@attested-intelligence/aga-mcp-server 3.3.1 → 3.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -28,7 +28,7 @@ node aga-receipt-spec/verify/verify-sep.mjs fixtures/valid_minimal.json # OVER
28
28
  node aga-receipt-spec/verify/verify-sep.mjs fixtures/tampered.json # OVERALL: FAILED
29
29
  ```
30
30
 
31
- The published `@attested-intelligence/aga-verify` CLI renders the identical verdict, and `npm run conformance:cross-stack` proves six v1 verifier configurations spanning **three independent toolchains (JavaScript, Go, and Python, including a pure-stdlib, no-third-party-crypto path)** agree on all **57** cross-stack cases; `npm run conformance:cross-stack-v2` proves **two genuinely independent-language oracles (@noble/JS and CIRCL/Go)** agree on the v2 composite corpus. For a full trust-free reproduction (build the package yourself, reproduce the published tarball byte-for-byte, re-run every gate), see the **[REVIEWER_GUIDE.md](REVIEWER_GUIDE.md)** (a command-by-command self-service path), **[REPRODUCIBILITY.md](REPRODUCIBILITY.md)**, and the step-by-step **[SKEPTICAL_AUDITOR.md](SKEPTICAL_AUDITOR.md)**. This release carries SLSA build provenance, checkable with `npm audit signatures`.
31
+ The published `@attested-intelligence/aga-verify` CLI renders the identical verdict, and `npm run conformance:cross-stack` (first: `npm run build && npm --prefix independent-verifier run build`) proves six v1 verifier configurations, spanning **three independent toolchains (JavaScript, Go, and Python, including a pure-stdlib, no-third-party-crypto path)**, agree on all **57** cross-stack cases; `npm run conformance:cross-stack-v2` proves **two genuinely independent-language oracles (@noble/JS and CIRCL/Go)** agree on the v2 composite corpus. For a full trust-free reproduction (build the package yourself, reproduce the published tarball byte-for-byte, re-run every gate), see the **[REVIEWER_GUIDE.md](REVIEWER_GUIDE.md)** (a command-by-command self-service path), **[REPRODUCIBILITY.md](REPRODUCIBILITY.md)**, and the step-by-step **[SKEPTICAL_AUDITOR.md](SKEPTICAL_AUDITOR.md)**. This release carries SLSA build provenance, checkable with `npm audit signatures`.
32
32
 
33
33
  ## What This Does
34
34
 
@@ -36,7 +36,7 @@ Every tool call an AI agent makes passes through the AGA gateway. Each call is e
36
36
 
37
37
  **Record. Prove. Verify.**
38
38
 
39
- **Scope:** a verified bundle proves the *integrity of the receipts present* each is authentic, correctly ordered, Merkle-included, and (when a key is pinned) provenance-bound. It does **not** prove non-omission (that every action the agent took was logged); completeness is bounded by the tamper-evidence of the interception point, which is outside the bundle. See **[KNOWN_LIMITATIONS.md](https://github.com/attestedintelligence/aga-mcp-server/blob/main/KNOWN_LIMITATIONS.md)** for the full honest boundary, and `THREAT_BOUNDARY.md` for the per-field detail.
39
+ **Scope:** a verified bundle proves the *integrity of the receipts present*: each is authentic, correctly ordered, Merkle-included, and (when a key is pinned) provenance-bound. It does **not** prove non-omission (that every action the agent took was logged); completeness is bounded by the tamper-evidence of the interception point, which is outside the bundle. See **[KNOWN_LIMITATIONS.md](https://github.com/attestedintelligence/aga-mcp-server/blob/main/KNOWN_LIMITATIONS.md)** for the full honest boundary, and `THREAT_BOUNDARY.md` for the per-field detail.
40
40
 
41
41
  ## Use with Claude Desktop
42
42
 
@@ -92,20 +92,36 @@ Keep the seed secret and out of version control; see `DEPLOYMENT.md` for key han
92
92
  | **Delegation** | `delegate_to_subagent` |
93
93
  | **Audit** | `get_receipts`, `get_chain_events` |
94
94
 
95
- > **`measure_behavior` is detective-only by default** it observes tool-usage patterns and records a *signed, provable* drift finding, but does not block. Enforcement (drift → quarantine) is opt-in via `enforce=true` and off by default. Hard governance decisions (PERMITTED/DENIED) are made by the portal/PEP, not the behavioral monitor.
95
+ > **`measure_behavior` is detective-only by default**: it observes tool-usage patterns and records a *signed, provable* drift finding, but does not block. Enforcement (drift → quarantine) is opt-in via `enforce=true` and off by default. Hard governance decisions (PERMITTED/DENIED) are made by the portal/PEP, not the behavioral monitor.
96
96
 
97
- ## Quick Start verify a bundle offline
97
+ ## Quick Start: verify a bundle offline
98
98
 
99
- A bundle this package emits (via the `generate_evidence_bundle` tool, or `aga-proxy export`) is a **canonical SEP bundle**. Verify it offline, with no network and no callback to us:
99
+ A bundle this package emits (via the `generate_evidence_bundle` MCP tool) is a **canonical SEP bundle**. Verify it offline, with no network and no callback to us:
100
100
 
101
101
  ```bash
102
102
  # Reference verifier (zero deps, Node 18+). Pin the gateway key (from get_server_info) to prove provenance.
103
103
  node aga-receipt-spec/verify/verify-sep.mjs evidence-bundle.json --pubkey <gateway-public-key>
104
104
  ```
105
105
 
106
- The published `@attested-intelligence/aga-verify` CLI mirrors this reference (**2.0.0**, published on npm; the older forgeable 1.0.0 is deprecated). Without `--pubkey` you get an **integrity-only** result (`issuerVerified=false`); pin the key to also prove *who* issued it see `THREAT_BOUNDARY.md` §3.7. A hosted browser verifier is linked under [Links](#links).
106
+ The published `@attested-intelligence/aga-verify` CLI mirrors this reference (published on npm; the older forgeable 1.0.0 is deprecated). Without `--pubkey` you get an **integrity-only** result (`issuerVerified=false`); pin the key to also prove *who* issued it. See `THREAT_BOUNDARY.md` §3.7. A hosted browser verifier is linked under [Links](#links).
107
107
 
108
- The reference §6 algorithm is implemented in **three languages** JavaScript (`aga-receipt-spec/verify/verify-sep.mjs`), Go (`verify.go`, stdlib `crypto/ed25519`), and Python (`verify.py`, pure-stdlib RFC-8032 Ed25519) and a cross-stack harness (`npm run conformance:cross-stack`) proves all three, plus the in-server engine and `aga-verify`, render **identical verdicts** on the canonical vectors (valid, adversarial, and every small-order forgery). The **v2 composite** profile (`ML-DSA-65+Ed25519-SHA256-JCS`) is held to the same bar by a second harness (`npm run conformance:cross-stack-v2`): a `@noble`/JavaScript engine and a CIRCL/Go oracle two genuinely independent toolchains render identical verdicts on the pinned v2 corpus, and the **reference** v1 verifier (`verify-sep.mjs`/`verify.py`/`verify.go`) returns `UNSUPPORTED_PROFILE` (exit 3) on a v2 bundle signalling "profile not implemented" rather than a misleading "invalid". *(The published `aga-verify` CLI does not implement this profile trichotomy: on a v2 bundle it returns FAILED (exit 1). Use exit 3 as the unsupported-profile signal only with the reference verifiers.)*
108
+ The reference §6 algorithm is implemented in **three languages**: JavaScript (`aga-receipt-spec/verify/verify-sep.mjs`), Go (`verify.go`, stdlib `crypto/ed25519`), and Python (`verify.py`, pure-stdlib RFC-8032 Ed25519). A cross-stack harness (`npm run conformance:cross-stack`; first: `npm run build && npm --prefix independent-verifier run build`) proves all three, plus the in-server engine and `aga-verify`, render **identical verdicts** on the canonical vectors (valid, adversarial, and every small-order forgery). The **v2 composite** profile (`ML-DSA-65+Ed25519-SHA256-JCS`) is held to the same bar by a second harness (`npm run conformance:cross-stack-v2`): a `@noble`/JavaScript engine and a CIRCL/Go oracle, two genuinely independent toolchains, render identical verdicts on the pinned v2 corpus, and the **reference** v1 verifier (`verify-sep.mjs`/`verify.py`/`verify.go`) returns `UNSUPPORTED_PROFILE` (exit 3) on a v2 bundle, signalling "profile not implemented" rather than a misleading "invalid". *(The published `aga-verify` CLI does not implement this profile trichotomy: on a v2 bundle it returns FAILED (exit 1). Use exit 3 as the unsupported-profile signal only with the reference verifiers.)*
109
+
110
+ ### Check-name mapping across implementations
111
+
112
+ The JS reference verifier and the Python SDK (`aga-governance`) decompose the same seven-check verification differently. Overall verdicts and exit codes agree on every conformance-corpus case (re-proven 2026-07-01: 10/10 cells across pristine/tampered bundles with unpinned, correct, and wrong keys); the sub-check that reports a given tamper can differ:
113
+
114
+ | JS reference check | Python result field | What it covers |
115
+ |---|---|---|
116
+ | `structural` | `algorithm_valid` + parts of `bundle_consistent` | algorithm id, key well-formedness, receipt/proof counts |
117
+ | `receipt_signatures` | `receipt_signatures_valid` | Ed25519 over canonical receipt bytes |
118
+ | `chain_and_ordering` | `chain_integrity_valid` | prev-leaf linkage, monotonic ids and timestamps |
119
+ | `merkle_and_bijection` | `merkle_proofs_valid` | leaf recompute, single-root walk, index bijection |
120
+ | `signed_checkpoint` | `checkpoint_valid` | gateway-signed root + count + chain-head binding |
121
+ | `envelope_consistency` | `envelope_consistent` | envelope metadata vs signed content |
122
+ | `gateway_key_match` (with `--pubkey`) | `gateway_key_match` / `provenance` | pinned issuer key |
123
+
124
+ Known decomposition difference: the JS reference recomputes every Merkle leaf from full receipt content, so a receipt-signature tamper also fails `merkle_and_bijection`; the Python verifier surfaces the same tamper in `receipt_signatures_valid`, `chain_integrity_valid`, and `bundle_consistent` while its `merkle_proofs_valid` can remain true. Neither is looser: the bundle fails in both stacks, exit 1. One input-handling difference is deliberate: a malformed `--pubkey` pin is a usage error (exit 2) in the Python SDK, while the JS reference treats a malformed pin as unpinned; the Python behavior is strictly tighter.
