@enactprotocol/shared 1.0.12

package/src/security/verification-enforcer.ts

@@ -0,0 +1,268 @@
+// src/security/verification-enforcer.ts - Mandatory signature verification enforcement
+import {
+	verifyTool,
+	VERIFICATION_POLICIES,
+	type VerificationPolicy,
+} from "./sign";
+import type { EnactTool, ExecutionResult } from "../types";
+import logger from "../exec/logger";
+
+export interface VerificationEnforcementOptions {
+	skipVerification?: boolean;
+	verifyPolicy?: "permissive" | "enterprise" | "paranoid";
+	force?: boolean;
+	allowUnsigned?: boolean; // Explicit flag for allowing unsigned tools (only for dev/testing)
+}
+
+export interface VerificationEnforcementResult {
+	allowed: boolean;
+	reason: string;
+	verificationResult?: {
+		isValid: boolean;
+		message: string;
+		validSignatures: number;
+		totalSignatures: number;
+		verifiedSigners: Array<{ signer: string; role?: string; keyId: string }>;
+		errors: string[];
+	};
+	error?: {
+		message: string;
+		code: string;
+		details?: any;
+	};
+}
+
+/**
+ * Enforce mandatory signature verification for tool execution
+ * This is the central function that should be called before ANY tool execution
+ */
+export async function enforceSignatureVerification(
+	tool: EnactTool,
+	options: VerificationEnforcementOptions = {},
+): Promise<VerificationEnforcementResult> {
+	const toolName = tool.name || "unknown";
+
+	// Check if verification is explicitly skipped
+	if (options.skipVerification) {
+		logger.warn(
+			`🚨 SECURITY WARNING: Signature verification skipped for tool: ${toolName}`,
+		);
+		logger.warn(
+			`   This bypasses security measures and is NOT recommended for production use!`,
+		);
+
+		return {
+			allowed: true,
+			reason: `Verification skipped by request for tool: ${toolName}`,
+			verificationResult: {
+				isValid: false,
+				message: "Verification skipped",
+				validSignatures: 0,
+				totalSignatures: 0,
+				verifiedSigners: [],
+				errors: ["Signature verification was explicitly skipped"],
+			},
+		};
+	}
+
+	// Check if tool has any signatures
+	const hasSignatures =
+		!!(tool.signatures && Object.keys(tool.signatures).length > 0) ||
+		!!tool.signature;
+
+	if (!hasSignatures) {
+		logger.warn(`⚠️  Tool has no signatures: ${toolName}`);
+
+		// Only allow unsigned tools if explicitly permitted (for development/testing)
+		if (options.allowUnsigned) {
+			logger.warn(
+				`   Allowing unsigned tool execution due to allowUnsigned flag (DEV/TEST ONLY)`,
+			);
+			return {
+				allowed: true,
+				reason: `Unsigned tool allowed by explicit permission: ${toolName}`,
+				verificationResult: {
+					isValid: false,
+					message: "No signatures found, but execution allowed",
+					validSignatures: 0,
+					totalSignatures: 0,
+					verifiedSigners: [],
+					errors: [
+						"Tool has no signatures but execution was explicitly allowed",
+					],
+				},
+			};
+		}
+
+		// Reject unsigned tools by default
+		return {
+			allowed: false,
+			reason: `Tool has no signatures and unsigned execution is not permitted: ${toolName}`,
+			error: {
+				message: `Tool "${toolName}" has no cryptographic signatures. For security, only signed tools can be executed.`,
+				code: "NO_SIGNATURES_FOUND",
+				details: {
+					toolName,
+					hasSignature: !!tool.signature,
+					hasSignatures: !!tool.signatures,
+					signatureCount: tool.signatures
+						? Object.keys(tool.signatures).length
+						: 0,
+				},
+			},
+		};
+	}
+
+	// Perform signature verification
+	try {
+		logger.info(`🔐 Verifying signatures for tool: ${toolName}`);
+
+		// Determine verification policy
+		const policyKey = (options.verifyPolicy || "permissive").toUpperCase() as
+			| "PERMISSIVE"
+			| "ENTERPRISE"
+			| "PARANOID";
+		const policy: VerificationPolicy =
