@enactprotocol/shared 1.0.14 → 1.2.1

package/src/core/EnactCore.ts

@@ -5,10 +5,6 @@ import type {
 	ExecutionEnvironment,
 } from "../types.js";
 import { EnactApiClient } from "../api/enact-api.js";
-import {
-	verifyCommandSafety,
-	sanitizeEnvironmentVariables,
-} from "../security/security.js";
 import {
 	validateToolStructure,
 	validateInputs,
@@ -19,17 +15,9 @@ import { DaggerExecutionProvider } from "./DaggerExecutionProvider.js";
 import { resolveToolEnvironmentVariables } from "../utils/env-loader.js";
 import logger from "../exec/logger.js";
 import yaml from "yaml";
-import {
-	verifyTool as verifyToolSignatureWithPolicy,
-	VERIFICATION_POLICIES,
-} from "../security/sign.js";
-import {
-	enforceSignatureVerification,
-	createVerificationFailureResult,
-	logSecurityAudit,
-} from "../security/verification-enforcer.js";
 import fs from "fs";
 import path from "path";
+import { CryptoUtils, KeyManager, SecurityConfigManager, SigningService } from "@enactprotocol/security";
 
 export interface EnactCoreOptions {
 	apiUrl?: string;
@@ -38,7 +26,6 @@ export interface EnactCoreOptions {
 	authToken?: string;
 	verbose?: boolean;
 	defaultTimeout?: string;
-	verificationPolicy?: "permissive" | "enterprise" | "paranoid";
 	// Dagger-specific options
 	daggerOptions?: {
 		baseImage?: string;
@@ -59,11 +46,11 @@ export interface ToolSearchOptions {
 
 export interface ToolExecuteOptions {
 	timeout?: string;
-	verifyPolicy?: "permissive" | "enterprise" | "paranoid";
-	skipVerification?: boolean;
 	force?: boolean;
 	dryRun?: boolean;
 	verbose?: boolean;
+	isLocalFile?: boolean;
+	dangerouslySkipVerification?: boolean;
 }
 
 export class EnactCore {
@@ -77,7 +64,6 @@ export class EnactCore {
 			supabaseUrl: "https://xjnhhxwxovjifdxdwzih.supabase.co",
 			executionProvider: "dagger",
 			defaultTimeout: "30s",
-			verificationPolicy: "permissive",
 			...options,
 		};
 
@@ -97,9 +83,17 @@ export class EnactCore {
 	}
 
 	/**
-	 * Search for tools
+	 * Static method to search for tools (no execution provider needed)
 	 */
-	async searchTools(options: ToolSearchOptions): Promise<EnactTool[]> {
+	static async searchTools(
+		options: ToolSearchOptions,
+		coreOptions: Pick<EnactCoreOptions, 'apiUrl' | 'supabaseUrl'> = {}
+	): Promise<EnactTool[]> {
+		const apiClient = new EnactApiClient(
+			coreOptions.apiUrl || "https://enact.tools",
+			coreOptions.supabaseUrl || "https://xjnhhxwxovjifdxdwzih.supabase.co"
+		);
+
 		try {
 			logger.info(`Searching for tools with query: "${options.query}"`);
 
@@ -109,14 +103,14 @@ export class EnactCore {
 				tags: options.tags,
 			};
 
-			const results = await this.apiClient.searchTools(searchParams);
+			const results = await apiClient.searchTools(searchParams);
 