109
125
 
110
126
  ## How It Works
111
127
 
@@ -134,14 +150,30 @@ Run AGA as a transparent proxy between any MCP client and any MCP server. Every
134
150
  ```bash
135
151
  # Start the proxy (the `aga-proxy` bin) in front of an upstream MCP server.
136
152
  # stdio upstream = the hardened default (the upstream is a child process, not network-reachable).
153
+ npx -p @attested-intelligence/aga-mcp-server aga-proxy start \
154
+ --upstream "npx -y @modelcontextprotocol/server-filesystem /tmp/test" --profile standard
155
+ ```
156
+
157
+ ### Exporting the evidence bundle from a running proxy
158
+
159
+ The proxy records receipts in its own process and keeps the SEP ledger **in memory**. To make that live ledger reachable from a separate shell, `aga-proxy start` opens a **loopback-only control channel** — an HTTP listener bound to `127.0.0.1` (never a routable interface), on its own port (default `18801`, override with `--control-port`), distinct from the agent-facing proxy port (`18800`). It exposes only read routes (`/export`, `/status`, `/receipts`); nothing on it mutates policy or state, and it is unreachable off-host by construction (the loopback bind is the guarantee). The proxy writes the chosen control port to `~/.aga-proxy/control.json` alongside `proxy.pid`.
160
+
161
+ A **separate** `aga-proxy export` invocation reads that file and fetches the same signed bundle the running proxy would emit:
162
+
163
+ ```bash
164
+ # Terminal A — start the proxy in front of an upstream MCP server
137
165
  npx -p @attested-intelligence/aga-mcp-server aga-proxy start \
138
166
  --upstream "npx -y @modelcontextprotocol/server-filesystem /tmp/test" --profile standard
139
167
 
140
- # Export the canonical SEP evidence bundle, then verify it offline
141
- npx -p @attested-intelligence/aga-mcp-server aga-proxy export --output evidence.json
142
- npx -p @attested-intelligence/aga-mcp-server aga-proxy verify evidence.json
168
+ # Terminal B — export the live ledger from a different shell, then verify it offline
169
+ npx -p @attested-intelligence/aga-mcp-server aga-proxy export -o evidence.json
170
+ npx -y @attested-intelligence/aga-verify evidence.json --pubkey <gateway-public-key>
143
171
  ```
144
172
 
173
+ If no proxy is running, `aga-proxy export` prints `no running proxy found; start it first, or export from within the session` and exits non-zero — it never emits an empty or placeholder bundle. Within the MCP **server** session you can also call the `generate_evidence_bundle` tool and save the returned JSON.
174
+
175
+ **In-memory ledger:** the exported bundle is the durable cryptographic record, but the live in-process chain does **not** survive a proxy restart. This flow makes the *live* ledger reachable from another process; it does **not** add cross-restart persistence, which needs the persistent (SQLite) backend and remains roadmap (see [`KNOWN_LIMITATIONS.md`](KNOWN_LIMITATIONS.md)).
176
+
145
177
  The proxy intercepts `tools/call` requests, evaluates them against a sealed policy, and generates a signed SEP receipt for **every** decision. Permitted calls are forwarded to the downstream server; denied calls return an MCP error and never reach it. Every decision is hash-linked and checkpoint-bound into a tamper-evident bundle. (Methods other than `tools/call` aren't policy-evaluated, but non-benign ones are recorded as signed *passthrough* receipts for auditability, and an optional denylist can reject them; see `THREAT_BOUNDARY.md` §3.2.)
146
178
 
147
179
  Three built-in policy profiles:
@@ -149,7 +181,7 @@ Three built-in policy profiles:
149
181
  - **standard** - rate limits + blocks destructive operations
150
182
  - **restrictive** - explicit tool allowlist, all unknown tools denied
151
183
 
152
- ## Verification _(canonical SEP 3.0; normative §6 algorithm in `aga-receipt-spec/verify/verify-sep.mjs`)_
184
+ ## Verification _(canonical SEP 3.0; normative §6 algorithm in `aga-receipt-spec/verify/verify-sep.mjs`)_
153
185
 
154
186
  1. **Structural floor** - Bundle declares Ed25519-SHA256-JCS, public key well-formed (all small-order encodings + non-canonical `y ≥ p` rejected), `receipts.length > 0`, proof count = receipt count
155
187
  2. **Receipt Signatures** - Ed25519 over JCS-profile canonical JSON, sorted-key (signature field excluded)
@@ -169,7 +201,7 @@ Three built-in policy profiles:
169
201
 
170
202
  ## Live Gateway
171
203
 
172
- A demo gateway is deployed on Cloudflare Workers (a **separate deployment** that may track its own version; treat it as a convenience mirror, and always verify what it returns offline against a pinned key not as the canonical artifact):
204
+ A demo gateway is deployed on Cloudflare Workers (a **separate deployment** that may track its own version; treat it as a convenience mirror, and always verify what it returns offline against a pinned key, not as the canonical artifact):
173
205
 
174
206
  ```bash
175
207
  # Check status
@@ -204,7 +236,7 @@ with AgentSession(gateway_id="my-gateway") as session:
204
236
 
205
237
  Automated tests across TypeScript and Python, plus a conformance corpus:
206
238
 
207
- - **TypeScript MCP server:** 370 tests (vitest), including provable-denial and behavioral-monitor regressions
239
+ - **TypeScript MCP server:** 384 automated tests (vitest), including provable-denial and behavioral-monitor regressions
208
240
  - **SEP conformance corpus:** `npm run test:conformance` (valid → VERIFIED, negatives → FAILED)
209
241
  - **Python companion SDK:** the separately-published `aga-governance` PyPI package (install + smoke-checked here; its full pytest suite runs from the source tree)
210
242
 
@@ -216,20 +248,20 @@ pip install aga-governance && python -c "import aga; print(aga.__version__)" #
216
248
 
217
249
  ## Benchmarks
218
250
 
219
- Receipt-format determinism is reproducible here: `npm test` runs the cross-language vectors, and `npm run conformance:cross-stack` shows the six v1 verifier configurations (across three independent toolchains JS, Go, Python) agree on the canonical 57-case corpus, while `npm run conformance:cross-stack-v2` shows the two independent-language v2 oracles agree on the composite corpus.
