@elitedcs/ghl-mcp 3.20.0 → 3.24.0

package/CHANGELOG.md

@@ -1,5 +1,81 @@
 # Changelog
 
+## 3.24.0 — Signed-attestation gate closes the credentials.json bypass
+
+**Security fix. Tool count unchanged (212 across 43 modules).**
+
+Through v3.23.0 the license gate trusted any `credentials.json` whose `verified_at` and `license_key` fields were non-empty strings. A technical user could hand-write the file with their own GHL API key and load all 163 core tools without paying. v3.24.0 replaces that trust with an Ed25519-signed attestation issued by `elitedcs.com/api/validate-license`. The MCP bundles only the public key, so it can verify but can't forge — hand-crafted credentials now fail on the next startup and the MCP falls into bootstrap mode.
+
+**How it works.** Every successful online license validation now returns a `signed_attestation` token binding `{email, license_key, device_fingerprint, installs_max, expires_at}` together. The MCP stores this in `credentials.json` and verifies it on startup:
+
+- **Valid + fresh** → boot normally.
+- **Valid + nearing expiry (<7d)** → boot normally, refresh in the background.
+- **Expired but within 14-day grace window** → boot normally for this session, attempt re-renew (covers transient license-server outages).
+- **Past grace OR bad signature OR wrong device OR wrong email/license** → force online re-validate. If the server confirms the buyer, mint a new attestation. If not, drop into bootstrap mode and require `setup_ghl_mcp`.
+
+**Migration is automatic.** Existing v3.20.0–v3.23.0 buyers have a `credentials.json` without `signed_attestation`. On first startup under v3.24.0 the MCP detects the missing field, calls `validate-license`, and writes the new signed token. Buyers see a one-time `[ghl-mcp] License gate: renewed-from-legacy` log line and nothing else changes. The transitional path also tolerates a license server that hasn't been upgraded yet — `setup_ghl_mcp` still works against an older server, the attestation just gets backfilled on the next restart after the server deploys.
+
+**Funnel telemetry shipped on the server side (no MCP impact).** `validate-license`, `capture-lead`, and `stripe-webhook` now emit `[telemetry] {event, success, reason, email_hash, ...}` log lines that Cloudflare captures. Lets us measure the npm-install → setup → purchase funnel without storing PII.
+
+**Pipeline automation shipped on the server side (no MCP impact).** A successful `validate-license` call now advances the buyer's GHL Command opportunity:
+
+- Purchased → Onboarding on first install (installs_used 0 → 1).
+- Onboarding → Active on second+ install or any reinstall.
+
+Existing buyers backfilled manually based on their current `installs_used` count.
+
+## 3.23.0 — `update_calendar` can assign team members again (Henry fix, part 2)
+
+**Critical fix. Tool count unchanged (212 across 43 modules). The `teamMembers` parameter is back on `update_calendar` — and actually persists this time — with a typed schema that surfaces GHL's strict validation up front.**
+
+Reported by Henry Boulton, 2026-05-26.
+
+**Root cause.** Same UI-vs-API pattern we hit in v3.22.0 (forms) and v3.15.0 (email templates). v3.21.0's diagnosis ("GHL silently drops `teamMembers` on PUT, no public-API path exists") was based on testing against an Event calendar — that calendar TYPE doesn't have team members, so GHL accepts the call and ignores the field. On round-robin and class-booking calendars the field is meaningful, and PUT validates it strictly: `priority` must be exactly `0`, `0.5`, or `1` (anything else 422s), `locationConfigurations` needs at least one entry, and `userId` / `selected` / `isPrimary` must be present. Henry's original attempt likely either targeted the wrong calendar type or passed a non-enum priority.
+
+**Fix.** `teamMembers` is back on `update_calendar`, typed via an exported `CalendarTeamMemberSchema` that mirrors GHL's validation:
+
+- `priority` constrained to `z.union([z.literal(0), z.literal(0.5), z.literal(1)])` — invalid values fail at the MCP layer with a clear error instead of an opaque GHL 422.
+- `locationConfigurations` requires `min(1)` and a non-negative integer `position`.
+- Tool description spells out that team-member assignment only applies to calendar types that support it (round_robin, class_booking); on Event calendars the field is silently ignored by GHL — that's the type, not us.
+
+End-to-end verification 2026-05-26 against MCP Testing: create round_robin → assign user → update via PUT (priority 0.5 → 1, location string change) → GET back the new shape → cleanup.