+			VERIFICATION_POLICIES[policyKey] || VERIFICATION_POLICIES.PERMISSIVE;
+
+		logger.info(`   Using verification policy: ${policyKey.toLowerCase()}`);
+		if (policy.minimumSignatures) {
+			logger.info(
+				`   Minimum signatures required: ${policy.minimumSignatures}`,
+			);
+		}
+		if (policy.requireRoles) {
+			logger.info(`   Required roles: ${policy.requireRoles.join(", ")}`);
+		}
+
+		// Verify the tool
+		const verificationResult = await verifyTool(tool, policy);
+
+		if (verificationResult.isValid) {
+			logger.info(`✅ Signature verification passed for tool: ${toolName}`);
+			logger.info(
+				`   Valid signatures: ${verificationResult.validSignatures}/${verificationResult.totalSignatures}`,
+			);
+
+			if (verificationResult.verifiedSigners.length > 0) {
+				logger.info(
+					`   Verified signers: ${verificationResult.verifiedSigners
+						.map((s) => `${s.signer}${s.role ? ` (${s.role})` : ""}`)
+						.join(", ")}`,
+				);
+			}
+
+			return {
+				allowed: true,
+				reason: `Tool signature verification passed: ${verificationResult.message}`,
+				verificationResult,
+			};
+		} else {
+			logger.error(`❌ Signature verification failed for tool: ${toolName}`);
+			logger.error(`   Policy: ${policyKey.toLowerCase()}`);
+			logger.error(
+				`   Valid signatures: ${verificationResult.validSignatures}/${verificationResult.totalSignatures}`,
+			);
+
+			if (verificationResult.errors.length > 0) {
+				logger.error(`   Errors:`);
+				verificationResult.errors.forEach((error) =>
+					logger.error(`     - ${error}`),
+				);
+			}
+
+			return {
+				allowed: false,
+				reason: `Tool signature verification failed: ${verificationResult.message}`,
+				verificationResult,
+				error: {
+					message: `Tool "${toolName}" failed signature verification. ${verificationResult.message}`,
+					code: "SIGNATURE_VERIFICATION_FAILED",
+					details: {
+						toolName,
+						policy: policyKey.toLowerCase(),
+						validSignatures: verificationResult.validSignatures,
+						totalSignatures: verificationResult.totalSignatures,
+						errors: verificationResult.errors,
+						verifiedSigners: verificationResult.verifiedSigners,
+					},
+				},
+			};
+		}
+	} catch (error) {
+		const errorMessage =
+			error instanceof Error ? error.message : "Unknown verification error";
+		logger.error(
+			`💥 Signature verification error for tool: ${toolName} - ${errorMessage}`,
+		);
+
+		return {
+			allowed: false,
+			reason: `Signature verification error: ${errorMessage}`,
+			error: {
+				message: `Signature verification failed due to error: ${errorMessage}`,
+				code: "VERIFICATION_ERROR",
+				details: { toolName, originalError: error },
+			},
+		};
+	}
+}
+
+/**
+ * Create an execution result for verification failure
+ */
+export function createVerificationFailureResult(
+	tool: EnactTool,
+	verificationResult: VerificationEnforcementResult,
+	executionId: string,
+): ExecutionResult {
+	return {
+		success: false,
+		error: verificationResult.error || {
+			message: verificationResult.reason,
+			code: "VERIFICATION_FAILED",
+		},
+		metadata: {
+			executionId,
+			toolName: tool.name || "unknown",
+			version: tool.version,
+			executedAt: new Date().toISOString(),
+			environment: "direct",
+			command: tool.command,
+		},
+	};
+}
+
+/**
+ * Log security audit information for tool execution
+ */
+export function logSecurityAudit(
+	tool: EnactTool,
+	verificationResult: VerificationEnforcementResult,
+	executionAllowed: boolean,
+	options: VerificationEnforcementOptions,
+) {
+	const auditLog = {
+		timestamp: new Date().toISOString(),
+		tool: tool.name || "unknown",
+		version: tool.version,
+		command: tool.command,
+		executionAllowed,
+		verificationSkipped: options.skipVerification || false,
+		verificationPolicy: options.verifyPolicy || "permissive",