251
+ Receipt-format determinism is reproducible here: `npm test` runs the cross-language vectors, and `npm run conformance:cross-stack` (first: `npm run build && npm --prefix independent-verifier run build`) shows the six v1 verifier configurations (across three independent toolchains: JS, Go, Python) agree on the canonical 57-case corpus, while `npm run conformance:cross-stack-v2` shows the two independent-language v2 oracles agree on the composite corpus.
220
252
 
221
253
  ## Project Structure
222
254
 
223
255
  ```
224
256
  src/
225
- sep/ # Canonical SEP evidence engine single source of truth (canon, merkle, receipt, checkpoint, bundle, verify)
257
+ sep/ # Canonical SEP evidence engine: single source of truth (canon, merkle, receipt, checkpoint, bundle, verify)
226
258
  core/ # Governance primitives (portal, artifact, attestation, disclosure, delegation, behavioral) + internal continuity-chain profile
227
259
  crypto/ # Internal continuity-chain crypto: Ed25519 (node:crypto), SHA-256/blake2b, salt
228
260
  proxy/ # MCP governance proxy (transparent interception + policy enforcement; emits SEP bundles)
229
261
  middleware/ # Governance PEP wrapper (records a signed PERMITTED/DENIED receipt per governed call)
230
- independent-verifier/ # @attested-intelligence/aga-verify standalone SEP verifier, zero AGA imports
231
- scenarios/ # Demo scenarios (SCADA, autonomous vehicle, AI agent) emit SEP bundles
232
- tests/ # TypeScript test suite (370 tests)
262
+ independent-verifier/ # @attested-intelligence/aga-verify: standalone SEP verifier, zero AGA imports
263
+ scenarios/ # Demo scenarios (SCADA, autonomous vehicle, AI agent) that emit SEP bundles
264
+ tests/ # TypeScript test suite (384 automated tests)
233
265
  ```
234
266
 
235
267
  ## Links
@@ -0,0 +1,103 @@
1
+ /**
2
+ * AGA Governance Proxy — loopback-only control channel.
3
+ *
4
+ * The governance proxy keeps its SEP evidence ledger in memory (SepGateway) and can already
5
+ * assemble the canonical signed bundle via GovernanceProxy.exportBundle(). Before this module,
6
+ * that method was only reachable from inside the running `start` process; a SEPARATE
7
+ * `aga-proxy export` invocation had no handle to the live ledger and failed.
8
+ *
9
+ * This adds a tiny HTTP control listener bound to 127.0.0.1 ONLY (never 0.0.0.0), on its own
10
+ * port distinct from the agent-facing proxy port. It exposes READ-ONLY routes over the already-
11
+ * signed artifact: GET /export (the same SepBundle exportBundle() returns), GET /status, and
12
+ * GET /receipts. There is NO route that mutates policy or ledger state.
13
+ *
14
+ * Trust surface: the channel adds none. The bundle it returns is the identical signed artifact
15
+ * exportBundle() already produces — anyone who can read the written file gets the same thing. The
16
+ * off-host guarantee is the loopback bind itself, not auth theater; a shared-host deployment must
17
+ * treat any local user as able to read the (already-signed, already-exportable) evidence.
18
+ *
19
+ * Copyright (c) 2026 Attested Intelligence Holdings LLC
20
+ * SPDX-License-Identifier: MIT
21
+ */
22
+ /** Loopback address the control listener binds to. Never 0.0.0.0. */
23
+ export declare const CONTROL_HOST = "127.0.0.1";
24
+ /** Default control port; distinct from the agent-facing proxy port (18800). Overridable via CLI. */
25
+ export declare const DEFAULT_CONTROL_PORT = 18801;
26
+ /** Identity header set on every control response; checked by the CLI to reject foreign services. */
27
+ export declare const CONTROL_HEADER = "x-aga-control";
28
+ export declare const CONTROL_HEADER_VALUE = "aga-proxy";
29
+ /**
30
+ * Structural guard: is `b` a well-formed SepBundle? A stale control port can be recycled by an
31
+ * unrelated local service that returns valid-but-foreign JSON; for an evidence tool, writing that
32
+ * as "evidence" (even though it would fail verification) is a workflow-integrity defect. Combined
33
+ * with the identity header, this ensures `export` only ever writes an actual SEP bundle.
34
+ */
35
+ export declare function isSepBundleShape(b: unknown): boolean;
36
+ /** The read-only surface the control listener exposes from the running proxy. */
37
+ export interface ProxyControlTarget {
38
+ exportBundle(): unknown;
39
+ getStatus(): unknown;
40
+ getReceipts(): unknown;
41
+ }
42
+ /**
43
+ * Loopback HTTP control listener over a running proxy's read-only evidence surface.
44
+ * Bind is forced to 127.0.0.1 — a caller cannot widen it to a routable interface.
45
+ */
46
+ export declare class ProxyControlServer {
47
+ private server;
48
+ private boundPort;
49
+ private readonly target;
50
+ constructor(target: ProxyControlTarget);
51
+ /** Start the listener on 127.0.0.1:<port>. Rejects (e.g. EADDRINUSE) if the port is taken. */
52
+ start(port?: number): Promise<{
53
+ address: string;
54
+ port: number;
55
+ }>;
56
+ /** The address the listener is actually bound to (asserted in tests to be loopback). */
57
+ address(): string;
58
+ get port(): number;
59
+ private handle;
60
+ private json;
61
+ /** Stop the listener. Idempotent. */
62
+ stop(): Promise<void>;
63
+ }
64
+ /** Where the running proxy publishes its control-channel coordinates. */
65
+ export interface ControlLocator {
66
+ host: string;
67
+ port: number;
68
+ pid: number;
69
+ }
70
+ export declare function controlFilePath(dataDir: string): string;
71
+ export declare function writeControlFile(dataDir: string, loc: ControlLocator): void;
72
+ export declare function readControlFile(dataDir: string): ControlLocator | null;
73
+ export declare function removeControlFile(dataDir: string): void;
74
+ /** Stable message when no live proxy can be reached — never emit an empty bundle instead. */
75
+ export declare const NO_PROXY_MESSAGE = "no running proxy found; start it first, or export from within the session";
76
+ /** Thrown when export cannot reach a live proxy. Carries {@link NO_PROXY_MESSAGE}. */
77
+ export declare class ExportUnavailableError extends Error {
78
+ constructor(message?: string);
79
+ }
80
+ /**
81
+ * Fetch the signed bundle from a live proxy over its loopback control channel.
82
+ * A connection failure (proxy not running) → {@link ExportUnavailableError}. An empty ledger
83
+ * (409) or other HTTP error → a distinct Error so the caller does not misreport it as "no proxy".
84
+ */
85
+ export declare function fetchBundleViaControl(loc: ControlLocator): Promise<unknown>;
86
+ /**
87
+ * Resolve and write an evidence bundle: from an in-process proxy if one exists, otherwise from the
88
+ * live proxy over its loopback control channel. Never writes an empty/placeholder bundle — if no
89
+ * live proxy can be reached it throws {@link ExportUnavailableError}.
