@attested-intelligence/aga-mcp-server 2.2.0 → 2.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +80 -68
- package/dist/adapters/openclaw.d.ts +0 -1
- package/dist/adapters/openclaw.d.ts.map +1 -1
- package/dist/adapters/openclaw.js +0 -1
- package/dist/adapters/openclaw.js.map +1 -1
- package/dist/proxy/evaluator.d.ts +0 -1
- package/dist/proxy/evaluator.d.ts.map +1 -1
- package/dist/proxy/evaluator.js +0 -1
- package/dist/proxy/evaluator.js.map +1 -1
- package/dist/proxy/index.d.ts +0 -1
- package/dist/proxy/index.d.ts.map +1 -1
- package/dist/proxy/index.js +0 -1
- package/dist/proxy/index.js.map +1 -1
- package/dist/proxy/profiles.d.ts +0 -1
- package/dist/proxy/profiles.d.ts.map +1 -1
- package/dist/proxy/profiles.js +0 -1
- package/dist/proxy/profiles.js.map +1 -1
- package/dist/proxy/server.d.ts +0 -1
- package/dist/proxy/server.d.ts.map +1 -1
- package/dist/proxy/server.js +0 -1
- package/dist/proxy/server.js.map +1 -1
- package/dist/proxy/stdio-bridge.d.ts +0 -1
- package/dist/proxy/stdio-bridge.d.ts.map +1 -1
- package/dist/proxy/stdio-bridge.js +0 -1
- package/dist/proxy/stdio-bridge.js.map +1 -1
- package/dist/proxy/types.d.ts +0 -1
- package/dist/proxy/types.d.ts.map +1 -1
- package/dist/proxy/types.js +0 -1
- package/dist/proxy/types.js.map +1 -1
- package/dist/proxy/verify.d.ts +0 -1
- package/dist/proxy/verify.d.ts.map +1 -1
- package/dist/proxy/verify.js +0 -1
- package/dist/proxy/verify.js.map +1 -1
- package/package.json +93 -97
- package/SECURITY.md +0 -59
- package/independent-verifier/README.md +0 -31
- package/independent-verifier/package.json +0 -18
- package/independent-verifier/verify.ts +0 -211
- package/src/adapters/openclaw.ts +0 -125
- package/src/core/artifact.ts +0 -45
- package/src/core/attestation.ts +0 -33
- package/src/core/behavioral.ts +0 -132
- package/src/core/bundle.ts +0 -45
- package/src/core/chain.ts +0 -72
- package/src/core/checkpoint.ts +0 -22
- package/src/core/delegation.ts +0 -146
- package/src/core/disclosure.ts +0 -32
- package/src/core/identity.ts +0 -62
- package/src/core/index.ts +0 -14
- package/src/core/portal.ts +0 -117
- package/src/core/quarantine.ts +0 -16
- package/src/core/receipt.ts +0 -33
- package/src/core/subject.ts +0 -11
- package/src/core/types.ts +0 -285
- package/src/crypto/hash.ts +0 -33
- package/src/crypto/index.ts +0 -5
- package/src/crypto/merkle.ts +0 -43
- package/src/crypto/salt.ts +0 -18
- package/src/crypto/sign.ts +0 -42
- package/src/crypto/types.ts +0 -19
- package/src/index.ts +0 -12
- package/src/middleware/governance.ts +0 -95
- package/src/middleware/index.ts +0 -1
- package/src/proxy/evaluator.ts +0 -176
- package/src/proxy/index.ts +0 -259
- package/src/proxy/profiles.ts +0 -48
- package/src/proxy/server.ts +0 -499
- package/src/proxy/stdio-bridge.ts +0 -171
- package/src/proxy/types.ts +0 -40
- package/src/proxy/verify.ts +0 -202
- package/src/server.ts +0 -435
- package/src/storage/index.ts +0 -3
- package/src/storage/interface.ts +0 -21
- package/src/storage/memory.ts +0 -27
- package/src/storage/sqlite.ts +0 -45
- package/src/tools/README.md +0 -13
- package/src/utils/canonical.ts +0 -14
- package/src/utils/constants.ts +0 -3
- package/src/utils/timestamp.ts +0 -12
- package/src/utils/uuid.ts +0 -2
package/dist/proxy/verify.js
CHANGED