+
+Five new tests in `src/tools/tool-payloads.test.ts` lock the schema in.
+
+## 3.22.0 — `update_form` works again (Henry fix)
+
+**Critical fix. Tool count unchanged (212 across 43 modules). The `update_form` tool, which v3.21.0 marked "currently unavailable," is back — wired to the live save endpoint and verified end-to-end against MCP Testing.**
+
+Reported by Henry Boulton, 2026-05-26.
+
+**Root cause.** v3.21.0's diagnosis was half right and half wrong. The half that was right: the v2 form builder UI does run in a cross-origin iframe (`leadgen-apps-form-survey-builder.leadconnectorhq.com`) and the UI does read form state through Firestore — top-frame network capture only sees a Firestore `Listen` channel, never a REST save. That's exactly what made the route look gone. The half that was wrong: we concluded the REST save route therefore *didn't exist* and the tool needed a Firestore-client integration. It does exist. The new UI just doesn't drive it. Same UI-vs-API divergence we saw with email templates in v3.15.0 ([reference_email_template_firestore](https://github.com/drjerryrelth/ghl-command-mcp/blob/main/CHANGELOG.md#3150)) — the REST routes survive even when the editor moves to Firestore.
+
+**Fix.** `update_form` now calls `POST /forms/{formId}?locationId={loc}` with body exactly `{name, formData}`. Verified shape constraints (server rejects everything else with 422 "property X should not exist"):
+
+- `locationId` belongs in the query string only — putting it in the body fails.
+- `name` and `formData` are both required together — one without the other 422s.
+- `_id`, `deleted`, `productType`, `dateAdded`, `dateUpdated`, `source`, `updatedBy`, `version`, `updatedAt`, `versionHistory` must not appear in the body — `get_form_full` → pass through fails, so callers should pass only the `formData` they want to write.
+
+If `name` is omitted, the tool pre-fetches the current form (one extra GET) so the existing name is preserved. Body and path are factored into pure `buildUpdateFormBody` / `buildUpdateFormPath` helpers and locked in by `src/tools/tool-payloads.test.ts` (3 new tests) — a refactor can't silently regress the tool back to v3.21.0's "unavailable" state.
+
+End-to-end verification 2026-05-26: read form (version 5) → mutate first field's `placeholder` → save (201) → re-read (placeholder persisted) → restore. MCP Testing sandbox left clean.
+
+## 3.21.0 — Workflow Builder now loads for npm-install buyers (Henry + Ryan fix)
+
+**Critical fix. Tool count unchanged (212 across 43 modules), but for `npx`-install buyers the 49 Firebase-gated tools (workflow builder, funnel builder, form builder, pipeline builder, smart lists, reputation, email campaigns, memberships, email-builder internal, plus the pre-deploy validator) now actually register after `enable_workflow_builder` — previously they stayed "Not configured" no matter how many times you restarted.**
+
+Reported independently by Henry Boulton and Ryan Thomas, 2026-05-26.
+
+**Root cause.** Index startup folded `GHL_USER_ID` + the Firebase trio from `credentials.json` into `process.env`, but never folded `GHL_API_KEY` or `GHL_LOCATION_ID`. `WorkflowBuilderClient.fromEnv()` reads all five directly from `process.env`, so for the recommended `npx -y @elitedcs/ghl-mcp@latest` install path — where no env vars are set anywhere — `fromEnv()` returned `null` and every Firebase-gated tool was skipped. Wrapper-script installs (e.g. `start-mcp.sh`) were unaffected because they exported all the vars manually. Henry's workaround of passing the values as `--env` flags on `claude mcp add` "fixed" it by route, which is why this looked like a credentials-file persistence bug.
+
+**Fix.** All credentials-file values now fold into `process.env` at startup (env still wins when already set, so wrapper-script + headless paths are unchanged). Pulled the fold into a single `foldCredentialsIntoEnv()` helper with regression tests that lock in all five Firebase-gated fields.
+
+Also in this release:
+
+- **`create_form`** now uses the correct path. GHL silently retired `POST /forms?locationId=…` (returns 404); the working path is `POST /forms/?locationId=…` (trailing slash). Verified against MCP Testing.