90
+ */
91
+ export declare function exportBundleToFile(opts: {
92
+ proxy: {
93
+ exportBundle(): unknown;
94
+ } | null;
95
+ dataDir: string;
96
+ output: string;
97
+ writeFile?: (filePath: string, data: string) => void;
98
+ }): Promise<{
99
+ source: 'in-process' | 'control-channel';
100
+ output: string;
101
+ receiptCount: number;
102
+ }>;
103
+ //# sourceMappingURL=control.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"control.d.ts","sourceRoot":"","sources":["../../src/proxy/control.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAMH,qEAAqE;AACrE,eAAO,MAAM,YAAY,cAAc,CAAC;AACxC,oGAAoG;AACpG,eAAO,MAAM,oBAAoB,QAAQ,CAAC;AAC1C,oGAAoG;AACpG,eAAO,MAAM,cAAc,kBAAkB,CAAC;AAC9C,eAAO,MAAM,oBAAoB,cAAc,CAAC;AAEhD;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,CAAC,EAAE,OAAO,GAAG,OAAO,CAUpD;AAED,iFAAiF;AACjF,MAAM,WAAW,kBAAkB;IACjC,YAAY,IAAI,OAAO,CAAC;IACxB,SAAS,IAAI,OAAO,CAAC;IACrB,WAAW,IAAI,OAAO,CAAC;CACxB;AAED;;;GAGG;AACH,qBAAa,kBAAkB;IAC7B,OAAO,CAAC,MAAM,CAA4B;IAC1C,OAAO,CAAC,SAAS,CAAK;IACtB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAqB;gBAEhC,MAAM,EAAE,kBAAkB;IAItC,8FAA8F;IACxF,KAAK,CAAC,IAAI,GAAE,MAA6B,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;IAmB5F,wFAAwF;IACxF,OAAO,IAAI,MAAM;IAKjB,IAAI,IAAI,IAAI,MAAM,CAEjB;IAED,OAAO,CAAC,MAAM;IAgCd,OAAO,CAAC,IAAI;IAQZ,qCAAqC;IAC/B,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;CAO5B;AAID,yEAAyE;AACzE,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,GAAG,EAAE,MAAM,CAAC;CACb;AAED,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAEvD;AAED,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,cAAc,GAAG,IAAI,CAE3E;AAED,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,GAAG,cAAc,GAAG,IAAI,CAYtE;AAED,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAMvD;AAID,6FAA6F;AAC7F,eAAO,MAAM,gBAAgB,8EACgD,CAAC;AAE9E,sFAAsF;AACtF,qBAAa,sBAAuB,SAAQ,KAAK;gBACnC,OAAO,GAAE,MAAyB;CAI/C;AAED;;;;GAIG;AACH,wBAAsB,qBAAqB,CAAC,GAAG,EAAE,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC,CA4BjF;AAED;;;;GAIG;AACH,wBAAsB,kBAAkB,CAAC,IAAI,EAAE;IAC7C,KAAK,EAAE;QAAE,YAAY,IAAI,OAAO,CAAA;KAAE,GAAG,IAAI,CAAC;IAC1C,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,IAAI,CAAC;CACtD,GAAG,OAAO,CAAC;IAAE,MAAM,EAAE,YAAY,GAAG,iBAAiB,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,CAAA;CAAE,CAAC,CAmB9F"}
@@ -0,0 +1,245 @@
1
+ /**
2
+ * AGA Governance Proxy — loopback-only control channel.
3
+ *
4
+ * The governance proxy keeps its SEP evidence ledger in memory (SepGateway) and can already
5
+ * assemble the canonical signed bundle via GovernanceProxy.exportBundle(). Before this module,
6
+ * that method was only reachable from inside the running `start` process; a SEPARATE
7
+ * `aga-proxy export` invocation had no handle to the live ledger and failed.
8
+ *
9
+ * This adds a tiny HTTP control listener bound to 127.0.0.1 ONLY (never 0.0.0.0), on its own
10
+ * port distinct from the agent-facing proxy port. It exposes READ-ONLY routes over the already-
11
+ * signed artifact: GET /export (the same SepBundle exportBundle() returns), GET /status, and
12
+ * GET /receipts. There is NO route that mutates policy or ledger state.
13
+ *
14
+ * Trust surface: the channel adds none. The bundle it returns is the identical signed artifact
15
+ * exportBundle() already produces — anyone who can read the written file gets the same thing. The
16
+ * off-host guarantee is the loopback bind itself, not auth theater; a shared-host deployment must
17
+ * treat any local user as able to read the (already-signed, already-exportable) evidence.
18
+ *
19
+ * Copyright (c) 2026 Attested Intelligence Holdings LLC
20
+ * SPDX-License-Identifier: MIT
21
+ */
22
+ import * as http from 'node:http';
23
+ import * as fs from 'node:fs';
24
+ import * as path from 'node:path';
25
+ /** Loopback address the control listener binds to. Never 0.0.0.0. */
26
+ export const CONTROL_HOST = '127.0.0.1';
27
+ /** Default control port; distinct from the agent-facing proxy port (18800). Overridable via CLI. */
28
+ export const DEFAULT_CONTROL_PORT = 18801;
29
+ /** Identity header set on every control response; checked by the CLI to reject foreign services. */
30
+ export const CONTROL_HEADER = 'x-aga-control';
31
+ export const CONTROL_HEADER_VALUE = 'aga-proxy';
32
+ /**
33
+ * Structural guard: is `b` a well-formed SepBundle? A stale control port can be recycled by an
34
+ * unrelated local service that returns valid-but-foreign JSON; for an evidence tool, writing that
35
+ * as "evidence" (even though it would fail verification) is a workflow-integrity defect. Combined
36
+ * with the identity header, this ensures `export` only ever writes an actual SEP bundle.
37
+ */
38
+ export function isSepBundleShape(b) {
39
+ if (!b || typeof b !== 'object')
40
+ return false;
41
+ const o = b;
42
+ // v1 "Ed25519-SHA256-JCS" and v2 composite "ML-DSA-65+Ed25519-SHA256-JCS" both name Ed25519.
43
+ if (typeof o.algorithm !== 'string' || !o.algorithm.includes('Ed25519'))
44
+ return false;
45
+ if (!Array.isArray(o.receipts))
46
+ return false;
47
+ const cp = o.checkpoint;
48
+ if (!cp || typeof cp !== 'object')
49
+ return false;
50
+ if (typeof cp.merkle_root !== 'string' || typeof cp.signature !== 'string')
51
+ return false;
52
+ return true;
53
+ }
54
+ /**
55
+ * Loopback HTTP control listener over a running proxy's read-only evidence surface.
56
+ * Bind is forced to 127.0.0.1 — a caller cannot widen it to a routable interface.
57
+ */
58
+ export class ProxyControlServer {
59
+ server = null;
60
+ boundPort = 0;
61
+ target;
62
+ constructor(target) {
63
+ this.target = target;
64
+ }
65
+ /** Start the listener on 127.0.0.1:<port>. Rejects (e.g. EADDRINUSE) if the port is taken. */
66
+ async start(port = DEFAULT_CONTROL_PORT) {
67
+ if (this.server)
68
+ throw new Error('control server already running');
69
+ const server = http.createServer((req, res) => this.handle(req, res));
70
+ this.server = server;
71
+ await new Promise((resolve, reject) => {
72
+ const onError = (err) => reject(err);
73
+ server.once('error', onError);
74
+ // LOOPBACK BIND — the second argument to listen() is the host. Hardcoded to 127.0.0.1 so the
75
+ // control channel is unreachable off-host by construction (never 0.0.0.0 / a routable NIC).
76
+ server.listen(port, CONTROL_HOST, () => {
77
+ server.removeListener('error', onError);
78
+ resolve();
79
+ });
80
+ });
81
+ const addr = server.address();
82
+ this.boundPort = typeof addr === 'object' && addr ? addr.port : port;
83
+ return { address: this.address(), port: this.boundPort };
84
+ }
85
+ /** The address the listener is actually bound to (asserted in tests to be loopback). */
86
+ address() {
87
+ const addr = this.server?.address();
88
+ return typeof addr === 'object' && addr ? addr.address : CONTROL_HOST;
89
+ }
90
+ get port() {
91
+ return this.boundPort;
92
+ }
93
+ handle(req, res) {
94
+ // READ-ONLY: only GET is accepted; no route mutates policy or ledger state.
95
+ if (req.method !== 'GET') {
96
+ this.json(res, 405, { error: 'method not allowed; the control channel is read-only (GET only)' });
97
+ return;
98
+ }
99
+ const route = (req.url ?? '').split('?')[0];
100
+ try {
101
+ if (route === '/export') {
102
+ let bundle;
103
+ try {
104
+ bundle = this.target.exportBundle();
105
+ }
106
+ catch (e) {
107
+ // exportBundle() throws when the ledger is empty — that is a live, running proxy with
108
+ // nothing to export yet, NOT an absent proxy. Report it distinctly (409) so the CLI does
109
+ // not misreport it as "no running proxy".
110
+ this.json(res, 409, { error: e instanceof Error ? e.message : 'no receipts to export' });
111
+ return;
112
+ }
113
+ this.json(res, 200, bundle);
114
+ }
115
+ else if (route === '/status') {
116
+ this.json(res, 200, this.target.getStatus());
117
+ }
118
+ else if (route === '/receipts') {
119
+ this.json(res, 200, this.target.getReceipts());
120
+ }
121
+ else {
122
+ this.json(res, 404, { error: 'not found; the control channel exposes only GET /export, /status, /receipts' });
123
+ }
124
+ }
125
+ catch (e) {
126
+ this.json(res, 500, { error: e instanceof Error ? e.message : 'internal error' });
127
+ }
128
+ }
129
+ json(res, status, body) {
130
+ // Identity header: lets a separate `aga-proxy export` confirm it reached an actual AGA control
131
+ // channel and not some unrelated local service that happens to hold a recycled control port
132
+ // (stale ~/.aga-proxy/control.json). A foreign HTTP service will not set this.
