OAAO,GAAG,CAAC,IAAI,CAAC;QACd,OAAO,EAAE,IAAI;QACb,OAAO,EAAE,UAAU;QACnB,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK;QAC9B,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,aAAa,EAAE,UAAU;KAC1B,CAAC,CAAC;AACL,CAAC"}
@@ -1,13 +0,0 @@
1
- import type { ServerContext } from '../context.js';
2
- export interface RotateKeysArgs {
3
- key_type?: 'issuer' | 'portal' | 'chain';
4
- keypair?: 'issuer' | 'portal' | 'chain';
5
- reason?: string;
6
- }
7
- export declare function handleRotateKeys(args: RotateKeysArgs, ctx: ServerContext): Promise<{
8
- content: Array<{
9
- type: "text";
10
- text: string;
11
- }>;
12
- }>;
13
- //# sourceMappingURL=rotate-keys.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"rotate-keys.d.ts","sourceRoot":"","sources":["../../src/tools/rotate-keys.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAEnD,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,EAAE,QAAQ,GAAG,QAAQ,GAAG,OAAO,CAAC;IACzC,OAAO,CAAC,EAAE,QAAQ,GAAG,QAAQ,GAAG,OAAO,CAAC;IACxC,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,wBAAsB,gBAAgB,CAAC,IAAI,EAAE,cAAc,EAAE,GAAG,EAAE,aAAa;;;;;GAsC9E"}
@@ -1,39 +0,0 @@
1
- import { rotateKeys } from '../core/identity.js';
2
- export async function handleRotateKeys(args, ctx) {
3
- const keyType = args.key_type ?? args.keypair;
4
- if (!keyType)
5
- return ctx.error('Provide key_type or keypair parameter.');
6
- let result;
7
- switch (keyType) {
8
- case 'issuer':
9
- result = rotateKeys(ctx.issuerKP);
10
- ctx.issuerKP = result.newKeyPair;
11
- break;
12
- case 'portal':
13
- result = rotateKeys(ctx.portalKP);
14
- ctx.portalKP = result.newKeyPair;
15
- break;
16
- case 'chain':
17
- result = rotateKeys(ctx.chainKP);
18
- ctx.chainKP = result.newKeyPair;
19
- break;
20
- default:
21
- return ctx.error(`Invalid key_type: ${keyType}. Must be issuer, portal, or chain.`);
22
- }
23
- await ctx.appendToChain('KEY_ROTATION', {
24
- key_type: keyType,
25
- old_public_key: result.oldPublicKeyHex,
26
- new_public_key: result.newPublicKeyHex,
27
- rotated_at: result.rotatedAt,
28
- reason: args.reason ?? 'Key rotation',
29
- });
30
- return ctx.json({
31
- success: true,
32
- key_type: keyType,
33
- old_public_key: result.oldPublicKeyHex,
34
- new_public_key: result.newPublicKeyHex,
35
- rotated_at: result.rotatedAt,
36
- reason: args.reason,
37
- });
38
- }
39
- //# sourceMappingURL=rotate-keys.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"rotate-keys.js","sourceRoot":"","sources":["../../src/tools/rotate-keys.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AASjD,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,IAAoB,EAAE,GAAkB;IAC7E,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,OAAO,CAAC;IAC9C,IAAI,CAAC,OAAO;QAAE,OAAO,GAAG,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAEzE,IAAI,MAAM,CAAC;IACX,QAAQ,OAAO,EAAE,CAAC;QAChB,KAAK,QAAQ;YACX,MAAM,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACjC,GAAW,CAAC,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAC;YAC1C,MAAM;QACR,KAAK,QAAQ;YACX,MAAM,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACjC,GAAW,CAAC,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAC;YAC1C,MAAM;QACR,KAAK,OAAO;YACV,MAAM,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAChC,GAAW,CAAC,OAAO,GAAG,MAAM,CAAC,UAAU,CAAC;YACzC,MAAM;QACR;YACE,OAAO,GAAG,CAAC,KAAK,CAAC,qBAAqB,OAAO,qCAAqC,CAAC,CAAC;IACxF,CAAC;IAED,MAAM,GAAG,CAAC,aAAa,CAAC,cAAc,EAAE;QACtC,QAAQ,EAAE,OAAO;QACjB,cAAc,EAAE,MAAM,CAAC,eAAe;QACtC,cAAc,EAAE,MAAM,CAAC,eAAe;QACtC,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,cAAc;KACtC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC,IAAI,CAAC;QACd,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,OAAO;QACjB,cAAc,EAAE,MAAM,CAAC,eAAe;QACtC,cAAc,EAAE,MAAM,CAAC,eAAe;QACtC,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,MAAM,EAAE,IAAI,CAAC,MAAM;KACpB,CAAC,CAAC;AACL,CAAC"}