 			// Parse and validate results
 			const tools: EnactTool[] = [];
 			for (const result of results) {
 				if (result.name) {
 					try {
-						const tool = await this.getToolByName(result.name);
+						const tool = await EnactCore.getToolByName(result.name, undefined, coreOptions);
 						if (tool) {
 							tools.push(tool);
 						}
@@ -136,7 +130,7 @@ export class EnactCore {
 				logger.info(
 					"Search API unavailable, trying fallback to local filtering...",
 				);
-				return this.searchToolsFallback(options);
+				return EnactCore.searchToolsFallback(options, coreOptions);
 			}
 
 			throw new Error(
@@ -146,16 +140,29 @@ export class EnactCore {
 	}
 
 	/**
-	 * Fallback search method that gets all tools and filters locally
+	 * Instance method wrapper for backward compatibility
 	 */
-	private async searchToolsFallback(
+	async searchTools(options: ToolSearchOptions): Promise<EnactTool[]> {
+		return EnactCore.searchTools(options, this.options);
+	}
+
+	/**
+	 * Static fallback search method that gets all tools and filters locally
+	 */
+	private static async searchToolsFallback(
 		options: ToolSearchOptions,
+		coreOptions: Pick<EnactCoreOptions, 'apiUrl' | 'supabaseUrl'> = {}
 	): Promise<EnactTool[]> {
+		const apiClient = new EnactApiClient(
+			coreOptions.apiUrl || "https://enact.tools",
+			coreOptions.supabaseUrl || "https://xjnhhxwxovjifdxdwzih.supabase.co"
+		);
+
 		try {
 			logger.info("Using fallback search method...");
 
 			// Get all tools (limited to avoid overwhelming the API)
-			const allTools = await this.apiClient.getTools({
+			const allTools = await apiClient.getTools({
 				limit: options.limit || 100,
 			});
 
@@ -166,7 +173,7 @@ export class EnactCore {
 			for (const result of allTools) {
 				if (result.name) {
 					try {
-						const tool = await this.getToolByName(result.name);
+						const tool = await EnactCore.getToolByName(result.name, undefined, coreOptions);
 						if (tool) {
 							// Check if tool matches search criteria
 							const matchesQuery =
@@ -226,44 +233,70 @@ export class EnactCore {
 	}
 
 	/**
-	 * Get a specific tool by name
+	 * Static method to get a specific tool by name
 	 */
-	async getToolByName(
+	static async getToolByName(
 		name: string,
 		version?: string,
+		coreOptions: Pick<EnactCoreOptions, 'apiUrl' | 'supabaseUrl'> = {}
 	): Promise<EnactTool | null> {
+		const apiClient = new EnactApiClient(
+			coreOptions.apiUrl || "https://enact.tools",
+			coreOptions.supabaseUrl || "https://xjnhhxwxovjifdxdwzih.supabase.co"
+		);
+
 		try {
 			logger.info(`Fetching tool: ${name}${version ? `@${version}` : ""}`);
 
-			const response = await this.apiClient.getTool(name);
+			const response = await apiClient.getTool(name);
 
 			if (!response) {
 				logger.info(`Tool not found: ${name}`);
 				return null;
 			}
 
-			// Parse tool from response
+			// Parse tool from response - prefer raw_content for signature compatibility
 			let tool: EnactTool;
 
-			if (response.content && typeof response.content === "string") {
-				tool = yaml.parse(response.content);
-			} else if (
-				response.raw_content &&
-				typeof response.raw_content === "string"
-			) {
+			// Try raw_content first (contains original tool definition with correct field names for signatures)
+			if (response.raw_content && typeof response.raw_content === "string") {
 				try {
 					tool = JSON.parse(response.raw_content);
 				} catch {
 					tool = yaml.parse(response.raw_content);
 				}
 