133
+ res.writeHead(status, { 'content-type': 'application/json', [CONTROL_HEADER]: CONTROL_HEADER_VALUE });
134
+ res.end(JSON.stringify(body));
135
+ }
136
+ /** Stop the listener. Idempotent. */
137
+ async stop() {
138
+ const s = this.server;
139
+ if (!s)
140
+ return;
141
+ this.server = null;
142
+ this.boundPort = 0;
143
+ await new Promise((resolve) => s.close(() => resolve()));
144
+ }
145
+ }
146
+ export function controlFilePath(dataDir) {
147
+ return path.join(dataDir, 'control.json');
148
+ }
149
+ export function writeControlFile(dataDir, loc) {
150
+ fs.writeFileSync(controlFilePath(dataDir), JSON.stringify(loc));
151
+ }
152
+ export function readControlFile(dataDir) {
153
+ try {
154
+ const parsed = JSON.parse(fs.readFileSync(controlFilePath(dataDir), 'utf-8'));
155
+ if (typeof parsed.port !== 'number')
156
+ return null;
157
+ return {
158
+ host: typeof parsed.host === 'string' ? parsed.host : CONTROL_HOST,
159
+ port: parsed.port,
160
+ pid: typeof parsed.pid === 'number' ? parsed.pid : 0,
161
+ };
162
+ }
163
+ catch {
164
+ return null;
165
+ }
166
+ }
167
+ export function removeControlFile(dataDir) {
168
+ try {
169
+ fs.unlinkSync(controlFilePath(dataDir));
170
+ }
171
+ catch {
172
+ /* already gone */
173
+ }
174
+ }
175
+ // ── Export resolution (in-process proxy OR the live proxy over the control channel) ──
176
+ /** Stable message when no live proxy can be reached — never emit an empty bundle instead. */
177
+ export const NO_PROXY_MESSAGE = 'no running proxy found; start it first, or export from within the session';
178
+ /** Thrown when export cannot reach a live proxy. Carries {@link NO_PROXY_MESSAGE}. */
179
+ export class ExportUnavailableError extends Error {
180
+ constructor(message = NO_PROXY_MESSAGE) {
181
+ super(message);
182
+ this.name = 'ExportUnavailableError';
183
+ }
184
+ }
185
+ /**
186
+ * Fetch the signed bundle from a live proxy over its loopback control channel.
187
+ * A connection failure (proxy not running) → {@link ExportUnavailableError}. An empty ledger
188
+ * (409) or other HTTP error → a distinct Error so the caller does not misreport it as "no proxy".
189
+ */
190
+ export async function fetchBundleViaControl(loc) {
191
+ const url = `http://${loc.host}:${loc.port}/export`;
192
+ let res;
193
+ try {
194
+ res = await fetch(url);
195
+ }
196
+ catch {
197
+ // ECONNREFUSED / DNS / etc. — the recorded control port has no live listener.
198
+ throw new ExportUnavailableError();
199
+ }
200
+ if (res.status === 409) {
201
+ const body = (await res.json().catch(() => ({})));
202
+ throw new Error(body.error ?? 'the proxy has no receipts to export yet');
203
+ }
204
+ if (!res.ok) {
205
+ throw new Error(`control channel returned HTTP ${res.status}`);
206
+ }
207
+ // Identity guard: a recycled/stale control port could be held by an unrelated local service that
208
+ // returns valid JSON. Require the AGA control header before trusting the response at all.
209
+ if (res.headers.get(CONTROL_HEADER) !== CONTROL_HEADER_VALUE) {
210
+ throw new ExportUnavailableError();
211
+ }
212
+ const body = await res.json();
213
+ // Shape guard: never write foreign JSON labeled as evidence. (Verification would reject it, but
214
+ // an evidence tool must not report success on a non-bundle.)
215
+ if (!isSepBundleShape(body)) {
216
+ throw new Error('control channel returned a response that is not a SEP evidence bundle; refusing to write it');
217
+ }
218
+ return body;
219
+ }
220
+ /**
221
+ * Resolve and write an evidence bundle: from an in-process proxy if one exists, otherwise from the
222
+ * live proxy over its loopback control channel. Never writes an empty/placeholder bundle — if no
223
+ * live proxy can be reached it throws {@link ExportUnavailableError}.
224
+ */
225
+ export async function exportBundleToFile(opts) {
226
+ const write = opts.writeFile ?? ((p, d) => fs.writeFileSync(p, d));
227
+ let bundle;
228
+ let source;
229
+ if (opts.proxy) {
230
+ bundle = opts.proxy.exportBundle();
231
+ source = 'in-process';
232
+ }
233
+ else {
234
+ const loc = readControlFile(opts.dataDir);
235
+ if (!loc)
236
+ throw new ExportUnavailableError();
237
+ bundle = await fetchBundleViaControl(loc);
238
+ source = 'control-channel';
239
+ }
240
+ write(opts.output, JSON.stringify(bundle, null, 2));
241
+ const receipts = bundle.receipts;
242
+ const receiptCount = Array.isArray(receipts) ? receipts.length : 0;
243
+ return { source, output: opts.output, receiptCount };
244
+ }
245
+ //# sourceMappingURL=control.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"control.js","sourceRoot":"","sources":["../../src/proxy/control.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,qEAAqE;AACrE,MAAM,CAAC,MAAM,YAAY,GAAG,WAAW,CAAC;AACxC,oGAAoG;AACpG,MAAM,CAAC,MAAM,oBAAoB,GAAG,KAAK,CAAC;AAC1C,oGAAoG;AACpG,MAAM,CAAC,MAAM,cAAc,GAAG,eAAe,CAAC;AAC9C,MAAM,CAAC,MAAM,oBAAoB,GAAG,WAAW,CAAC;AAEhD;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAAC,CAAU;IACzC,IAAI,CAAC,CAAC,IAAI,OAAO,CAAC,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC9C,MAAM,CAAC,GAAG,CAA4B,CAAC;IACvC,6FAA6F;IAC7F,IAAI,OAAO,CAAC,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC;QAAE,OAAO,KAAK,CAAC;IACtF,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC;QAAE,OAAO,KAAK,CAAC;IAC7C,MAAM,EAAE,GAAG,CAAC,CAAC,UAAiD,CAAC;IAC/D,IAAI,CAAC,EAAE,IAAI,OAAO,EAAE,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAChD,IAAI,OAAO,EAAE,CAAC,WAAW,KAAK,QAAQ,IAAI,OAAO,EAAE,CAAC,SAAS,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IACzF,OAAO,IAAI,CAAC;AACd,CAAC;AASD;;;GAGG;AACH,MAAM,OAAO,kBAAkB;IACrB,MAAM,GAAuB,IAAI,CAAC;IAClC,SAAS,GAAG,CAAC,CAAC;IACL,MAAM,CAAqB;IAE5C,YAAY,MAA0B;QACpC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,8FAA8F;IAC9F,KAAK,CAAC,KAAK,CAAC,OAAe,oBAAoB;QAC7C,IAAI,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACnE,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;QACtE,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC1C,MAAM,OAAO,GAAG,CAAC,GAAU,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC5C,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAC9B,6FAA6F;YAC7F,4FAA4F;YAC5F,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,YAAY,EAAE,GAAG,EAAE;gBACrC,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;gBACxC,OAAO,EAAE,CAAC;YACZ,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QAC9B,IAAI,CAAC,SAAS,GAAG,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;QACrE,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC;IAC3D,CAAC;IAED,wFAAwF;IACxF,OAAO;QACL,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,EAAE,OAAO,EAAE,CAAC;QACpC,OAAO,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,YAAY,CAAC;IACxE,CAAC;IAED,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAEO,MAAM,CAAC,GAAyB,EAAE,GAAwB;QAChE,4EAA4E;QAC5E,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YACzB,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,iEAAiE,EAAE,CAAC,CAAC;YAClG,OAAO;QACT,CAAC;QACD,MAAM,KAAK,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5C,IAAI,CAAC;YACH,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;gBACxB,IAAI,MAAe,CAAC;gBACpB,IAAI,CAAC;oBACH,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;gBACtC,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,sFAAsF;oBACtF,yFAAyF;oBACzF,0CAA0C;oBAC1C,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,uBAAuB,EAAE,CAAC,CAAC;oBACzF,OAAO;gBACT,CAAC;gBACD,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;YAC9B,CAAC;iBAAM,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;gBAC/B,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;YAC/C,CAAC;iBAAM,IAAI,KAAK,KAAK,WAAW,EAAE,CAAC;gBACjC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;YACjD,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,6EAA6E,EAAE,CAAC,CAAC;YAChH,CAAC;QACH,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,gBAAgB,EAAE,CAAC,CAAC;QACpF,CAAC;IACH,CAAC;IAEO,IAAI,CAAC,GAAwB,EAAE,MAAc,EAAE,IAAa;QAClE,+FAA+F;QAC/F,4FAA4F;QAC5F,+EAA+E;QAC/E,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,cAAc,CAAC,EAAE,oBAAoB,EAAE,CAAC,CAAC;QACtG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;IAChC,CAAC;IAED,qCAAqC;IACrC,KAAK,CAAC,IAAI;QACR,MAAM,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC;QACtB,IAAI,CAAC,CAAC;YAAE,OAAO;QACf,