@@ -1,8 +0,0 @@
1
- import type { ServerContext } from '../context.js';
2
- export declare function handleServerInfo(_args: Record<string, never>, ctx: ServerContext): Promise<{
3
- content: Array<{
4
- type: "text";
5
- text: string;
6
- }>;
7
- }>;
8
- //# sourceMappingURL=server-info.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"server-info.d.ts","sourceRoot":"","sources":["../../src/tools/server-info.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAEnD,wBAAsB,gBAAgB,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,aAAa;;;;;GAoBtF"}
@@ -1,23 +0,0 @@
1
- import { pkToHex } from '../crypto/sign.js';
2
- export async function handleServerInfo(_args, ctx) {
3
- return ctx.json({
4
- server: 'AGA MCP Server',
5
- version: '2.0.0',
6
- protocol: 'Attested Governance Artifacts v2.0.0',
7
- nist_references: ['NIST-2025-0035', 'NCCoE AI Agent Identity'],
8
- framework_alignment: {
9
- spiffe: 'SPIFFE provides workload identity (SVID); AGA binds governance to workload intent',
10
- nist_sp_800_57: 'Key management aligned with SP 800-57 recommendations',
11
- nist_ai_rmf: 'AI Risk Management Framework: Govern, Map, Measure, Manage',
12
- },
13
- issuer_public_key: pkToHex(ctx.issuerKP.publicKey),
14
- portal_public_key: pkToHex(ctx.portalKP.publicKey),
15
- chain_public_key: pkToHex(ctx.chainKP.publicKey),
16
- chain_initialized: ctx.chainInitialized,
17
- portal_state: ctx.portal.state,
18
- verification_tier: ctx.verificationTier,
19
- measurement_count: ctx.measurementCount,
20
- uptime_ms: Date.now() - Date.parse(ctx.startTime),
21
- });
22
- }
23
- //# sourceMappingURL=server-info.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"server-info.js","sourceRoot":"","sources":["../../src/tools/server-info.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAG5C,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,KAA4B,EAAE,GAAkB;IACrF,OAAO,GAAG,CAAC,IAAI,CAAC;QACd,MAAM,EAAE,gBAAgB;QACxB,OAAO,EAAE,OAAO;QAChB,QAAQ,EAAE,sCAAsC;QAChD,eAAe,EAAE,CAAC,gBAAgB,EAAE,yBAAyB,CAAC;QAC9D,mBAAmB,EAAE;YACnB,MAAM,EAAE,mFAAmF;YAC3F,cAAc,EAAE,uDAAuD;YACvE,WAAW,EAAE,4DAA4D;SAC1E;QACD,iBAAiB,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC;QAClD,iBAAiB,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC;QAClD,gBAAgB,EAAE,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC;QAChD,iBAAiB,EAAE,GAAG,CAAC,gBAAgB;QACvC,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK;QAC9B,iBAAiB,EAAE,GAAG,CAAC,gBAAgB;QACvC,iBAAiB,EAAE,GAAG,CAAC,gBAAgB;QACvC,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC;KAClD,CAAC,CAAC;AACL,CAAC"}
@@ -1,11 +0,0 @@
1
- import type { ServerContext } from '../context.js';
2
- export interface SetVerificationTierArgs {
3
- tier: 'BRONZE' | 'SILVER' | 'GOLD';
4
- }
5
- export declare function handleSetVerificationTier(args: SetVerificationTierArgs, ctx: ServerContext): Promise<{
6
- content: Array<{
7
- type: "text";
8
- text: string;
9
- }>;
10
- }>;
11
- //# sourceMappingURL=set-verification-tier.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"set-verification-tier.d.ts","sourceRoot":"","sources":["../../src/tools/set-verification-tier.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAEnD,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE,QAAQ,GAAG,QAAQ,GAAG,MAAM,CAAC;CACpC;AAiBD,wBAAsB,yBAAyB,CAAC,IAAI,EAAE,uBAAuB,EAAE,GAAG,EAAE,aAAa;;;;;GAehG"}