package/dist/proxy/verify.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../src/proxy/verify.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../src/proxy/verify.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,KAAK,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAE7D,gBAAgB;AAChB,EAAE,CAAC,GAAG,CAAC,UAAU,GAAG,CAAC,GAAG,CAAe,EAAE,EAAE;IACzC,MAAM,KAAK,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IAClD,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IAClC,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,KAAK,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;QAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAAC,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;IAAC,CAAC;IACxD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;AACrB,CAAC,CAAC;AAEF,MAAM,GAAG,GAAG,IAAI,WAAW,EAAE,CAAC;AAE9B,gEAAgE;AAEhE,SAAS,YAAY,CAAC,GAAY;IAChC,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,SAAS,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,GAAG,CAAC;IAC7E,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;QAAE,OAAO,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IACrD,MAAM,MAAM,GAA4B,EAAE,CAAC;IAC3C,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAA8B,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;QACrE,MAAM,CAAC,GAAG,CAAC,GAAG,YAAY,CAAE,GAA+B,CAAC,GAAG,CAAC,CAAC,CAAC;IACpE,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,YAAY,CAAC,GAAY;IAChC,OAAO,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC;AAC3C,CAAC;AAED,SAAS,SAAS,CAAC,IAAY;IAC7B,OAAO,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAC9C,CAAC;AAED,SAAS,cAAc,CAAC,OAAe,EAAE,QAAgB;IACvD,MAAM,IAAI,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;IACjC,MAAM,KAAK,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;IACnC,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;IAC5D,QAAQ,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;IACtB,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IACjC,OAAO,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC;AACtC,CAAC;AAgBD,+DAA+D;AAE/D,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,UAAkB;IAC1D,IAAI,MAAW,CAAC;IAChB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;IAClC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,eAAe,EAAE,KAAK,EAAE,wBAAwB,EAAE,KAAK;YACvD,qBAAqB,EAAE,KAAK,EAAE,mBAAmB,EAAE,KAAK;YACxD,iBAAiB,EAAE,KAAK,EAAE,aAAa,EAAE,KAAK;YAC9C,gBAAgB,EAAE,CAAC,EAAE,SAAS,EAAE,EAAE,EAAE,KAAK,EAAE,cAAc;SAC1D,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAA8B;QACxC,eAAe,EAAE,KAAK,EAAE,wBAAwB,EAAE,KAAK;QACvD,qBAAqB,EAAE,KAAK,EAAE,mBAAmB,EAAE,KAAK;QACxD,iBAAiB,EAAE,KAAK,EAAE,aAAa,EAAE,KAAK;QAC9C,gBAAgB,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,IAAI,CAAC;QAC9C,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,EAAE;KAClC,CAAC;IAEF,oBAAoB;IACpB,IAAI,MAAM,CAAC,SAAS,KAAK,oBAAoB,EAAE,CAAC;QAC9C,MAAM,CAAC,KAAK,GAAG,0BAA0B,MAAM,CAAC,SAAS,EAAE,CAAC;QAC5D,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QAChC,IAAI,CAAC,CAAC,SAAS,KAAK,oBAAoB,EAAE,CAAC;YACzC,MAAM,CAAC,KAAK,GAAG,gCAAgC,CAAC,CAAC,SAAS,EAAE,CAAC;YAC7D,OAAO,MAAM,CAAC;QAChB,CAAC;IACH,CAAC;IACD,MAAM,CAAC,eAAe,GAAG,IAAI,CAAC;IAE9B,6BAA6B;IAC7B,IAAI,CAAC;QACH,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACtC,MAAM,EAAE,SAAS,EAAE,GAAG,QAAQ,EAAE,GAAG,OAAO,CAAC;YAC3C,MAAM,SAAS,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;YACzC,MAAM,GAAG,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC;YAClC,MAAM,EAAE,GAAG,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;YAC1C,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;gBAC/C,MAAM,CAAC,KAAK,GAAG,WAAW,OAAO,CAAC,UAAU,mBAAmB,CAAC;gBAChE,OAAO,MAAM,CAAC;YAChB,CAAC;QACH,CAAC;QACD,MAAM,CAAC,wBAAwB,GAAG,IAAI,CAAC;IACzC,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,CAAC,KAAK,GAAG,iCAAiC,CAAC,EAAE,CAAC;QACpD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,0BAA0B;IAC1B,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;QACjC,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,QAAQ,CAAC,CAAC,CAAC,CAAC,qBAAqB,KAAK,EAAE,EAAE,CAAC;YACpE,MAAM,CAAC,KAAK,GAAG,mDAAmD,CAAC;YACnE,OAAO,MAAM,CAAC;QAChB,CAAC;QACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACzC,MAAM,YAAY,GAAG,SAAS,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9D,IAAI,QAAQ,CAAC,CAAC,CAAC,CAAC,qBAAqB,KAAK,YAAY,EAAE,CAAC;gBACvD,MAAM,CAAC,KAAK,GAAG,0BAA0B,CAAC,EAAE,CAAC;gBAC7C,OAAO,MAAM,CAAC;YAChB,CAAC;QACH,CAAC;QACD,MAAM,CAAC,qBAAqB,GAAG,IAAI,CAAC;IACtC,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,CAAC,KAAK,GAAG,0BAA0B,CAAC,EAAE,CAAC;QAC7C,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,wBAAwB;IACxB,IAAI,CAAC;QACH,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;YACzC,IAAI,WAAW,GAAG,KAAK,CAAC,SAAS,CAAC;YAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC/C,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,MAAM,EAAE,CAAC;oBACnC,WAAW,GAAG,cAAc,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;gBAC/D,CAAC;qBAAM,CAAC;oBACN,WAAW,GAAG,cAAc,CAAC,WAAW,EAAE,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC/D,CAAC;YACH,CAAC;YACD,IAAI,WAAW,KAAK,MAAM,CAAC,WAAW,EAAE,CAAC;gBACvC,MAAM,CAAC,KAAK,GAAG,gCAAgC,KAAK,CAAC,UAAU,EAAE,CAAC;gBAClE,OAAO,MAAM,CAAC;YAChB,CAAC;YACD,IAAI,KAAK,CAAC,WAAW,KAAK,MAAM,CAAC,WAAW,EAAE,CAAC;gBAC7C,MAAM,CAAC,KAAK,GAAG,+BAA+B,KAAK,CAAC,UAAU,EAAE,CAAC;gBACjE,OAAO,MAAM,CAAC;YAChB,CAAC;QACH,CAAC;QACD,MAAM,CAAC,mBAAmB,GAAG,IAAI,CAAC;IACpC,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,CAAC,KAAK,GAAG,uBAAuB,CAAC,EAAE,CAAC;QAC1C,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,6BAA6B;IAC7B,IAAI,CAAC;QACH,IAAI,MAAM,CAAC,aAAa,CAAC,MAAM,KAAK,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;YAC3D,MAAM,CAAC,KAAK,GAAG,8BAA8B,CAAC;YAC9C,OAAO,MAAM,CAAC;QAChB,CAAC;QACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAChD,MAAM,QAAQ,GAAG,SAAS,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC7D,IAAI,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,KAAK,QAAQ,EAAE,CAAC;gBACnD,MAAM,CAAC,KAAK,GAAG,iCAAiC,CAAC,EAAE,CAAC;gBACpD,OAAO,MAAM,CAAC;YAChB,CAAC;YACD,IAAI,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,CAAC,EAAE,CAAC;gBAC7C,MAAM,CAAC,KAAK,GAAG,kCAAkC,CAAC,EAAE,CAAC;gBACrD,OAAO,MAAM,CAAC;YAChB,CAAC;QACH,CAAC;QACD,MAAM,CAAC,iBAAiB,GAAG,IAAI,CAAC;IAClC,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,CAAC,KAAK,GAAG,sBAAsB,CAAC,EAAE,CAAC;QACzC,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,MAAM,CAAC,aAAa,GAAG,IAAI,CAAC;IAC5B,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,97 +1,93 @@
|
|
|
1
|
-
{
|
|
2
|
-
"name": "@attested-intelligence/aga-mcp-server",
|
|
3
|
-
"version": "2.2.
|
|
4
|
-
"description": "MCP server for cryptographic AI agent governance. Seal policy artifacts, enforce at runtime, prove with signed receipts and offline-verifiable evidence bundles.",
|
|
5
|
-
"
|
|
6
|
-
"
|
|
7
|
-
"
|
|
8
|
-
"
|
|
9
|
-
|
|
10
|
-
"
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
"
|
|
17
|
-
"
|
|
18
|
-
"
|
|
19
|
-
|
|
20
|
-
"
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
"
|
|
26
|
-
"
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
"
|
|
30
|
-
"
|
|
31
|
-
"
|
|
32
|
-
"
|
|
33
|
-
"
|
|
34
|
-
"
|
|
35
|
-
"
|
|
36
|
-
"
|
|
37
|
-
"
|
|
38
|
-
"
|
|
39
|
-
"
|
|
40
|
-
"demo
|
|
41
|
-
"
|
|
42
|
-
"
|
|
43
|
-
"
|
|
44
|
-
"
|
|
45
|
-
"
|
|
46
|
-
"
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
"
|
|
50
|
-
"
|
|
51
|
-
"
|
|
52
|
-
"
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
"
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
"
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
"
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
"
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
"
|
|
70
|
-
"
|
|
71
|
-
"
|
|
72
|
-
"
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
"
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
"
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
"
|
|
83
|
-
"
|
|
84
|
-
"
|
|
85
|
-
"
|
|
86
|
-
"
|
|
87
|
-
"
|
|
88
|
-
"
|
|
89
|
-
"
|
|
90
|
-
"
|
|
91
|
-
"
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
"policy-artifacts",
|
|
95
|
-
"attested-intelligence"
|
|
96
|
-
]
|
|
97
|
-
}
|
|
1
|
+
{
|
|
2
|
+