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;QACnB,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC;QACnB,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IACjE,CAAC;CACF;AAWD,MAAM,UAAU,eAAe,CAAC,OAAe;IAC7C,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;AAC5C,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,OAAe,EAAE,GAAmB;IACnE,EAAE,CAAC,aAAa,CAAC,eAAe,CAAC,OAAO,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;AAClE,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,OAAe;IAC7C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,eAAe,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC,CAA4B,CAAC;QACzG,IAAI,OAAO,MAAM,CAAC,IAAI,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QACjD,OAAO;YACL,IAAI,EAAE,OAAO,MAAM,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,YAAY;YAClE,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,GAAG,EAAE,OAAO,MAAM,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;SACrD,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,OAAe;IAC/C,IAAI,CAAC;QACH,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC,CAAC;IAC1C,CAAC;IAAC,MAAM,CAAC;QACP,kBAAkB;IACpB,CAAC;AACH,CAAC;AAED,wFAAwF;AAExF,6FAA6F;AAC7F,MAAM,CAAC,MAAM,gBAAgB,GAC3B,2EAA2E,CAAC;AAE9E,sFAAsF;AACtF,MAAM,OAAO,sBAAuB,SAAQ,KAAK;IAC/C,YAAY,UAAkB,gBAAgB;QAC5C,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,wBAAwB,CAAC;IACvC,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,GAAmB;IAC7D,MAAM,GAAG,GAAG,UAAU,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,SAAS,CAAC;IACpD,IAAI,GAAa,CAAC;IAClB,IAAI,CAAC;QACH,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;IAAC,MAAM,CAAC;QACP,8EAA8E;QAC9E,MAAM,IAAI,sBAAsB,EAAE,CAAC;IACrC,CAAC;IACD,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;QACvB,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAuB,CAAC;QACxE,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,yCAAyC,CAAC,CAAC;IAC3E,CAAC;IACD,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,iCAAiC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;IACjE,CAAC;IACD,iGAAiG;IACjG,0FAA0F;IAC1F,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,KAAK,oBAAoB,EAAE,CAAC;QAC7D,MAAM,IAAI,sBAAsB,EAAE,CAAC;IACrC,CAAC;IACD,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;IAC9B,gGAAgG;IAChG,6DAA6D;IAC7D,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,6FAA6F,CAAC,CAAC;IACjH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,IAKxC;IACC,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,IAAI,CAAC,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACnF,IAAI,MAAe,CAAC;IACpB,IAAI,MAAwC,CAAC;IAE7C,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACf,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC;QACnC,MAAM,GAAG,YAAY,CAAC;IACxB,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,GAAG,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC1C,IAAI,CAAC,GAAG;YAAE,MAAM,IAAI,sBAAsB,EAAE,CAAC;QAC7C,MAAM,GAAG,MAAM,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC1C,MAAM,GAAG,iBAAiB,CAAC;IAC7B,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IACpD,MAAM,QAAQ,GAAI,MAAiC,CAAC,QAAQ,CAAC;IAC7D,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IACnE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,YAAY,EAAE,CAAC;AACvD,CAAC"}
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/proxy/index.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;GAcG;AAiPH,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAC3D,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5E,YAAY,EAAE,UAAU,EAAE,cAAc,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/proxy/index.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;GAcG;AAmRH,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAC3D,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5E,YAAY,EAAE,UAAU,EAAE,cAAc,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC"}
@@ -20,10 +20,12 @@ import * as path from 'node:path';
20
20
  import * as os from 'node:os';
21
21
  import { GovernanceProxy } from './server.js';
22
22
  import { PROFILES } from './profiles.js';
23
+ import { ProxyControlServer, DEFAULT_CONTROL_PORT, writeControlFile, removeControlFile, exportBundleToFile, ExportUnavailableError, } from './control.js';
23
24
  // Single-source the version from package.json (resolves from src/ via tsx and dist/proxy/ when published).
24
25
  const PKG = JSON.parse(fs.readFileSync(new URL('../../package.json', import.meta.url), 'utf8'));
25
26
  const program = new Command();
26
27
  let proxy = null;
28
+ let control = null;
27
29
  function getDataDir() {
28
30
  return path.join(os.homedir(), '.aga-proxy');
29
31
  }
@@ -39,12 +41,14 @@ program
39
41
  .command('start')
40
42
  .description('Start the governance proxy')
41
43
  .option('-p, --port <port>', 'Proxy port', '18800')
44
+ .option('--control-port <port>', 'Loopback-only control port for out-of-process export/status (127.0.0.1)', String(DEFAULT_CONTROL_PORT))
42
45
  .option('--upstream <command>', 'Downstream MCP server command (stdio)')
43
46
  .option('--upstream-url <url>', 'Downstream MCP server URL (HTTP)')
44
47
  .option('--profile <name>', 'Policy profile: permissive, standard, restrictive', 'permissive')
45
48
  .option('--policy <path>', 'Custom policy JSON file')
46
49
  .action(async (opts) => {
47
50
  const port = parseInt(opts.port, 10);
51
+ const controlPort = parseInt(opts.controlPort, 10);
48
52
  let policy;
49
53
  if (opts.policy) {
50
54
  policy = JSON.parse(fs.readFileSync(opts.policy, 'utf-8'));
@@ -77,9 +81,28 @@ program
77
81
  await proxy.start();
78
82
  // Write PID file
79
83
  fs.writeFileSync(getPidFile(), String(process.pid));
84
+ // Loopback-only control channel so a SEPARATE `aga-proxy export`/`status` invocation can reach
85
+ // this process's live in-memory ledger. Bind failure (e.g. control port already in use) is
86
+ // NON-FATAL: governance is the primary job and keeps running; only out-of-process export is
87
+ // unavailable until the collision is resolved (pass a free --control-port).
88
+ control = new ProxyControlServer(proxy);
89
+ try {
90
+ const bound = await control.start(controlPort);
91
+ writeControlFile(dataDir, { host: bound.address, port: bound.port, pid: process.pid });
92
+ console.log(`Control channel (loopback ${bound.address}:${bound.port}) — a separate 'aga-proxy export' can reach this session's live ledger.`);
93
+ }
94
+ catch (err) {
95
+ control = null;
96
+ console.error(`[aga-proxy] Control channel not started on port ${controlPort} (${err.message}). Governance is unaffected; out-of-process export is disabled until you retry with a free --control-port.`);
97
+ }
80
98
  // Graceful shutdown
81
99
  const shutdown = async () => {
82
100
  console.log('\nShutting down...');
101
+ if (control) {
102
+ await control.stop();
103
+ control = null;
104
+ }
105
+ removeControlFile(dataDir);
83
106
  if (proxy) {
84
107
  await proxy.stop();
85
108
  try {
@@ -97,6 +120,7 @@ program
97
120
  .command('run')
98
121
  .description('Run proxy in foreground (same as start, Ctrl+C to stop)')
99
122
  .option('-p, --port <port>', 'Proxy port', '18800')
123
+ .option('--control-port <port>', 'Loopback-only control port (127.0.0.1)', String(DEFAULT_CONTROL_PORT))
100
124
  .option('--upstream <command>', 'Downstream MCP server command (stdio)')
101
125
  .option('--upstream-url <url>', 'Downstream MCP server URL (HTTP)')
102
126
  .option('--profile <name>', 'Policy profile', 'permissive')
@@ -154,16 +178,25 @@ program
154
178
  // ── export ───────────────────────────────────────────────────
155
179
  program
156
180
  .command('export')
157
- .description('Export evidence bundle')
181
+ .description('Export the canonical SEP evidence bundle from the running proxy (in-process, or a live proxy over its loopback control channel)')
158
182
  .option('-o, --output <path>', 'Output file', 'evidence-bundle.json')
159
183
  .action(async (opts) => {
160
- if (!proxy) {
161
- console.error('Proxy not running in this process. Start the proxy first.');
184
+ // Two paths, one artifact: if this process IS the running proxy, export its ledger directly;
185
+ // otherwise reach the live proxy over 127.0.0.1 using the control port it published in the data
186
+ // dir. Never emit an empty bundle when no proxy is running — fail loudly instead.