@@ -1,31 +0,0 @@
1
- const TIER_DESCRIPTIONS = {
2
- BRONZE: {
3
- description: 'Cryptographic signatures only - artifact and receipt verification via Ed25519',
4
- trust_assumption: 'Trust that signing keys are not compromised',
5
- },
6
- SILVER: {
7
- description: 'Signatures plus continuity chain verification - tamper-evident event linkage',
8
- trust_assumption: 'Trust the chain operator plus key integrity',
9
- },
10
- GOLD: {
11
- description: 'Full verification with blockchain-anchored Merkle proofs - offline-verifiable evidence bundles',
12
- trust_assumption: 'Minimal trust - cryptographic proof anchored to immutable external ledger',
13
- },
14
- };
15
- export async function handleSetVerificationTier(args, ctx) {
16
- const validTiers = ['BRONZE', 'SILVER', 'GOLD'];
17
- if (!validTiers.includes(args.tier)) {
18
- return ctx.error(`Invalid tier: ${args.tier}. Must be BRONZE, SILVER, or GOLD.`);
19
- }
20
- const previousTier = ctx.verificationTier;
21
- ctx.verificationTier = args.tier;
22
- const info = TIER_DESCRIPTIONS[args.tier];
23
- return ctx.json({
24
- success: true,
25
- previous_tier: previousTier,
26
- current_tier: ctx.verificationTier,
27
- description: info.description,
28
- trust_assumption: info.trust_assumption,
29
- });
30
- }
31
- //# sourceMappingURL=set-verification-tier.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"set-verification-tier.js","sourceRoot":"","sources":["../../src/tools/set-verification-tier.ts"],"names":[],"mappings":"AAMA,MAAM,iBAAiB,GAAsE;IAC3F,MAAM,EAAE;QACN,WAAW,EAAE,+EAA+E;QAC5F,gBAAgB,EAAE,6CAA6C;KAChE;IACD,MAAM,EAAE;QACN,WAAW,EAAE,8EAA8E;QAC3F,gBAAgB,EAAE,6CAA6C;KAChE;IACD,IAAI,EAAE;QACJ,WAAW,EAAE,gGAAgG;QAC7G,gBAAgB,EAAE,2EAA2E;KAC9F;CACF,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAAC,IAA6B,EAAE,GAAkB;IAC/F,MAAM,UAAU,GAAG,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAU,CAAC;IACzD,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAW,CAAC,EAAE,CAAC;QAC3C,OAAO,GAAG,CAAC,KAAK,CAAC,iBAAiB,IAAI,CAAC,IAAI,oCAAoC,CAAC,CAAC;IACnF,CAAC;IACD,MAAM,YAAY,GAAG,GAAG,CAAC,gBAAgB,CAAC;IAC1C,GAAG,CAAC,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC;IACjC,MAAM,IAAI,GAAG,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1C,OAAO,GAAG,CAAC,IAAI,CAAC;QACd,OAAO,EAAE,IAAI;QACb,aAAa,EAAE,YAAY;QAC3B,YAAY,EAAE,GAAG,CAAC,gBAAgB;QAClC,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;KACxC,CAAC,CAAC;AACL,CAAC"}
@@ -1,12 +0,0 @@
1
- import type { ServerContext } from '../context.js';
2
- import type { BehavioralBaseline } from '../core/behavioral.js';
3
- export interface StartMonitoringArgs {
4
- behavioral_baseline?: BehavioralBaseline;
5
- }
6
- export declare function handleStartMonitoring(args: StartMonitoringArgs, ctx: ServerContext): Promise<{
7
- content: Array<{
8
- type: "text";
9
- text: string;
10
- }>;
11
- }>;
12
- //# sourceMappingURL=start-monitoring.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"start-monitoring.d.ts","sourceRoot":"","sources":["../../src/tools/start-monitoring.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAEhE,MAAM,WAAW,mBAAmB;IAClC,mBAAmB,CAAC,EAAE,kBAAkB,CAAC;CAC1C;AAED,wBAAsB,qBAAqB,CAAC,IAAI,EAAE,mBAAmB,EAAE,GAAG,EAAE,aAAa;;;;;GAexF"}
@@ -1,17 +0,0 @@
1
- export async function handleStartMonitoring(args, ctx) {
2
- if (!ctx.portal.artifact)
3
- return ctx.error('No artifact loaded. Call aga_create_artifact first.');
4
- if (ctx.portal.state !== 'ACTIVE_MONITORING')
5
- return ctx.error(`Cannot start monitoring in state ${ctx.portal.state}`);