"name": "@attested-intelligence/aga-mcp-server",
|
|
3
|
+
"version": "2.2.2",
|
|
4
|
+
"description": "MCP server for cryptographic AI agent governance. Seal policy artifacts, enforce at runtime, prove with signed receipts and offline-verifiable evidence bundles.",
|
|
5
|
+
"mcpName": "io.github.attestedintelligence/aga-mcp-server",
|
|
6
|
+
"author": "Attested Intelligence Holdings LLC",
|
|
7
|
+
"license": "MIT",
|
|
8
|
+
"homepage": "https://attestedintelligence.com/technology",
|
|
9
|
+
"repository": {
|
|
10
|
+
"type": "git",
|
|
11
|
+
"url": "https://github.com/attestedintelligence/aga-mcp-server"
|
|
12
|
+
},
|
|
13
|
+
"bugs": {
|
|
14
|
+
"url": "https://github.com/attestedintelligence/aga-mcp-server/issues"
|
|
15
|
+
},
|
|
16
|
+
"type": "module",
|
|
17
|
+
"main": "dist/index.js",
|
|
18
|
+
"types": "dist/index.d.ts",
|
|
19
|
+
"files": [
|
|
20
|
+
"dist/",
|
|
21
|
+
"README.md",
|
|
22
|
+
"LICENSE"
|
|
23
|
+
],
|
|
24
|
+
"bin": {
|
|
25
|
+
"aga-mcp-server": "dist/index.js",
|
|
26
|
+
"aga-proxy": "dist/proxy/index.js"
|
|
27
|
+
},
|
|
28
|
+
"scripts": {
|
|
29
|
+
"build": "tsc",
|
|
30
|
+
"start": "node dist/index.js",
|
|
31
|
+
"dev": "tsx src/index.ts",
|
|
32
|
+
"test": "vitest run",
|
|
33
|
+
"test:watch": "vitest",
|
|
34
|
+
"test:crypto": "vitest run tests/crypto/",
|
|
35
|
+
"test:core": "vitest run tests/core/",
|
|
36
|
+
"test:integration": "vitest run tests/integration/",
|
|
37
|
+
"test:proxy": "vitest run tests/proxy/",
|
|
38
|
+
"proxy": "tsx src/proxy/index.ts",
|
|
39
|
+
"proxy:start": "tsx src/proxy/index.ts start",
|
|
40
|
+
"demo": "tsx scripts/demo.ts",
|
|
41
|
+
"benchmark": "tsx scripts/benchmark.ts",
|
|
42
|
+
"verify": "cd independent-verifier && npm test",
|
|
43
|
+
"lint": "tsc --noEmit",
|
|
44
|
+
"demo:standalone": "npx tsx standalone/main.ts",
|
|
45
|
+
"demo:scada": "npx tsx standalone/main.ts --scenario=scada",
|
|
46
|
+
"demo:drone": "npx tsx standalone/main.ts --scenario=drone",
|
|
47
|
+
"demo:agent": "npx tsx standalone/main.ts --scenario=ai-agent",
|
|
48
|
+
"demo:all": "npx tsx standalone/main.ts --scenario=all --non-interactive",
|
|
49
|
+
"watch": "npx tsx standalone/main.ts --watch",
|
|
50
|
+
"build:exe": "npx tsx standalone/build.ts",
|
|
51
|
+
"verify:evidence": "npx tsx standalone/verify-evidence.ts",
|
|
52
|
+
"prepublishOnly": "npm run build && npm run test"
|
|
53
|
+
},
|
|
54
|
+
"dependencies": {
|
|
55
|
+
"@modelcontextprotocol/sdk": "^1.12.0",
|
|
56
|
+
"@noble/ed25519": "^2.1.0",
|
|
57
|
+
"@noble/hashes": "^1.7.0",
|
|
58
|
+
"commander": "^14.0.3",
|
|
59
|
+
"uuid": "^11.1.0",
|
|
60
|
+
"zod": "^3.24.0"
|
|
61
|
+
},
|
|
62
|
+
"optionalDependencies": {
|
|
63
|
+
"better-sqlite3": "^11.7.0"
|
|
64
|
+
},
|
|
65
|
+
"devDependencies": {
|
|
66
|
+
"@types/better-sqlite3": "^7.6.12",
|
|
67
|
+
"@types/node": "^22.10.0",
|
|
68
|
+
"@types/uuid": "^10.0.0",
|
|
69
|
+
"postject": "^1.0.0-alpha.6",
|
|
70
|
+
"tsx": "^4.19.0",
|
|
71
|
+
"typescript": "^5.7.0",
|
|
72
|
+
"vitest": "^2.1.0"
|
|
73
|
+
},
|
|
74
|
+
"engines": {
|
|
75
|
+
"node": ">=20.0.0"
|
|
76
|
+
},
|
|
77
|
+
"keywords": [
|
|
78
|
+
"mcp",
|
|
79
|
+
"mcp-server",
|
|
80
|
+
"model-context-protocol",
|
|
81
|
+
"ai-governance",
|
|
82
|
+
"ai-agent-security",
|
|
83
|
+
"agentic-ai",
|
|
84
|
+
"attestation",
|
|
85
|
+
"governance",
|
|
86
|
+
"cryptographic-enforcement",
|
|
87
|
+
"runtime-integrity",
|
|
88
|
+
"evidence-bundles",
|
|
89
|
+
"ed25519",
|
|
90
|
+
"policy-artifacts",
|
|
91
|
+
"attested-intelligence"
|
|
92
|
+
]
|
|
93
|
+
}
|
package/SECURITY.md
DELETED
|
@@ -1,59 +0,0 @@
|
|
|
1
|
-
# Security Policy
|
|
2
|
-
|
|
3
|
-
## Reporting a Vulnerability
|
|
4
|
-
|
|
5
|
-
If you discover a security vulnerability in AGA, please report it responsibly.