+- **`update_form`** is honestly marked unavailable, with the actual root cause documented for the first time: the GHL form builder runs in a cross-origin iframe (`leadgen-apps-form-survey-builder.leadconnectorhq.com`) and writes saves **directly to Firestore via the Firebase JS SDK** — `firestore.googleapis.com/.../databases/(default)` against the `highlevel-backend` project — rather than any REST endpoint. That's why every REST probe returns 404 or "Form does not exist or is deleted." Wiring this up needs a Firestore-client integration (separate from the workflow-builder's REST-over-Firebase-token pattern). Tracked for a focused future release. Workaround: `delete_form` + `create_form` (both work).
+- **`update_calendar`** removed `teamMembers` from the input. GHL's public API silently drops the field on PUT (200 OK, nothing persists) across every shape and API version we tested. The tool description now tells the caller to set the assignee in the GHL UI instead of returning a fake success.
+
 ## 3.20.0 — License gate for headless / env-var installs
 
 **Security + headless support. No tool changes (212 across 43 modules).**

package/dist/index.js

@@ -31,7 +31,7 @@ var require_package = __commonJS({
   "package.json"(exports2, module2) {
     module2.exports = {
       name: "@elitedcs/ghl-mcp",
-      version: "3.20.0",
+      version: "3.24.0",
       mcpName: "io.github.drjerryrelth/ghl-command",
       description: "GoHighLevel MCP Server for Claude. 212 tools \u2014 full CRM, automation, marketing control, and the only programmatic GHL workflow builder, now multi-tenant across client accounts.",
       main: "dist/index.js",
@@ -290,7 +290,14 @@ var CredentialsSchema = import_zod.z.object({
   ghl_company_id: import_zod.z.string().optional(),
   ghl_user_id: import_zod.z.string().optional(),
   ghl_firebase_api_key: import_zod.z.string().optional(),
-  ghl_firebase_refresh_token: import_zod.z.string().optional()
+  ghl_firebase_refresh_token: import_zod.z.string().optional(),
+  // Ed25519-signed attestation from elitedcs.com/api/validate-license.
+  // v3.24.0+ writes this on every successful online validation; index.ts
+  // verifies on startup and refuses to load tools without it (closing the
+  // hand-crafted-credentials.json bypass that existed through v3.23.0).
+  // Optional in the schema only so files written by earlier versions still
+  // parse — index.ts's gate forces a re-validate when the field is missing.
+  signed_attestation: import_zod.z.string().optional()
 });
 function appDataDir() {
   const home = os.homedir();
@@ -332,6 +339,23 @@ function readCredentials() {
     return null;
   }
 }
+function foldCredentialsIntoEnv(creds, env = process.env) {
+  if (!creds) return;
+  const mappings = [
+    ["ghl_api_key", "GHL_API_KEY"],
+    ["ghl_location_id", "GHL_LOCATION_ID"],
+    ["ghl_user_id", "GHL_USER_ID"],
+    ["ghl_firebase_api_key", "GHL_FIREBASE_API_KEY"],
+    ["ghl_firebase_refresh_token", "GHL_FIREBASE_REFRESH_TOKEN"],
+    ["ghl_company_id", "GHL_COMPANY_ID"]
+  ];
+  for (const [credKey, envKey] of mappings) {
+    const value = creds[credKey];
+    if (value && !env[envKey]) {
+      env[envKey] = value;
+    }
+  }
+}
 function writeCredentials(creds) {
   ensureAppDataDir();
   const file = credentialsPath();
@@ -2370,6 +2394,18 @@ function registerOpportunityTools(server2, client) {
 
 // src/tools/calendars.ts
 var import_zod9 = require("zod");
+var TeamMemberLocationConfigSchema = import_zod9.z.object({
+  kind: import_zod9.z.string().describe("Meeting location kind. Common values: 'custom', 'zoom_conference', 'google_meet'."),
+  position: import_zod9.z.number().int().nonnegative().describe("Position index for ordering (0-based)."),
+  location: import_zod9.z.string().optional().describe("Display string for the meeting location (URL or address). Optional for kind='custom'.")
+});
+var CalendarTeamMemberSchema = import_zod9.z.object({
+  userId: import_zod9.z.string().describe("GHL user ID to assign. Must exist in this sub-account."),
+  priority: import_zod9.z.union([import_zod9.z.literal(0), import_zod9.z.literal(0.5), import_zod9.z.literal(1)]).describe("Booking priority. Exactly 0, 0.5, or 1 (anything else 422s from GHL). Higher = preferred for round-robin."),
+  isPrimary: import_zod9.z.boolean().describe("Whether this user is the primary assignee."),
+  selected: import_zod9.z.boolean().describe("Whether this user is currently active on the calendar (true to enable)."),
+  locationConfigurations: import_zod9.z.array(TeamMemberLocationConfigSchema).min(1).describe("At least one meeting-location config. Typical shape: [{kind:'custom', position:0, location:''}].")