+		verificationResult: verificationResult.verificationResult
+			? {
+					isValid: verificationResult.verificationResult.isValid,
+					validSignatures:
+						verificationResult.verificationResult.validSignatures,
+					totalSignatures:
+						verificationResult.verificationResult.totalSignatures,
+					verifiedSigners:
+						verificationResult.verificationResult.verifiedSigners,
+				}
+			: null,
+		errors: verificationResult.error ? [verificationResult.error.message] : [],
+	};
+
+	logger.info(`🔍 Security Audit Log:`, auditLog);
+}

package/src/services/McpCoreService.ts

@@ -0,0 +1,203 @@
+// src/services/McpCoreService.ts - Direct core integration for MCP server
+import { EnactCore } from "../core/EnactCore";
+import type { EnactTool, ExecutionResult } from "../types";
+import type { ToolSearchOptions, ToolExecuteOptions } from "../core/EnactCore";
+
+export class McpCoreService {
+	private core: EnactCore;
+
+	constructor(options?: {
+		apiUrl?: string;
+		supabaseUrl?: string;
+		authToken?: string;
+	}) {
+		this.core = new EnactCore({
+			apiUrl: options?.apiUrl || "https://enact.tools",
+			supabaseUrl:
+				options?.supabaseUrl || "https://xjnhhxwxovjifdxdwzih.supabase.co",
+			authToken: options?.authToken,
+		});
+	}
+
+	/**
+	 * Set authentication token
+	 */
+	setAuthToken(token: string): void {
+		this.core.setAuthToken(token);
+	}
+
+	/**
+	 * Search for tools
+	 */
+	async searchTools(
+		query: string,
+		options?: {
+			limit?: number;
+			tags?: string[];
+			author?: string;
+		},
+	): Promise<EnactTool[]> {
+		const searchOptions: ToolSearchOptions = {
+			query,
+			limit: options?.limit,
+			tags: options?.tags,
+			author: options?.author,
+		};
+
+		return await this.core.searchTools(searchOptions);
+	}
+
+	/**
+	 * Get a specific tool by name
+	 */
+	async getToolInfo(name: string): Promise<EnactTool | null> {
+		return await this.core.getToolByName(name);
+	}
+
+	/**
+	 * Execute a tool by name
+	 */
+	async executeToolByName(
+		name: string,
+		inputs: Record<string, any> = {},
+		options?: {
+			timeout?: string;
+			verifyPolicy?: "permissive" | "enterprise" | "paranoid";
+			skipVerification?: boolean;
+			force?: boolean;
+			dryRun?: boolean;
+		},
+	): Promise<ExecutionResult> {
+		const executeOptions: ToolExecuteOptions = {
+			timeout: options?.timeout,
+			verifyPolicy: options?.verifyPolicy,
+			skipVerification: options?.skipVerification,
+			force: options?.force,
+			dryRun: options?.dryRun,
+		};
+
+		return await this.core.executeToolByName(name, inputs, executeOptions);
+	}
+
+	/**
+	 * Execute a tool from raw YAML definition
+	 */
+	async executeRawTool(
+		toolYaml: string,
+		inputs: Record<string, any> = {},
+		options?: {
+			timeout?: string;
+			skipVerification?: boolean;
+			force?: boolean;
+			dryRun?: boolean;
+		},
+	): Promise<ExecutionResult> {
+		const executeOptions: ToolExecuteOptions = {
+			timeout: options?.timeout,
+			skipVerification: options?.skipVerification,
+			force: options?.force,
+			dryRun: options?.dryRun,
+		};
+
+		return await this.core.executeRawTool(toolYaml, inputs, executeOptions);
+	}
+
+	/**
+	 * Verify a tool's signature
+	 */
+	async verifyTool(
+		name: string,
+		policy?: string,
+	): Promise<{
+		verified: boolean;
+		signatures: any[];
+		policy: string;
+		errors?: string[];
+	}> {
+		return await this.core.verifyTool(name, policy);
+	}
+
+	/**
+	 * Check if a tool exists
+	 */
+	async toolExists(name: string): Promise<boolean> {
+		return await this.core.toolExists(name);
+	}
+
+	/**
+	 * Get tools by tags
+	 */
+	async getToolsByTags(
+		tags: string[],
+		limit: number = 20,
+	): Promise<EnactTool[]> {
+		return await this.core.getToolsByTags(tags, limit);
+	}
+
+	/**
+	 * Get tools by author
+	 */
+	async getToolsByAuthor(
+		author: string,