|
|
6
|
-
|
|
7
|
-
**Email:** [admin@attestedintelligence.com](mailto:admin@attestedintelligence.com)
|
|
8
|
-
|
|
9
|
-
**Subject line:** `[SECURITY] AGA Vulnerability Report`
|
|
10
|
-
|
|
11
|
-
### What to Include
|
|
12
|
-
|
|
13
|
-
- Description of the vulnerability
|
|
14
|
-
- Steps to reproduce
|
|
15
|
-
- Potential impact assessment
|
|
16
|
-
- Suggested fix (if you have one)
|
|
17
|
-
|
|
18
|
-
### Response Timeline
|
|
19
|
-
|
|
20
|
-
- **Acknowledgment:** Within 48 hours of receipt
|
|
21
|
-
- **Initial assessment:** Within 5 business days
|
|
22
|
-
- **Resolution target:** Dependent on severity, typically within 30 days for critical issues
|
|
23
|
-
|
|
24
|
-
### Scope
|
|
25
|
-
|
|
26
|
-
This policy covers:
|
|
27
|
-
|
|
28
|
-
- The AGA reference implementation (`src/`, `independent-verifier/`)
|
|
29
|
-
- The MCP server (`@attested-intelligence/aga-mcp-server`)
|
|
30
|
-
- Cryptographic operations (signing, verification, hash computation, chain integrity)
|
|
31
|
-
- Evidence Bundle generation and verification
|
|
32
|
-
|
|
33
|
-
### Out of Scope
|
|
34
|
-
|
|
35
|
-
- The attestedintelligence.com website (report separately to the same email)
|
|
36
|
-
- Third-party dependencies (report to the upstream maintainer, but let us know)
|
|
37
|
-
- Social engineering or phishing attacks
|
|
38
|
-
|
|
39
|
-
### Cryptographic Considerations
|
|
40
|
-
|
|
41
|
-
AGA relies on Ed25519 signatures, SHA-256 hashing, BLAKE2b-256 fingerprinting, and Merkle tree anchoring. If you identify a weakness in how these primitives are applied (not the primitives themselves), that is a valid report.
|
|
42
|
-
|
|
43
|
-
Key areas of concern:
|
|
44
|
-
|
|
45
|
-
- Sealed hash computation correctness
|
|
46
|
-
- Receipt chain integrity (hash linking)
|
|
47
|
-
- Merkle checkpoint verification
|
|
48
|
-
- Key separation enforcement between Portal and agent
|
|
49
|
-
- Evidence Bundle completeness and tamper detection
|
|
50
|
-
|
|
51
|
-
### Disclosure
|
|
52
|
-
|
|
53
|
-
We follow coordinated disclosure. Please do not publicly disclose vulnerabilities until we have released a fix or 90 days have elapsed, whichever comes first.
|
|
54
|
-
|
|
55
|
-
We do not currently operate a bug bounty program.
|
|
56
|
-
|
|
57
|
-
---
|
|
58
|
-
|
|
59
|
-
Attested Intelligence Holdings LLC
|
|
@@ -1,31 +0,0 @@
|
|
|
1
|
-
# AGA Independent Verifier
|
|
2
|
-
|
|
3
|
-
Standalone verification of AGA Evidence Bundles using only standard
|
|
4
|
-
cryptographic libraries. **This verifier imports zero modules from the
|
|
5
|
-
AGA codebase.**
|
|
6
|
-
|
|
7
|
-
## Why This Exists
|
|
8
|
-
|
|
9
|
-
AGA claims that Evidence Bundles provide tamper-evident, offline-verifiable
|
|
10
|
-
proof of governance enforcement. This verifier proves that claim by
|
|
11
|
-
implementing the complete 4-step verification using only Ed25519 and SHA-256
|
|
12
|
-
from @noble - no AGA code, no trust assumptions, no hidden dependencies.
|
|
13
|
-
|
|
14
|
-
## Usage
|
|
15
|
-
|
|
16
|
-
```bash
|
|
17
|
-
npx tsx verify.ts <bundle.json>
|
|
18
|
-
```
|
|
19
|
-
|
|
20
|
-
## What It Verifies
|
|
21
|
-
|
|
22
|
-
1. **Artifact Signature** - Ed25519 over RFC 8785 canonical JSON
|
|
23
|
-
2. **Receipt Signatures** - Ed25519 for each enforcement receipt
|
|
24
|
-
3. **Merkle Inclusion Proofs** - Structural metadata leaf hashes vs checkpoint root
|
|
25
|
-
4. **Checkpoint Anchor** - (Optional, requires network access)
|
|
26
|
-
|
|
27
|
-
Steps 1-3 work fully offline. Step 4 is optional.