6
- ctx.behavioralMonitor.reset();
7
- if (args.behavioral_baseline) {
8
- ctx.behavioralMonitor.setBaseline(args.behavioral_baseline);
9
- }
10
- return ctx.json({
11
- success: true,
12
- portal_state: ctx.portal.state,
13
- monitoring_active: true,
14
- baseline_set: !!args.behavioral_baseline,
15
- });
16
- }
17
- //# sourceMappingURL=start-monitoring.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"start-monitoring.js","sourceRoot":"","sources":["../../src/tools/start-monitoring.ts"],"names":[],"mappings":"AAOA,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,IAAyB,EAAE,GAAkB;IACvF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ;QAAE,OAAO,GAAG,CAAC,KAAK,CAAC,qDAAqD,CAAC,CAAC;IAClG,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,mBAAmB;QAAE,OAAO,GAAG,CAAC,KAAK,CAAC,oCAAoC,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC;IAEvH,GAAG,CAAC,iBAAiB,CAAC,KAAK,EAAE,CAAC;IAC9B,IAAI,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAC7B,GAAG,CAAC,iBAAiB,CAAC,WAAW,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IAC9D,CAAC;IAED,OAAO,GAAG,CAAC,IAAI,CAAC;QACd,OAAO,EAAE,IAAI;QACb,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK;QAC9B,iBAAiB,EAAE,IAAI;QACvB,YAAY,EAAE,CAAC,CAAC,IAAI,CAAC,mBAAmB;KACzC,CAAC,CAAC;AACL,CAAC"}
@@ -1,15 +0,0 @@
1
- import type { ServerContext } from '../context.js';
2
- export interface TriggerMeasurementArgs {
3
- subject_content?: string;
4
- subject_bytes_hash?: string;
5
- subject_metadata_hash?: string;
6
- measurement_type?: string;
7
- subject_metadata?: Record<string, string>;
8
- }
9
- export declare function handleTriggerMeasurement(args: TriggerMeasurementArgs, ctx: ServerContext): Promise<{
10
- content: Array<{
11
- type: "text";
12
- text: string;
13
- }>;
14
- }>;
15
- //# sourceMappingURL=trigger-measurement.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"trigger-measurement.d.ts","sourceRoot":"","sources":["../../src/tools/trigger-measurement.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAGnD,MAAM,WAAW,sBAAsB;IACrC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,gBAAgB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC3C;AAED,wBAAsB,wBAAwB,CAAC,IAAI,EAAE,sBAAsB,EAAE,GAAG,EAAE,aAAa;;;;;GA2E9F"}
@@ -1,86 +0,0 @@
1
- import { hashArtifact } from '../core/artifact.js';
2
- import { generateReceipt } from '../core/receipt.js';
3
- import { initQuarantine } from '../core/quarantine.js';
4
- export async function handleTriggerMeasurement(args, ctx) {
5
- if (!ctx.portal.artifact)
6
- return ctx.error('No artifact loaded.');
7
- if (ctx.portal.state === 'TERMINATED' || ctx.portal.state === 'SAFE_STATE') {
8
- return ctx.error(`Portal is ${ctx.portal.state}. Artifact revoked or expired.`);
9
- }
10
- let match;
11
- let action = null;
12
- let driftDesc = null;
13
- let currentHash = 'UNAVAILABLE';
14
- if (args.subject_bytes_hash) {
15
- // Pre-computed hash mode
16
- const bMatch = args.subject_bytes_hash === ctx.portal.artifact.subject_identifier.bytes_hash;
17
- const mMatch = !args.subject_metadata_hash || args.subject_metadata_hash === ctx.portal.artifact.subject_identifier.metadata_hash;
18
- match = bMatch && mMatch;
19
- currentHash = args.subject_bytes_hash;
20
- if (!match && ctx.portal.state === 'ACTIVE_MONITORING') {
21
- ctx.portal.state = 'DRIFT_DETECTED';
22
- }
23
- }
24
- else if (args.subject_content) {
25
- const meta = args.subject_metadata ?? {};
26
- const result = ctx.portal.measure(new TextEncoder().encode(args.subject_content), meta);
27
- match = result.match;
28
- currentHash = result.currentBytesHash || 'UNAVAILABLE';