+		limit: number = 20,
+	): Promise<EnactTool[]> {
+		return await this.core.getToolsByAuthor(author, limit);
+	}
+
+	/**
+	 * Get all tools with filters
+	 */
+	async getTools(options?: {
+		limit?: number;
+		offset?: number;
+		tags?: string[];
+		author?: string;
+	}): Promise<EnactTool[]> {
+		return await this.core.getTools(options);
+	}
+
+	/**
+	 * Get authentication status
+	 */
+	async getAuthStatus(): Promise<{
+		authenticated: boolean;
+		user?: string;
+		server?: string;
+	}> {
+		return await this.core.getAuthStatus();
+	}
+
+	/**
+	 * Check if service is available (always true for core service)
+	 */
+	async isAvailable(): Promise<boolean> {
+		return true;
+	}
+
+	/**
+	 * Get service path info (not applicable for core service)
+	 */
+	async getPathInfo(): Promise<{
+		detectedPath: string | null;
+		isAvailable: boolean;
+		version?: string;
+	}> {
+		return {
+			detectedPath: "core-library",
+			isAvailable: true,
+			version: "2.0.0-core",
+		};
+	}
+
+	/**
+	 * Publish a tool (requires authentication)
+	 */
+	async publishTool(
+		tool: EnactTool,
+	): Promise<{ success: boolean; message: string }> {
+		return await this.core.publishTool(tool);
+	}
+}
+
+// Create and export singleton instance
+export const mcpCoreService = new McpCoreService();

package/src/services/index.ts

@@ -0,0 +1 @@
+export * from './McpCoreService';

package/src/types.ts

@@ -0,0 +1,190 @@
+// src/types.ts - Type definitions for Enact CLI Core
+export interface EnactTool {
+	// REQUIRED FIELDS
+	name: string; // Tool identifier with hierarchical path
+	description: string; // Human-readable description
+	command: string; // Shell command to execute with version pins
+
+	// RECOMMENDED FIELDS
+	timeout?: string; // Go duration format: "30s", "5m", "1h" (default: "30s")
+	tags?: string[]; // Tags for search and categorization
+	license?: string; // SPDX License identifier (e.g., "MIT", "Apache-2.0")
+	outputSchema?: JSONSchemaDefinition; // Output structure as JSON Schema (strongly recommended)
+
+	// OPTIONAL FIELDS
+	enact?: string; // Protocol version (e.g., "1.0.0")
+	version?: string; // Tool definition version for tracking changes
+	namespace?: string; // Environment variable namespace (deprecated, use name hierarchy)
+
+	// Resource requirements
+	resources?: {
+		memory?: string; // System memory needed (e.g., "16Gi", "32Gi")
+		gpu?: string; // GPU memory needed (e.g., "24Gi", "48Gi")
+		disk?: string; // Disk space needed (e.g., "100Gi", "500Gi")
+	};
+
+	// Environment variables
+	env?: Record<
+		string,
+		{
+			description: string; // What this variable is for (required)
+			source: string; // Where to get this value (required)
+			required: boolean; // Whether this is required (required)
+			default?: string; // Default value if not set (optional)
+		}
+	>;
+
+	// Input/Output JSON Schemas
+	inputSchema?: JSONSchemaDefinition;
+
+	// Documentation and Testing
+	doc?: string; // Markdown documentation
+	authors?: Array<{
+		name: string; // Author name (required)
+		email?: string; // Author email (optional)
+		url?: string; // Author website (optional)
+	}>;
+
+	examples?: Array<{
+		input: Record<string, any>; // Input parameters
+		output?: any; // Expected output
+		description?: string; // Test description
+	}>;
+
+	// Behavior Annotations (MCP-aligned, all default to false)
+	annotations?: {
+		title?: string; // Human-readable display name
+		readOnlyHint?: boolean; // No environment modifications
+		destructiveHint?: boolean; // May make irreversible changes
+		idempotentHint?: boolean; // Multiple calls = single call
+		openWorldHint?: boolean; // Interacts with external systems
+	};
+
+	// Security
+	signature?: {
+		algorithm: string; // Hash algorithm: "sha256"
+		type: string; // Signature type: "ecdsa-p256"
+		signer: string; // Signer identifier