|
|
28
|
-
|
|
29
|
-
## Reference
|
|
30
|
-
|
|
31
|
-
Implements the AGA 4-step offline verification process.
|
|
@@ -1,18 +0,0 @@
|
|
|
1
|
-
{
|
|
2
|
-
"name": "aga-independent-verifier",
|
|
3
|
-
"version": "1.0.0",
|
|
4
|
-
"description": "Standalone verification of AGA Evidence Bundles - zero AGA imports",
|
|
5
|
-
"type": "module",
|
|
6
|
-
"scripts": {
|
|
7
|
-
"verify": "npx tsx verify.ts",
|
|
8
|
-
"test": "npx vitest run"
|
|
9
|
-
},
|
|
10
|
-
"dependencies": {
|
|
11
|
-
"@noble/ed25519": "^2.1.0",
|
|
12
|
-
"@noble/hashes": "^1.7.0"
|
|
13
|
-
},
|
|
14
|
-
"devDependencies": {
|
|
15
|
-
"tsx": "^4.19.0",
|
|
16
|
-
"vitest": "^2.1.0"
|
|
17
|
-
}
|
|
18
|
-
}
|
|
@@ -1,211 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* AGA Independent Verifier
|
|
3
|
-
*
|
|
4
|
-
* Standalone verification of AGA Evidence Bundles using ONLY standard
|
|
5
|
-
* cryptographic libraries. This verifier imports ZERO modules from the
|
|
6
|
-
* AGA codebase (../src/).
|
|
7
|
-
*
|
|
8
|
-
* Implements the full 4-step verification process:
|
|
9
|
-
* 1. Verify artifact signature (Ed25519 over RFC 8785 canonical JSON)
|
|
10
|
-
* 2. Verify each receipt signature (Ed25519)
|
|
11
|
-
* 3. Verify Merkle inclusion proofs (structural metadata leaf hashes vs checkpoint root)
|
|
12
|
-
* 4. (Optional) Verify checkpoint anchor
|
|
13
|
-
*
|
|
14
|
-
* Steps 1-3 work fully offline. Step 4 is optional.
|
|
15
|
-
*
|
|
16
|
-
* Attested Intelligence Holdings LLC
|
|
17
|
-
*/
|
|
18
|
-
import * as ed from '@noble/ed25519';
|
|
19
|
-
import { sha512 } from '@noble/hashes/sha512';
|
|
20
|
-
import { sha256 } from '@noble/hashes/sha256';
|
|
21
|
-
import { bytesToHex, hexToBytes } from '@noble/hashes/utils';
|
|
22
|
-
|
|
23
|
-
// ── Ed25519 setup ────────────────────────────────────────────
|
|
24
|
-
ed.etc.sha512Sync = (...m: Uint8Array[]) => {
|
|
25
|
-
const total = m.reduce((n, a) => n + a.length, 0);
|
|
26
|
-
const buf = new Uint8Array(total);
|
|
27
|
-
let off = 0;
|
|
28
|
-
for (const a of m) { buf.set(a, off); off += a.length; }
|
|
29
|
-
return sha512(buf);
|
|
30
|
-
};
|
|
31
|
-
|
|
32
|
-
const enc = new TextEncoder();
|
|
33
|
-
|
|
34
|
-
// ── Types (reimplemented, no AGA imports) ────────────────────
|
|
35
|
-
|
|
36
|
-
export interface VerificationResult {
|
|
37
|
-
step1_artifact_sig: boolean;
|
|
38
|
-
step2_receipt_sigs: boolean;
|
|
39
|
-
step3_merkle_proofs: boolean;
|
|
40
|
-
step4_anchor: 'VERIFIED' | 'SKIPPED';
|
|
41
|
-
overall: boolean;
|
|
42
|
-
errors: string[];
|
|
43
|
-
details: {
|
|
44
|
-
receipt_results: boolean[];
|
|
45
|
-
proof_results: boolean[];
|
|
46
|
-
};
|
|
47
|
-
}
|
|
48
|
-
|
|
49
|
-
interface MerkleProof {
|
|
50
|
-
leafHash: string;
|
|
51
|
-
leafIndex: number;
|
|
52
|
-
siblings: Array<{ hash: string; position: 'left' | 'right' }>;
|
|
53
|
-
root: string;
|
|
54
|
-
}
|
|
55
|
-
|
|
56
|
-
interface EvidenceBundle {
|
|
57
|
-
artifact: Record<string, unknown> & { signature: string; issuer_identifier: string };
|
|
58
|
-
receipts: Array<Record<string, unknown> & { portal_signature: string; receipt_id: string }>;
|
|
59
|
-
merkle_proofs: MerkleProof[];
|
|
60
|
-
checkpoint_reference: { merkle_root: string; [key: string]: unknown };
|
|
61
|
-
public_key: string;
|
|
62
|
-
bundle_signature: string;
|
|
63
|
-
verification_tier?: string;
|
|
64
|
-
}
|
|
65
|
-
|
|
66
|
-