+				// Merge signature information from response if not already in raw content
+				if (!tool.signature && response.signature) {
+					tool.signature = response.signature;
+				}
+				if (!tool.signatures && response.signatures) {
+					// Convert object format to array format
+					if (Array.isArray(response.signatures)) {
+						tool.signatures = response.signatures;
+					} else {
+						// Convert object format {keyId: signatureData} to array format
+						tool.signatures = Object.values(response.signatures);
+					}
+				}
+			} else if (response.content && typeof response.content === "string") {
+				tool = yaml.parse(response.content);
+				
 				// Merge signature information
-				if (response.signature || response.signatures) {
+				if (!tool.signature && response.signature) {
 					tool.signature = response.signature;
-					tool.signatures = response.signatures;
+				}
+				if (!tool.signatures && response.signatures) {
+					// Convert object format to array format
+					if (Array.isArray(response.signatures)) {
+						tool.signatures = response.signatures;
+					} else {
+						// Convert object format {keyId: signatureData} to array format
+						tool.signatures = Object.values(response.signatures);
+					}
 				}
 			} else {
-				// Map database fields to tool format
+				// Fallback: map database fields to tool format (may cause signature verification issues)
 				tool = {
 					name: response.name,
 					description: response.description,
@@ -280,7 +313,7 @@ export class EnactCore {
 					env: response.env_vars || response.env,
 					resources: response.resources,
 					signature: response.signature,
-					signatures: response.signatures,
+					signatures: response.signatures ? (Array.isArray(response.signatures) ? response.signatures : Object.values(response.signatures)) : undefined,
 					namespace: response.namespace,
 				};
 			}
@@ -300,6 +333,16 @@ export class EnactCore {
 		}
 	}
 
+	/**
+	 * Instance method wrapper for backward compatibility
+	 */
+	async getToolByName(
+		name: string,
+		version?: string,
+	): Promise<EnactTool | null> {
+		return EnactCore.getToolByName(name, version, this.options);
+	}
+
 	/**
 	 * Execute a tool by name
 	 */
@@ -349,6 +392,69 @@ export class EnactCore {
 		}
 	}
 
+private async verifyTool(tool: EnactTool, dangerouslySkipVerification: boolean = false): Promise<void> {
+    if (dangerouslySkipVerification) {
+        logger.warn(`Skipping signature verification for tool: ${tool.name}`);
+        return;
+    }
+
+    try {
+		if (!tool.signatures || tool.signatures.length === 0) {
+			throw new Error(`Tool ${tool.name} does not have any signatures`);
+		}
+		const documentForVerification = {
+			command: tool.command
+		};
+
+       	const referenceSignature = {
+				signature: tool.signatures[0].value,
+				publicKey: tool.signatures[0].signer,
+				algorithm: tool.signatures[0].algorithm,
+				timestamp: new Date(tool.signatures[0].created).getTime()
+			};
+
+        
+        // Check what canonical document looks like
+        const canonicalDoc = SigningService.getCanonicalDocument(documentForVerification, { includeFields: ['command'] });
+        // console.log("Canonical document:", JSON.stringify(canonicalDoc));
+        
+        const docString = JSON.stringify(canonicalDoc);
+        const messageHash = CryptoUtils.hash(docString);
+        // console.log("Document string:", docString);
+        // console.log("Message hash:", messageHash);
+        
+        // Test direct crypto verification
+        const directVerify = CryptoUtils.verify(
+            referenceSignature.publicKey,
+            messageHash,
+            referenceSignature.signature
+        );
+        console.log("Direct crypto verification result:", directVerify);
+        
+        // Check trusted keys
+        const trustedKeys = KeyManager.getAllTrustedPublicKeys();
+        console.log("Trusted keys:", trustedKeys);
+        console.log("Is our public key trusted?", trustedKeys.includes(referenceSignature.publicKey));
+
+        const isValid = SigningService.verifyDocument(
+            documentForVerification,
+            referenceSignature,
+            { includeFields: ['command'] }
+        );
+        
+        console.log("Final verification result:", isValid);
+
+        if (!isValid) {
+            throw new Error(`Tool ${tool.name} has invalid signatures`);
+        }
+
+        logger.info(`Tool ${tool.name} signature verification passed`);
+    } catch (error) {
+        logger.error(`Signature verification failed for tool ${tool.name}:`, error);
+        throw new Error(`Signature verification failed: ${error instanceof Error ? error.message : String(error)}`);
+    }
+}
+
 	/**
 	 * Execute a tool directly
 	 */
@@ -365,153 +471,50 @@ export class EnactCore {
 			// Validate tool structure
 			validateToolStructure(tool);
 