187
+ try {
188
+ const res = await exportBundleToFile({ proxy, dataDir: getDataDir(), output: opts.output });
189
+ console.log(`Evidence bundle exported to ${res.output} (${res.receiptCount} receipts, via ${res.source})`);
190
+ }
191
+ catch (err) {
192
+ if (err instanceof ExportUnavailableError) {
193
+ console.error(err.message);
194
+ }
195
+ else {
196
+ console.error(`Export failed: ${err instanceof Error ? err.message : String(err)}`);
197
+ }
162
198
  process.exit(1);
163
199
  }
164
- const bundle = await proxy.exportBundle();
165
- fs.writeFileSync(opts.output, JSON.stringify(bundle, null, 2));
166
- console.log(`Evidence bundle exported to ${opts.output}`);
167
200
  });
168
201
  // ── verify ───────────────────────────────────────────────────
169
202
  program
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/proxy/index.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAGzC,2GAA2G;AAC3G,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,oBAAoB,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC,CAAwB,CAAC;AAEvH,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAC9B,IAAI,KAAK,GAA2B,IAAI,CAAC;AAEzC,SAAS,UAAU;IACjB,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,YAAY,CAAC,CAAC;AAC/C,CAAC;AAED,SAAS,UAAU;IACjB,OAAO,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,EAAE,WAAW,CAAC,CAAC;AAC9C,CAAC;AAED,OAAO;KACJ,IAAI,CAAC,WAAW,CAAC;KACjB,WAAW,CAAC,4EAA4E,CAAC;KACzF,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;AAExB,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,4BAA4B,CAAC;KACzC,MAAM,CAAC,mBAAmB,EAAE,YAAY,EAAE,OAAO,CAAC;KAClD,MAAM,CAAC,sBAAsB,EAAE,uCAAuC,CAAC;KACvE,MAAM,CAAC,sBAAsB,EAAE,kCAAkC,CAAC;KAClE,MAAM,CAAC,kBAAkB,EAAE,mDAAmD,EAAE,YAAY,CAAC;KAC7F,MAAM,CAAC,iBAAiB,EAAE,yBAAyB,CAAC;KACpD,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IACrC,IAAI,MAAkB,CAAC;IAEvB,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChB,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAC7D,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC;IACzD,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,oBAAoB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAEjF,KAAK,GAAG,IAAI,eAAe,CAAC;QAC1B,IAAI;QACJ,MAAM;QACN,QAAQ;QACR,WAAW,EAAE,IAAI,CAAC,WAAW;KAC9B,CAAC,CAAC;IAEH,KAAK,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAoB,EAAE,EAAE;QACpD,OAAO,CAAC,GAAG,CAAC,wCAAwC,CAAC,EAAE,CAAC,CAAC;QACzD,OAAO,CAAC,GAAG,CAAC,gBAAgB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3C,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;QACrE,IAAI,IAAI,CAAC,WAAW;YAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;IAC5E,CAAC,CAAC,CAAC;IAEH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;QAC/B,OAAO,CAAC,KAAK,CAAC,gBAAgB,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,yBAAyB;IACzB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAExE,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC;IAEpB,iBAAiB;IACjB,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;IAEpD,oBAAoB;IACpB,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE;QAC1B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QAClC,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,KAAK,CAAC,IAAI,EAAE,CAAC;YACnB,IAAI,CAAC;gBAAC,EAAE,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC,CAAC;YAAC,CAAC;YAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,CAAC;QACzD,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC;IAEF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/B,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;AAClC,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,KAAK,CAAC;KACd,WAAW,CAAC,yDAAyD,CAAC;KACtE,MAAM,CAAC,mBAAmB,EAAE,YAAY,EAAE,OAAO,CAAC;KAClD,MAAM,CAAC,sBAAsB,EAAE,uCAAuC,CAAC;KACvE,MAAM,CAAC,sBAAsB,EAAE,kCAAkC,CAAC;KAClE,MAAM,CAAC,kBAAkB,EAAE,gBAAgB,EAAE,YAAY,CAAC;KAC1D,MAAM,CAAC,iBAAiB,EAAE,yBAAyB,CAAC;KACpD,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,oDAAoD;IACpD,MAAM,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,OAAO,CAAE,CAAC,UAAU,CAChE,CAAC,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CACzD,CAAC;AACJ,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,wBAAwB,CAAC;KACrC,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;QACtC,OAAO;IACT,CAAC;IACD,MAAM,GAAG,GAAG,QAAQ,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,CAAC;QACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QAC7B,OAAO,CAAC,GAAG,CAAC,8BAA8B,GAAG,GAAG,CAAC,CAAC;QAClD,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;QAC7D,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,mBAAmB,CAAC;KAChC,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC1D,CAAC;SAAM,CAAC;QACN,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;QAC7B,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YAC3B,MAAM,GAAG,GAAG,QAAQ,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;YACnE,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,iBAAiB;gBACvC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/D,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC3E,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,wBAAwB,CAAC;KACrC,MAAM,CAAC,qBAAqB,EAAE,aAAa,EAAE,sBAAsB,CAAC;KACpE,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,2DAA2D,CAAC,CAAC;QAC3E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,YAAY,EAAE,CAAC;IAC1C,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,CAAC,+BAA+B,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;AAC5D,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,iBAAiB,CAAC;KAC1B,WAAW,CAAC,6IAA6I,CAAC;KAC1J,MAAM,CAAC,aAAa,EAAE,mEAAmE,CAAC;KAC1F,MAAM,CAAC,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE;IACjC,qFAAqF;IACrF,yFAAyF;IACzF,yFAAyF;IACzF,0FAA0F;IAC1F,MAAM,EAAE,eAAe,EAAE,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAC5D,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAC5D,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,mCAAmC,CAAC,EAAE,CAAC,CAAC;QACtD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,MAAM,GAAG,eAAe,CAAC,MAAM,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;IACjD,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,KAAK;QAAE,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IAClF,OAAO,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IACnC,IAAI,CAAC,IAAI,CAAC,GAAG;QAAE,OAAO,CAAC,GAAG,CAAC,2GAA2G,CAAC,CAAC;IACxI,2FAA2F;IAC3F,8FAA8F;IAC9F,uEAAuE;IACvE,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,KAAK,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,KAAK,qBAAqB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACrG,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,CAAC,mBAAmB,CAAC,CAAC;AAE7E,SAAS;KACN,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,qBAAqB,CAAC;KAClC,MAAM,CAAC,GAAG,EAAE;IACX,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAC1D,CAAC,CAAC,CAAC;AAEL,SAAS;KACN,OAAO,CAAC,kBAAkB,CAAC;KAC3B,WAAW,CAAC,uBAAuB,CAAC;KACpC,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;IACxB,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,SAAS,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;IACpC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,oBAAoB,OAAO,gBAAgB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC7F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,KAAK,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;IACpC,OAAO,CAAC,GAAG,CAAC,eAAe,OAAO,UAAU,CAAC,CAAC;AAChD,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,SAAS,oBAAoB,CAAC,GAAW;IACvC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC/B,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;AACrD,CAAC;AAED,gEAAgE;AAEhE,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAC3D,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAG5E,iCAAiC;AACjC,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAC;AACjG,IAAI,WAAW,EAAE,CAAC;IAChB,OAAO,CAAC,UAAU,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;QACjC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/proxy/index.