+});
 function registerCalendarTools(server2, client) {
   safeTool(
     server2,
@@ -2439,7 +2475,7 @@ function registerCalendarTools(server2, client) {
   safeTool(
     server2,
     "update_calendar",
-    "Update an existing calendar",
+    "Update an existing calendar's settings. Supports name, description, slug, event title/color, slot durations, capacity, AND team-member assignment via `teamMembers`. Team members only apply to calendar types that use them (round_robin, class_booking, etc.) \u2014 on event calendars GHL accepts the call but silently ignores the field. priority MUST be 0, 0.5, or 1.",
     {
       calendarId: import_zod9.z.string().describe("The calendar ID to update"),
       name: import_zod9.z.string().optional().describe("Calendar name"),
@@ -2447,7 +2483,7 @@ function registerCalendarTools(server2, client) {
       slug: import_zod9.z.string().optional().describe("Calendar slug"),
       widgetSlug: import_zod9.z.string().optional().describe("Widget slug for embedding"),
       calendarType: import_zod9.z.string().optional().describe("Calendar type"),
-      teamMembers: import_zod9.z.array(import_zod9.z.record(import_zod9.z.unknown())).optional().describe("Array of team member objects"),
+      teamMembers: import_zod9.z.array(CalendarTeamMemberSchema).optional().describe("Replace the calendar's team-member assignments. Pass [] to clear (round-robin calendars require at least one). Use get_calendar to inspect the current shape first."),
       eventTitle: import_zod9.z.string().optional().describe("Default event title"),
       eventColor: import_zod9.z.string().optional().describe("Event color hex code"),
       slotDuration: import_zod9.z.number().optional().describe("Slot duration in minutes"),
@@ -5482,6 +5518,12 @@ ${text2}`);
 
 // src/tools/form-builder.ts
 var import_zod35 = require("zod");
+function buildUpdateFormPath(formId, locationId2) {
+  return `/${formId}?locationId=${locationId2}`;
+}
+function buildUpdateFormBody(name, formData) {
+  return { name, formData };
+}
 function registerFormBuilderTools(server2, builderClient) {
   const client = builderClient;
   if (!client) return;
@@ -5525,17 +5567,28 @@ ${text2}`);
   );
   server2.tool(
     "update_form",
-    "Update a form's structure \u2014 fields, labels, conditional logic, auto-responder, email notifications, styling. Use get_form_full first to see the current structure, modify the formData object, and pass it here.",
+    "Update a form's structure \u2014 fields, labels, conditional logic, auto-responder, email notifications, styling. Use get_form_full first to read the current form, modify the formData object, then pass it here. If name is omitted, the current name is preserved (one extra GET).",
     {
       formId: import_zod35.z.string().describe("The form ID to update."),
       formData: import_zod35.z.record(import_zod35.z.unknown()).describe("The updated formData object containing form fields, settings, autoResponder config, etc."),
-      name: import_zod35.z.string().optional().describe("Updated form name.")
+      name: import_zod35.z.string().optional().describe("Updated form name. If omitted, the current name is preserved.")