+		created: string; // ISO timestamp
+		value: string; // Base64 encoded signature
+		role?: string; // Optional description of the signer
+	};
+
+	// Multi-signature support (new format)
+	signatures?: Record<
+		string,
+		{
+			algorithm: string; // Hash algorithm: "sha256"
+			type: string; // Signature type: "ecdsa-p256"
+			signer: string; // Signer identifier
+			created: string; // ISO timestamp
+			value: string; // Base64 encoded signature
+			role?: string; // Optional description of the signer (e.g., "author", "maintainer")
+		}
+	>;
+
+	// Extensions pattern (x-prefixed fields)
+	[key: string]: any; // Allow x- prefixed extension fields
+}
+
+// JSON Schema type definitions
+export interface JSONSchemaDefinition {
+	type?: string | string[]; // JSON Schema type(s)
+	description?: string; // Human-readable description
+	format?: string; // Format specifier (e.g., "email", "date-time")
+	default?: any; // Default value
+	enum?: any[]; // Enumeration of possible values
+	const?: any; // Constant value
+
+	// String validations
+	pattern?: string; // Regular expression pattern
+	minLength?: number; // Minimum string length
+	maxLength?: number; // Maximum string length
+
+	// Number validations
+	minimum?: number; // Minimum value
+	maximum?: number; // Maximum value
+	exclusiveMinimum?: number; // Exclusive minimum
+	exclusiveMaximum?: number; // Exclusive maximum
+	multipleOf?: number; // Multiple of
+
+	// Array validations
+	items?: JSONSchemaDefinition | JSONSchemaDefinition[]; // Items schema
+	minItems?: number; // Minimum items
+	maxItems?: number; // Maximum items
+	uniqueItems?: boolean; // Items must be unique
+
+	// Object validations
+	properties?: Record<string, JSONSchemaDefinition>; // Properties
+	required?: string[]; // Required properties
+	additionalProperties?: JSONSchemaDefinition | boolean; // Additional properties
+
+	// Combiners
+	allOf?: JSONSchemaDefinition[]; // All of these schemas
+	anyOf?: JSONSchemaDefinition[]; // Any of these schemas
+	oneOf?: JSONSchemaDefinition[]; // Exactly one of these schemas
+	not?: JSONSchemaDefinition; // Not this schema
+
+	// Other
+	definitions?: Record<string, JSONSchemaDefinition>; // Definitions
+	$ref?: string; // JSON Schema reference
+	$id?: string; // Schema ID
+	$schema?: string; // Schema version
+
+	// Custom extensions
+	[key: string]: any; // Additional properties
+}
+
+export interface ExecutionResult {
+	success: boolean;
+	output?: any; // Command output/result
+	error?: {
+		message: string;
+		code?: string;
+		details?: any;
+	};
+	metadata: {
+		executionId: string;
+		toolName: string; // Changed from toolId
+		version?: string;
+		executedAt: string;
+		environment: string;
+		timeout?: string;
+		command?: string; // The actual command that was executed
+	};
+}
+
+// Execution environment interface
+export interface ExecutionEnvironment {
+	vars: Record<string, any>; // Environment variables
+	resources?: {
+		memory?: string;
+		gpu?: string;
+		disk?: string;
+		timeout?: string;
+	};
+	namespace?: string; // Environment variable namespace
+}
+
+// Updated execution provider interface
+export abstract class ExecutionProvider {
+	abstract setup(tool: EnactTool): Promise<boolean>;
+	abstract execute(
+		tool: EnactTool,
+		inputs: Record<string, any>,
+		environment: ExecutionEnvironment,
+	): Promise<ExecutionResult>;
+	abstract cleanup(): Promise<boolean>;
+	abstract resolveEnvironmentVariables(
+		envConfig: Record<string, any>,
+		namespace?: string,
+	): Promise<Record<string, any>>;
+
+	// New method for command execution
+	abstract executeCommand(
+		command: string,
+		inputs: Record<string, any>,
+		environment: ExecutionEnvironment,
+		timeout?: string,
+	): Promise<{ stdout: string; stderr: string; exitCode: number }>;
+}