29
- if (!result.ttl_ok) {
30
- driftDesc = 'TTL expired';
31
- action = 'TERMINATE';
32
- match = false;
33
- }
34
- else if (result.revoked) {
35
- driftDesc = 'Artifact revoked';
36
- action = 'TERMINATE';
37
- match = false;
38
- }
39
- }
40
- else {
41
- return ctx.error('Provide either subject_content or subject_bytes_hash');
42
- }
43
- if (!match && !action) {
44
- driftDesc = 'Subject modified - hash mismatch';
45
- action = ctx.portal.artifact.enforcement_parameters.enforcement_triggers[0] ?? 'ALERT_ONLY';
46
- if (ctx.portal.state === 'DRIFT_DETECTED') {
47
- ctx.portal.enforce(action);
48
- }
49
- if (action === 'QUARANTINE')
50
- ctx.quarantine = initQuarantine();
51
- }
52
- ctx.measurementCount++;
53
- const artRef = hashArtifact(ctx.portal.artifact);
54
- const mType = args.measurement_type ?? ctx.portal.artifact.enforcement_parameters.measurement_types[0] ?? 'FILE_SYSTEM_STATE';
55
- const receipt = generateReceipt({
56
- subjectId: ctx.portal.artifact.subject_identifier,
57
- artifactRef: artRef,
58
- currentHash,
59
- sealedHash: ctx.portal.artifact.subject_identifier.bytes_hash,
60
- driftDetected: !match,
61
- driftDescription: driftDesc,
62
- action,
63
- measurementType: mType,
64
- seq: ctx.portal.sequenceCounter + 1,
65
- prevLeaf: ctx.portal.lastLeafHash,
66
- portalKP: ctx.portalKP,
67
- });
68
- await ctx.storage.storeReceipt(receipt);
69
- await ctx.appendToChain('INTERACTION_RECEIPT', {
70
- receipt_id: receipt.receipt_id,
71
- drift_detected: !match,
72
- enforcement_action: action,
73
- measurement_type: mType,
74
- });
75
- return ctx.json({
76
- success: true,
77
- match,
78
- drift_detected: !match,
79
- enforcement_action: action,
80
- portal_state: ctx.portal.state,
81
- receipt_id: receipt.receipt_id,
82
- measurement_type: mType,
83
- measurement_count: ctx.measurementCount,
84
- });
85
- }
86
- //# sourceMappingURL=trigger-measurement.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"trigger-measurement.js","sourceRoot":"","sources":["../../src/tools/trigger-measurement.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAYvD,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAAC,IAA4B,EAAE,GAAkB;IAC7F,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ;QAAE,OAAO,GAAG,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;IAClE,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,YAAY,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,YAAY,EAAE,CAAC;QAC3E,OAAO,GAAG,CAAC,KAAK,CAAC,aAAa,GAAG,CAAC,MAAM,CAAC,KAAK,gCAAgC,CAAC,CAAC;IAClF,CAAC;IAED,IAAI,KAAc,CAAC;IACnB,IAAI,MAAM,GAA6B,IAAI,CAAC;IAC5C,IAAI,SAAS,GAAkB,IAAI,CAAC;IACpC,IAAI,WAAW,GAAG,aAAa,CAAC;IAEhC,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAC5B,yBAAyB;QACzB,MAAM,MAAM,GAAG,IAAI,CAAC,kBAAkB,KAAK,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,UAAU,CAAC;QAC7F,MAAM,MAAM,GAAG,CAAC,IAAI,CAAC,qBAAqB,IAAI,IAAI,CAAC,qBAAqB,KAAK,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,aAAa,CAAC;QAClI,KAAK,GAAG,MAAM,IAAI,MAAM,CAAC;QACzB,WAAW,GAAG,IAAI,CAAC,kBAAkB,CAAC;QACtC,IAAI,CAAC,KAAK,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,mBAAmB,EAAE,CAAC;YACtD,GAAG,CAAC,MAAc,CAAC,KAAK,GAAG,gBAAgB,CAAC;QAC/C,CAAC;IACH,CAAC;SAAM,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;QAChC,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,IAAI,EAAE,CAAC;QACzC,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,EAAE,IAAI,CAAC,CAAC;QACxF,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;QACrB,WAAW,GAAG,MAAM,CAAC,gBAAgB,IAAI,aAAa,CAAC;QACvD,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