     },
     async ({ formId, formData, name }) => {
       try {
-        const body = { formData, locationId: client.locationId };
-        if (name !== void 0) body.name = name;
-        const result = await formRequest("PUT", `/${formId}?locationId=${client.locationId}`, body);
+        let resolvedName = name;
+        if (resolvedName === void 0) {
+          const current = await formRequest("GET", `/${formId}?locationId=${client.locationId}`);
+          const currentName = typeof current === "object" && current !== null && "form" in current ? current.form?.name : void 0;
+          if (typeof currentName !== "string") {
+            throw new Error(`Could not resolve current form name for ${formId} (GET /forms/${formId} returned no string name).`);
+          }
+          resolvedName = currentName;
+        }
+        const result = await formRequest(
+          "POST",
+          buildUpdateFormPath(formId, client.locationId),
+          buildUpdateFormBody(resolvedName, formData)
+        );
         return {
           content: [{ type: "text", text: JSON.stringify(result, null, 2) }]
         };
@@ -5552,7 +5605,7 @@ ${text2}`);
     },
     async ({ name }) => {
       try {
-        const result = await formRequest("POST", `?locationId=${client.locationId}`, {
+        const result = await formRequest("POST", `/?locationId=${client.locationId}`, {
           name,
           locationId: client.locationId,
           formData: {
@@ -5797,7 +5850,11 @@ async function validateLicense(email, licenseKey) {
     });
     const data = await res.json().catch(() => ({}));
     if (res.ok && data.valid) {
-      return { ok: true, installs: `${data.installs_used}/${data.installs_max}` };
+      return {
+        ok: true,
+        installs: `${data.installs_used}/${data.installs_max}`,
+        signedAttestation: typeof data.signed_attestation === "string" ? data.signed_attestation : void 0
+      };
     }
     return { ok: false, error: data.error || data.message || `License validation failed (HTTP ${res.status})` };
   } catch (err) {
@@ -5897,7 +5954,10 @@ Note: Firebase credentials rejected (${fb.error}). Saved without Workflow Builde
         ghl_company_id: args.ghl_company_id?.trim() || void 0,
         ghl_user_id: workflowBuilderEnabled ? args.ghl_user_id?.trim() : void 0,
         ghl_firebase_api_key: workflowBuilderEnabled ? args.ghl_firebase_api_key?.trim() : void 0,
-        ghl_firebase_refresh_token: workflowBuilderEnabled ? args.ghl_firebase_refresh_token?.trim() : void 0
+        ghl_firebase_refresh_token: workflowBuilderEnabled ? args.ghl_firebase_refresh_token?.trim() : void 0,
+        // v3.24.0+ attestation. Tied to email + license + device fingerprint;
+        // verified on every MCP startup. Closes the hand-crafted creds bypass.
+        signed_attestation: lic.signedAttestation
       });
       const toolCount = workflowBuilderEnabled ? "212" : "163";
       const wfLine = workflowBuilderEnabled ? "Workflow Builder: enabled." : "Workflow Builder: not configured (optional).";
@@ -8236,6 +8296,92 @@ function registerAllTools(server2, client, registry2, mcpVersion) {
   registerLocationSwitcherTools(server2, client, builderClient, registry2, mcpVersion);
 }
 
+// src/attestation.ts
+var import_node_crypto = require("node:crypto");
+var ATTESTATION_PUBLIC_KEY_B64 = "8KJo8V3Z7ngeToIQfOXpKdlr/EA34hXJVEIpW0A7wqs=";
+var ATTESTATION_VERSION = 1;
+var ATTESTATION_GRACE_DAYS = 14;
+function deviceFingerprint2() {
+  const os3 = require("node:os");
+  const crypto4 = require("node:crypto");
+  const raw = `${os3.hostname()}:${os3.userInfo().username}:${os3.platform()}:${os3.arch()}`;
+  return crypto4.createHash("sha256").update(raw).digest("hex").slice(0, 16);
+}
+function base64urlDecode(s) {
+  const b64 = s.replace(/-/g, "+").replace(/_/g, "/");
+  const padded = b64 + "=".repeat((4 - b64.length % 4) % 4);
+  return new Uint8Array(Buffer.from(padded, "base64"));
+}
+var cachedPublicKey = null;
+async function getPublicKey() {
+  if (cachedPublicKey) return cachedPublicKey;
+  const raw = Buffer.from(ATTESTATION_PUBLIC_KEY_B64, "base64");
+  cachedPublicKey = await import_node_crypto.webcrypto.subtle.importKey(
+    "raw",
+    raw,
+    { name: "Ed25519" },
+    false,
+    ["verify"]
+  );
+  return cachedPublicKey;
+}
+async function verifyAttestation(token, bindings, now = /* @__PURE__ */ new Date()) {
+  if (typeof token !== "string" || !token) return { ok: false, reason: "malformed" };
+  const dot = token.indexOf(".");
+  if (dot <= 0 || dot === token.length - 1) return { ok: false, reason: "malformed" };
+  let payloadBytes;
+  let signatureBytes;
+  try {
+    payloadBytes = base64urlDecode(token.slice(0, dot));
+    signatureBytes = base64urlDecode(token.slice(dot + 1));
+  } catch {