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAEzC,OAAO,EACL,kBAAkB,EAAE,oBAAoB,EACxC,gBAAgB,EAAE,iBAAiB,EAAE,kBAAkB,EAAE,sBAAsB,GAChF,MAAM,cAAc,CAAC;AAEtB,2GAA2G;AAC3G,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,oBAAoB,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC,CAAwB,CAAC;AAEvH,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAC9B,IAAI,KAAK,GAA2B,IAAI,CAAC;AACzC,IAAI,OAAO,GAA8B,IAAI,CAAC;AAE9C,SAAS,UAAU;IACjB,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,YAAY,CAAC,CAAC;AAC/C,CAAC;AAED,SAAS,UAAU;IACjB,OAAO,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,EAAE,WAAW,CAAC,CAAC;AAC9C,CAAC;AAED,OAAO;KACJ,IAAI,CAAC,WAAW,CAAC;KACjB,WAAW,CAAC,4EAA4E,CAAC;KACzF,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;AAExB,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,4BAA4B,CAAC;KACzC,MAAM,CAAC,mBAAmB,EAAE,YAAY,EAAE,OAAO,CAAC;KAClD,MAAM,CAAC,uBAAuB,EAAE,yEAAyE,EAAE,MAAM,CAAC,oBAAoB,CAAC,CAAC;KACxI,MAAM,CAAC,sBAAsB,EAAE,uCAAuC,CAAC;KACvE,MAAM,CAAC,sBAAsB,EAAE,kCAAkC,CAAC;KAClE,MAAM,CAAC,kBAAkB,EAAE,mDAAmD,EAAE,YAAY,CAAC;KAC7F,MAAM,CAAC,iBAAiB,EAAE,yBAAyB,CAAC;KACpD,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IACrC,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;IACnD,IAAI,MAAkB,CAAC;IAEvB,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChB,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAC7D,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC;IACzD,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,oBAAoB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAEjF,KAAK,GAAG,IAAI,eAAe,CAAC;QAC1B,IAAI;QACJ,MAAM;QACN,QAAQ;QACR,WAAW,EAAE,IAAI,CAAC,WAAW;KAC9B,CAAC,CAAC;IAEH,KAAK,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAoB,EAAE,EAAE;QACpD,OAAO,CAAC,GAAG,CAAC,wCAAwC,CAAC,EAAE,CAAC,CAAC;QACzD,OAAO,CAAC,GAAG,CAAC,gBAAgB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3C,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;QACrE,IAAI,IAAI,CAAC,WAAW;YAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;IAC5E,CAAC,CAAC,CAAC;IAEH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;QAC/B,OAAO,CAAC,KAAK,CAAC,gBAAgB,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,yBAAyB;IACzB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAExE,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC;IAEpB,iBAAiB;IACjB,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;IAEpD,+FAA+F;IAC/F,2FAA2F;IAC3F,4FAA4F;IAC5F,4EAA4E;IAC5E,OAAO,GAAG,IAAI,kBAAkB,CAAC,KAAK,CAAC,CAAC;IACxC,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAC/C,gBAAgB,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC,OAAO,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;QACvF,OAAO,CAAC,GAAG,CAAC,6BAA6B,KAAK,CAAC,OAAO,IAAI,KAAK,CAAC,IAAI,yEAAyE,CAAC,CAAC;IACjJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,GAAG,IAAI,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,mDAAmD,WAAW,KAAM,GAAa,CAAC,OAAO,4GAA4G,CAAC,CAAC;IACvN,CAAC;IAED,oBAAoB;IACpB,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE;QAC1B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QAClC,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC;YACrB,OAAO,GAAG,IAAI,CAAC;QACjB,CAAC;QACD,iBAAiB,CAAC,OAAO,CAAC,CAAC;QAC3B,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,KAAK,CAAC,IAAI,EAAE,CAAC;YACnB,IAAI,CAAC;gBAAC,EAAE,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC,CAAC;YAAC,CAAC;YAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,CAAC;QACzD,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC;IAEF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/B,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;AAClC,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,KAAK,CAAC;KACd,WAAW,CAAC,yDAAyD,CAAC;KACtE,MAAM,CAAC,mBAAmB,EAAE,YAAY,EAAE,OAAO,CAAC;KAClD,MAAM,CAAC,uBAAuB,EAAE,wCAAwC,EAAE,MAAM,CAAC,oBAAoB,CAAC,CAAC;KACvG,MAAM,CAAC,sBAAsB,EAAE,uCAAuC,CAAC;KACvE,MAAM,CAAC,sBAAsB,EAAE,kCAAkC,CAAC;KAClE,MAAM,CAAC,kBAAkB,EAAE,gBAAgB,EAAE,YAAY,CAAC;KAC1D,MAAM,CAAC,iBAAiB,EAAE,yBAAyB,CAAC;KACpD,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,oDAAoD;IACpD,MAAM,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,OAAO,CAAE,CAAC,UAAU,CAChE,CAAC,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CACzD,CAAC;AACJ,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,wBAAwB,CAAC;KACrC,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;QACtC,OAAO;IACT,CAAC;IACD,MAAM,GAAG,GAAG,QAAQ,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,CAAC;QACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QAC7B,OAAO,CAAC,GAAG,CAAC,8BAA8B,GAAG,GAAG,CAAC,CAAC;QAClD,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;QAC7D,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,mBAAmB,CAAC;KAChC,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC1D,CAAC;SAAM,CAAC;QACN,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;QAC7B,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YAC3B,MAAM,GAAG,GAAG,QAAQ,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;YACnE,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,iBAAiB;gBACvC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/D,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC3E,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,iIAAiI,CAAC;KAC9I,MAAM,CAAC,qBAAqB,EAAE,aAAa,EAAE,sBAAsB,CAAC;KACpE,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,6FAA6F;IAC7F,gGAAgG;IAChG,kFAAkF;IAClF,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,kBAAkB,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QAC5F,OAAO,CAAC,GAAG,CAAC,+BAA+B,GAAG,CAAC,MAAM,KAAK,GAAG,CAAC,YAAY,kBAAkB,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC;IAC7G,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,sBAAsB,EAAE,CAAC;YAC1C,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAC7B,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,kBAAkB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACtF,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,iBAAiB,CAAC;KAC1B,WAAW,CAAC,6IAA6I,CAAC;KAC1J,MAAM,CAAC,aAAa,EAAE,mEAAmE,CAAC;KAC1F,MAAM,CAAC,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE;IACjC,qFAAqF;IACrF,yFAAyF;IACzF,yFAAyF;IACzF,0FAA0F;IAC1F,MAAM,EAAE,eAAe,EAAE,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAC5D,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAC5D,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,mCAAmC,CAAC,EAAE,CAAC,CAAC;QACtD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,MAAM,GAAG,eAAe,CAAC,MAAM,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;IACjD,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,KAAK;QAAE,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IAClF,OAAO,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IACnC,IAAI,CAAC,IAAI,CAAC,GAAG;QAAE,OAAO,CAAC,GAAG,CAAC,2GAA2G,CAAC,CAAC;IACxI,2FAA2F;IAC3F,8FAA8F;IAC9F,uEAAuE;IACvE,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,KAAK,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,KAAK,qBAAqB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACrG,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,CAAC,mBAAmB,CAAC,CAAC;AAE7E,SAAS;KACN,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,qBAAqB,CAAC;KAClC,MAAM,CAAC,GAAG,EAAE;IACX,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAC1D,CAAC,CAAC,CAAC;AAEL,SAAS;KACN,OAAO,CAAC,kBAAkB,CAAC;KAC3B,WAAW,CAAC,uBAAuB,CAAC;KACpC,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;IACxB,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,SAAS,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;IACpC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,oBAAoB,OAAO,gBAAgB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC7F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,KAAK,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;IACpC,OAAO,CAAC,GAAG,CAAC,eAAe,OAAO,UAAU,CAAC,CAAC;AAChD,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,SAAS,oBAAoB,CAAC,GAAW;IACvC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC/B,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;AACrD,CAAC;AAED,gEAAgE;AAEhE,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAC3D,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAG5E,iCAAiC;AACjC,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAC;AACjG,IAAI,WAAW,EAAE,CAAC;IAChB,OAAO,CAAC,UAAU,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;QACjC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@attested-intelligence/aga-mcp-server",
3
- "version": "3.3.1",
3
+ "version": "3.3.2",
4
4
  "description": "MCP governance proxy and evidence engine for AI agent tool calls: evaluate each call against a sealed policy, permit or deny it at the proxy boundary, and prove every decision with signed, offline-verifiable evidence bundles.",
5
5
  "author": "Attested Intelligence Holdings LLC",
6
6
  "license": "MIT",