// ── Crypto helpers (reimplemented from scratch) ──────────────
|
|
67
|
-
|
|
68
|
-
function deepSortKeys(obj: unknown): unknown {
|
|
69
|
-
if (obj === null || obj === undefined || typeof obj !== 'object') return obj;
|
|
70
|
-
if (Array.isArray(obj)) return obj.map(deepSortKeys);
|
|
71
|
-
if (obj instanceof Uint8Array) return obj;
|
|
72
|
-
const sorted: Record<string, unknown> = {};
|
|
73
|
-
for (const key of Object.keys(obj as Record<string, unknown>).sort()) {
|
|
74
|
-
sorted[key] = deepSortKeys((obj as Record<string, unknown>)[key]);
|
|
75
|
-
}
|
|
76
|
-
return sorted;
|
|
77
|
-
}
|
|
78
|
-
|
|
79
|
-
function canonicalize(obj: unknown): string {
|
|
80
|
-
return JSON.stringify(deepSortKeys(obj));
|
|
81
|
-
}
|
|
82
|
-
|
|
83
|
-
function sha256Hex(data: string): string {
|
|
84
|
-
return bytesToHex(sha256(enc.encode(data)));
|
|
85
|
-
}
|
|
86
|
-
|
|
87
|
-
function verifyEd25519(sigBase64: string, message: string, publicKeyHex: string): boolean {
|
|
88
|
-
try {
|
|
89
|
-
const sig = new Uint8Array(Buffer.from(sigBase64, 'base64'));
|
|
90
|
-
const pk = hexToBytes(publicKeyHex);
|
|
91
|
-
return ed.verify(sig, enc.encode(message), pk);
|
|
92
|
-
} catch { return false; }
|
|
93
|
-
}
|
|
94
|
-
|
|
95
|
-
function merkleParentHash(left: string, right: string): string {
|
|
96
|
-
return sha256Hex(left + right);
|
|
97
|
-
}
|
|
98
|
-
|
|
99
|
-
// ── Step 1: Verify artifact signature (Ed25519) ─────────────
|
|
100
|
-
|
|
101
|
-
export function verifyArtifactSignature(artifact: EvidenceBundle['artifact']): boolean {
|
|
102
|
-
const { signature, ...unsigned } = artifact;
|
|
103
|
-
const canonical = canonicalize(unsigned);
|
|
104
|
-
return verifyEd25519(signature, canonical, artifact.issuer_identifier);
|
|
105
|
-
}
|
|
106
|
-
|
|
107
|
-
// ── Step 2: Verify each receipt signature (Ed25519) ──────────
|
|
108
|
-
|
|
109
|
-
export function verifyReceiptSignatures(receipts: EvidenceBundle['receipts'], portalPublicKey: string): boolean[] {
|
|
110
|
-
return receipts.map(receipt => {
|
|
111
|
-
const { portal_signature, ...unsigned } = receipt;
|
|
112
|
-
const canonical = canonicalize(unsigned);
|
|
113
|
-
return verifyEd25519(portal_signature, canonical, portalPublicKey);
|
|
114
|
-
});
|
|
115
|
-
}
|
|
116
|
-
|
|
117
|
-
// ── Step 3: Verify Merkle inclusion proofs ───────────────────
|
|
118
|
-
|
|
119
|
-
export function verifyMerkleProofs(proofs: MerkleProof[], checkpointRoot: string): boolean[] {
|
|
120
|
-
return proofs.map(proof => {
|
|
121
|
-
let hash = proof.leafHash;
|
|
122
|
-
for (const sibling of proof.siblings) {
|
|
123
|
-
hash = sibling.position === 'left'
|
|
124
|
-
? merkleParentHash(sibling.hash, hash)
|
|
125
|
-
: merkleParentHash(hash, sibling.hash);
|
|
126
|
-
}
|
|
127
|
-
return hash === checkpointRoot;
|
|
128
|
-
});
|
|
129
|
-
}
|
|
130
|
-
|
|
131
|
-
// ── Step 4 (optional): Verify checkpoint anchor ─────────────
|
|
132
|
-
|
|
133
|
-
export function verifyCheckpointAnchor(_checkpoint: Record<string, unknown>): 'VERIFIED' | 'SKIPPED' {
|
|
134
|
-
// Offline mode - no network access to verify on-chain anchor
|
|
135
|
-
return 'SKIPPED';
|
|
136
|
-
}
|
|
137
|
-
|
|
138
|
-
// ── Main entry point ─────────────────────────────────────────
|
|
139
|
-
|
|
140
|
-
export function verifyEvidenceBundle(bundleJson: string): VerificationResult {
|
|
141
|
-
const errors: string[] = [];
|
|
142
|
-
let bundle: EvidenceBundle;