+    return { ok: false, reason: "malformed" };
+  }
+  let payload;
+  try {
+    const parsed = JSON.parse(new TextDecoder().decode(payloadBytes));
+    if (typeof parsed.v !== "number") return { ok: false, reason: "malformed" };
+    if (parsed.v !== ATTESTATION_VERSION) return { ok: false, reason: "unsupported-version" };
+    payload = parsed;
+  } catch {
+    return { ok: false, reason: "malformed" };
+  }
+  let signatureValid;
+  try {
+    const key = await getPublicKey();
+    signatureValid = await import_node_crypto.webcrypto.subtle.verify({ name: "Ed25519" }, key, signatureBytes, payloadBytes);
+  } catch {
+    return { ok: false, reason: "bad-signature" };
+  }
+  if (!signatureValid) return { ok: false, reason: "bad-signature" };
+  if (payload.email.toLowerCase() !== bindings.email.toLowerCase()) {
+    return { ok: false, reason: "wrong-email" };
+  }
+  if (payload.license_key !== bindings.license_key) {
+    return { ok: false, reason: "wrong-license" };
+  }
+  const fingerprint = bindings.expectedFingerprint ?? deviceFingerprint2();
+  if (payload.device_fingerprint !== fingerprint) {
+    return { ok: false, reason: "wrong-device" };
+  }
+  const expiry = Date.parse(payload.expires_at);
+  if (!Number.isFinite(expiry)) return { ok: false, reason: "malformed" };
+  const graceDeadline = expiry + ATTESTATION_GRACE_DAYS * 24 * 60 * 60 * 1e3;
+  if (now.getTime() <= expiry) {
+    return { ok: true, payload, reason: "valid" };
+  }
+  if (now.getTime() <= graceDeadline) {
+    return { ok: true, payload, reason: "in-grace" };
+  }
+  return { ok: false, reason: "expired" };
+}
+function shouldRenew(payload, now = /* @__PURE__ */ new Date()) {
+  const expiry = Date.parse(payload.expires_at);
+  if (!Number.isFinite(expiry)) return true;
+  const remainingMs = expiry - now.getTime();
+  return remainingMs < 7 * 24 * 60 * 60 * 1e3;
+}
+
 // src/tools/meta.ts
 function registerMetaTools(server2, installedVersion) {
   server2.tool(
@@ -8303,18 +8449,7 @@ var registry = new TokenRegistry();
 var fileCreds = readCredentials();
 var locationId = process.env.GHL_LOCATION_ID || fileCreds?.ghl_location_id || void 0;
 var apiKey = process.env.GHL_API_KEY || fileCreds?.ghl_api_key || void 0;
-if (fileCreds?.ghl_user_id && !process.env.GHL_USER_ID) {
-  process.env.GHL_USER_ID = fileCreds.ghl_user_id;
-}
-if (fileCreds?.ghl_firebase_api_key && !process.env.GHL_FIREBASE_API_KEY) {
-  process.env.GHL_FIREBASE_API_KEY = fileCreds.ghl_firebase_api_key;
-}
-if (fileCreds?.ghl_firebase_refresh_token && !process.env.GHL_FIREBASE_REFRESH_TOKEN) {
-  process.env.GHL_FIREBASE_REFRESH_TOKEN = fileCreds.ghl_firebase_refresh_token;
-}
-if (fileCreds?.ghl_company_id && !process.env.GHL_COMPANY_ID) {
-  process.env.GHL_COMPANY_ID = fileCreds.ghl_company_id;
-}
+foldCredentialsIntoEnv(fileCreds);
 if (locationId && registry.hasTokens()) {
   const token = registry.getToken(locationId);
   if (token) {
@@ -8329,8 +8464,70 @@ var server = new import_mcp.McpServer({
 });
 registerMetaTools(server, pkg.version);
 var inBootstrapMode = true;
+async function renewAttestation(creds) {
+  if (!creds.email || !creds.license_key) return false;
+  try {
+    const lic = await validateLicense(creds.email, creds.license_key);
+    if (!lic.ok) {
+      process.stderr.write(`[ghl-mcp] Re-validate failed: ${lic.error}
+`);
+      return false;
+    }
+    try {
+      writeCredentials({
+        ...creds,
+        verified_at: (/* @__PURE__ */ new Date()).toISOString(),
+        ...lic.signedAttestation ? { signed_attestation: lic.signedAttestation } : {}
+      });
+    } catch {
+    }
+    if (!lic.signedAttestation) {
+      process.stderr.write("[ghl-mcp] License re-validated, but the license server did not return a signed attestation. Falling back to legacy trust for this session.\n");
+    }
+    return true;
+  } catch {
+    return false;
+  }
+}
+function renewAttestationInBackground(creds) {
+  return renewAttestation(creds).then(() => void 0, () => void 0);
+}
 async function resolveAccessAndRegister() {
-  let licenseVerified = Boolean(fileCreds?.verified_at && fileCreds?.license_key);
+  let licenseVerified = false;
+  let attestationStatus = "no-creds";
+  if (fileCreds?.email && fileCreds?.license_key && fileCreds.signed_attestation) {
+    const verify = await verifyAttestation(fileCreds.signed_attestation, {
+      email: fileCreds.email,
+      license_key: fileCreds.license_key
+    });
+    if (verify.ok) {
+      licenseVerified = true;
+      attestationStatus = verify.reason;
+      if (verify.reason === "in-grace" || shouldRenew(verify.payload)) {
+        void renewAttestationInBackground(fileCreds);
+      }
+    } else {
+      process.stderr.write(`[ghl-mcp] Stored attestation rejected: ${verify.reason}. Re-validating online.