YAAC,SAAS,GAAG,aAAa,CAAC;YAAC,MAAM,GAAG,WAAW,CAAC;YAAC,KAAK,GAAG,KAAK,CAAC;QAAC,CAAC;aAClF,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YAAC,SAAS,GAAG,kBAAkB,CAAC;YAAC,MAAM,GAAG,WAAW,CAAC;YAAC,KAAK,GAAG,KAAK,CAAC;QAAC,CAAC;IACnG,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC;IAC3E,CAAC;IAED,IAAI,CAAC,KAAK,IAAI,CAAC,MAAM,EAAE,CAAC;QACtB,SAAS,GAAG,kCAAkC,CAAC;QAC/C,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAAC,oBAAoB,CAAC,CAAC,CAAC,IAAI,YAAY,CAAC;QAC5F,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,gBAAgB,EAAE,CAAC;YAC1C,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC7B,CAAC;QACD,IAAI,MAAM,KAAK,YAAY;YAAE,GAAG,CAAC,UAAU,GAAG,cAAc,EAAE,CAAC;IACjE,CAAC;IAED,GAAG,CAAC,gBAAgB,EAAE,CAAC;IACvB,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACjD,MAAM,KAAK,GAAG,IAAI,CAAC,gBAAgB,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,mBAAmB,CAAC;IAE9H,MAAM,OAAO,GAAG,eAAe,CAAC;QAC9B,SAAS,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB;QACjD,WAAW,EAAE,MAAM;QACnB,WAAW;QACX,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,UAAU;QAC7D,aAAa,EAAE,CAAC,KAAK;QACrB,gBAAgB,EAAE,SAAS;QAC3B,MAAM;QACN,eAAe,EAAE,KAAK;QACtB,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,eAAe,GAAG,CAAC;QACnC,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,YAAY;QACjC,QAAQ,EAAE,GAAG,CAAC,QAAQ;KACvB,CAAC,CAAC;IACH,MAAM,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;IACxC,MAAM,GAAG,CAAC,aAAa,CAAC,qBAAqB,EAAE;QAC7C,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,cAAc,EAAE,CAAC,KAAK;QACtB,kBAAkB,EAAE,MAAM;QAC1B,gBAAgB,EAAE,KAAK;KACxB,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC,IAAI,CAAC;QACd,OAAO,EAAE,IAAI;QACb,KAAK;QACL,cAAc,EAAE,CAAC,KAAK;QACtB,kBAAkB,EAAE,MAAM;QAC1B,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK;QAC9B,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,gBAAgB,EAAE,KAAK;QACvB,iBAAiB,EAAE,GAAG,CAAC,gBAAgB;KACxC,CAAC,CAAC;AACL,CAAC"}
@@ -1,13 +0,0 @@
1
- import type { ServerContext } from '../context.js';
2
- import type { PolicyArtifact } from '../core/types.js';
3
- export interface VerifyArtifactArgs {
4
- artifact: PolicyArtifact;
5
- issuer_public_key: string;
6
- }
7
- export declare function handleVerifyArtifact(args: VerifyArtifactArgs, ctx: ServerContext): Promise<{
8
- content: Array<{
9
- type: "text";
10
- text: string;
11
- }>;
12
- }>;
13
- //# sourceMappingURL=verify-artifact.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"verify-artifact.d.ts","sourceRoot":"","sources":["../../src/tools/verify-artifact.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAEvD,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,cAAc,CAAC;IACzB,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAED,wBAAsB,oBAAoB,CAAC,IAAI,EAAE,kBAAkB,EAAE,GAAG,EAAE,aAAa;;;;;GAGtF"}
@@ -1,6 +0,0 @@
1
- import { verifyArtifactSignature } from '../core/artifact.js';
2
- export async function handleVerifyArtifact(args, ctx) {
3
- const valid = verifyArtifactSignature(args.artifact, args.issuer_public_key);
4
- return ctx.json({ success: true, signature_valid: valid });
5
- }
6
- //# sourceMappingURL=verify-artifact.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"verify-artifact.js","sourceRoot":"","sources":["../../src/tools/verify-artifact.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AAS9D,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,IAAwB,EAAE,GAAkB;IACrF,MAAM,KAAK,GAAG,uBAAuB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAC7E,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,eAAe,EAAE,KAAK,EAAE,CAAC,CAAC;AAC7D,CAAC"}