|
|
143
|
-
|
|
144
|
-
try {
|
|
145
|
-
bundle = JSON.parse(bundleJson);
|
|
146
|
-
} catch {
|
|
147
|
-
return {
|
|
148
|
-
step1_artifact_sig: false, step2_receipt_sigs: false,
|
|
149
|
-
step3_merkle_proofs: false, step4_anchor: 'SKIPPED',
|
|
150
|
-
overall: false, errors: ['Failed to parse bundle JSON'],
|
|
151
|
-
details: { receipt_results: [], proof_results: [] },
|
|
152
|
-
};
|
|
153
|
-
}
|
|
154
|
-
|
|
155
|
-
// Step 1: Artifact signature
|
|
156
|
-
const step1 = verifyArtifactSignature(bundle.artifact);
|
|
157
|
-
if (!step1) errors.push('Artifact signature verification failed');
|
|
158
|
-
|
|
159
|
-
// Step 2: Receipt signatures
|
|
160
|
-
const receiptResults = verifyReceiptSignatures(bundle.receipts, bundle.public_key);
|
|
161
|
-
const step2 = receiptResults.every(r => r);
|
|
162
|
-
receiptResults.forEach((r, i) => {
|
|
163
|
-
if (!r) errors.push(`Receipt ${bundle.receipts[i].receipt_id} signature failed`);
|
|
164
|
-
});
|
|
165
|
-
|
|
166
|
-
// Step 3: Merkle inclusion proofs
|
|
167
|
-
const proofResults = verifyMerkleProofs(bundle.merkle_proofs, bundle.checkpoint_reference.merkle_root);
|
|
168
|
-
const step3 = proofResults.length === 0 ? true : proofResults.every(r => r);
|
|
169
|
-
proofResults.forEach((r, i) => {
|
|
170
|
-
if (!r) errors.push(`Merkle proof ${i} failed`);
|
|
171
|
-
});
|
|
172
|
-
|
|
173
|
-
// Step 4: Checkpoint anchor
|
|
174
|
-
const step4 = verifyCheckpointAnchor(bundle.checkpoint_reference as Record<string, unknown>);
|
|
175
|
-
|
|
176
|
-
return {
|
|
177
|
-
step1_artifact_sig: step1,
|
|
178
|
-
step2_receipt_sigs: step2,
|
|
179
|
-
step3_merkle_proofs: step3,
|
|
180
|
-
step4_anchor: step4,
|
|
181
|
-
overall: step1 && step2 && step3,
|
|
182
|
-
errors,
|
|
183
|
-
details: { receipt_results: receiptResults, proof_results: proofResults },
|
|
184
|
-
};
|
|
185
|
-
}
|
|
186
|
-
|
|
187
|
-
// ── CLI mode ─────────────────────────────────────────────────
|
|
188
|
-
|
|
189
|
-
if (typeof process !== 'undefined' && process.argv[1]?.includes('verify')) {
|
|
190
|
-
const { readFileSync } = await import('node:fs');
|
|
191
|
-
const bundlePath = process.argv[2];
|
|
192
|
-
if (!bundlePath) {
|
|
193
|
-
console.error('Usage: npx tsx verify.ts <bundle.json>');
|
|
194
|
-
process.exit(1);
|
|
195
|
-
}
|
|
196
|
-
const bundleJson = readFileSync(bundlePath, 'utf-8');
|
|
197
|
-
const result = verifyEvidenceBundle(bundleJson);
|
|
198
|
-
|
|
199
|
-
console.log('\nAGA Independent Verifier\n');
|
|
200
|
-
console.log(`Step 1 - Artifact signature: ${result.step1_artifact_sig ? 'PASS' : 'FAIL'}`);
|
|
201
|
-
console.log(`Step 2 - Receipt signatures: ${result.step2_receipt_sigs ? 'PASS' : 'FAIL'} (${result.details.receipt_results.filter(r => r).length}/${result.details.receipt_results.length})`);
|
|
202
|
-
console.log(`Step 3 - Merkle inclusion proofs: ${result.step3_merkle_proofs ? 'PASS' : 'FAIL'} (${result.details.proof_results.filter(r => r).length}/${result.details.proof_results.length})`);
|
|
203
|
-
console.log(`Step 4 - Checkpoint anchor: ${result.step4_anchor}`);
|
|
204
|
-
console.log(`\nOVERALL: ${result.overall ? 'VERIFIED' : 'FAILED'}`);
|
|
205
|
-
if (result.errors.length) {
|
|
206
|
-
console.log('\nErrors:');
|
|
207
|
-
result.errors.forEach(e => console.log(` - ${e}`));
|
|
208
|
-
}
|
|
209
|
-
|
|
210
|
-
process.exit(result.overall ? 0 : 1);
|
|
211
|
-
}
|