+`);
+      const renewed = await renewAttestation(fileCreds);
+      if (renewed) {
+        licenseVerified = true;
+        attestationStatus = "renewed-after-tamper";
+      } else {
+        attestationStatus = "needs-reset";
+      }
+    }
+  } else if (fileCreds?.email && fileCreds?.license_key) {
+    process.stderr.write("[ghl-mcp] Upgrading legacy credentials.json to signed attestation.\n");
+    const renewed = await renewAttestation(fileCreds);
+    if (renewed) {
+      licenseVerified = true;
+      attestationStatus = "renewed-from-legacy";
+    } else {
+      attestationStatus = "needs-reset";
+      process.stderr.write("[ghl-mcp] Could not re-validate. Run setup_ghl_mcp again.\n");
+    }
+  }
   if (!licenseVerified && apiKey && locationId) {
     const licEmail = (process.env.GHL_LICENSE_EMAIL || fileCreds?.email)?.trim();
     const licKey = (process.env.GHL_LICENSE_KEY || fileCreds?.license_key)?.trim();
@@ -8338,6 +8535,7 @@ async function resolveAccessAndRegister() {
       const lic = await validateLicense(licEmail, licKey);
       if (lic.ok) {
         licenseVerified = true;
+        attestationStatus = "renewed";
         try {
           writeCredentials({
             license_key: licKey,
@@ -8348,7 +8546,8 @@ async function resolveAccessAndRegister() {
             ...process.env.GHL_COMPANY_ID ? { ghl_company_id: process.env.GHL_COMPANY_ID } : {},
             ...process.env.GHL_USER_ID ? { ghl_user_id: process.env.GHL_USER_ID } : {},
             ...process.env.GHL_FIREBASE_API_KEY ? { ghl_firebase_api_key: process.env.GHL_FIREBASE_API_KEY } : {},
-            ...process.env.GHL_FIREBASE_REFRESH_TOKEN ? { ghl_firebase_refresh_token: process.env.GHL_FIREBASE_REFRESH_TOKEN } : {}
+            ...process.env.GHL_FIREBASE_REFRESH_TOKEN ? { ghl_firebase_refresh_token: process.env.GHL_FIREBASE_REFRESH_TOKEN } : {},
+            ...lic.signedAttestation ? { signed_attestation: lic.signedAttestation } : {}
           });
           process.stderr.write("[ghl-mcp] License validated and cached.\n");
         } catch {
@@ -8363,6 +8562,10 @@ async function resolveAccessAndRegister() {
       );
     }
   }
+  if (licenseVerified) {
+    process.stderr.write(`[ghl-mcp] License gate: ${attestationStatus}.
+`);
+  }
   inBootstrapMode = !apiKey || !locationId || !licenseVerified;
   if (inBootstrapMode) {
     process.stderr.write(

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@elitedcs/ghl-mcp",
-  "version": "3.20.0",
+  "version": "3.24.0",
   "mcpName": "io.github.drjerryrelth/ghl-command",
   "description": "GoHighLevel MCP Server for Claude. 212 tools — full CRM, automation, marketing control, and the only programmatic GHL workflow builder, now multi-tenant across client accounts.",
   "main": "dist/index.js",