-			// MANDATORY SIGNATURE VERIFICATION - All tools must be verified before execution
-			const verificationResult = await enforceSignatureVerification(tool, {
-				skipVerification: options.skipVerification,
-				verifyPolicy: options.verifyPolicy,
-				force: options.force,
-				allowUnsigned: false, // Never allow unsigned tools in production
-			});
-
-			// Log security audit information
-			logSecurityAudit(tool, verificationResult, verificationResult.allowed, {
-				skipVerification: options.skipVerification,
-				verifyPolicy: options.verifyPolicy,
-				force: options.force,
-			});
-
-			// Block execution if verification fails
-			if (!verificationResult.allowed) {
-				return createVerificationFailureResult(
-					tool,
-					verificationResult,
-					executionId,
-				);
-			}
-
 			// Validate inputs
 			const validatedInputs = validateInputs(tool, inputs);
-
-			// Check command safety
-			const safetyCheck = verifyCommandSafety(tool.command, tool);
-			if (!safetyCheck.isSafe && !options.force) {
-				return {
-					success: false,
-					error: {
-						message: `Unsafe command blocked: ${safetyCheck.blocked?.join(", ")}`,
-						code: "COMMAND_UNSAFE",
-						details: safetyCheck,
-					},
-					metadata: {
-						executionId,
-						toolName: tool.name,
-						version: tool.version,
-						executedAt: new Date().toISOString(),
-						environment: "direct",
-						command: tool.command,
-					},
-				};
+			const config = SecurityConfigManager.loadConfig(); 
+		
+			if( options.isLocalFile && config.allowLocalUnsigned){
+				logger.warn(`Executing local file without signature verification: ${tool.name} (you can disallow in your security config)`);
 			}
-
-			// Log warnings
-			if (safetyCheck.warnings.length > 0) {
-				safetyCheck.warnings.forEach((warning: string) => logger.warn(warning));
+			if( options.dangerouslySkipVerification) {
+				logger.warn(`Skipping signature verification for tool: ${tool.name} because of dangerouslySkipVerification option`);
 			}
+			const skipVerification = (options.isLocalFile && config.allowLocalUnsigned) || Boolean(options.dangerouslySkipVerification);
+			// Verify tool signatures (unless explicitly skipped)
+			await this.verifyTool(tool, skipVerification);
 
-			// Dry run - just validate and return
-			if (options.dryRun) {
-				return {
-					success: true,
-					output: {
-						dryRun: true,
-						tool: tool.name,
-						command: tool.command,
-						inputs: validatedInputs,
-						safetyCheck,
-					},
-					metadata: {
-						executionId,
-						toolName: tool.name,
-						version: tool.version,
-						executedAt: new Date().toISOString(),
-						environment: "direct",
-						command: tool.command,
-					},
-				};
-			}
-
-			// Setup execution environment
-			// Load package environment variables from .env files
-			const envResult = await resolveToolEnvironmentVariables(
-				tool.name,
-				tool.env,
-			);
-
-			// Log any missing required environment variables
-			if (envResult.missing.length > 0) {
-				logger.warn(
-					`Missing required environment variables: ${envResult.missing.join(", ")}`,
-				);
-			}
-
-			const environment: ExecutionEnvironment = {
-				vars: {
-					...envResult.resolved,
-					...sanitizeEnvironmentVariables(validatedInputs),
-				},
-				resources: tool.resources,
-				namespace: tool.namespace,
-			};
+			// Resolve environment variables
+			const { resolved: envVars } =
+				await resolveToolEnvironmentVariables(tool.name, tool.env || {});
 
-			// Setup execution provider
-			await this.executionProvider.setup(tool);
 
-			// Execute the tool
-			const result = await this.executionProvider.execute(
+			// Execute the tool via the execution provider
+			return await this.executionProvider.execute(
 				tool,
-				validatedInputs,
-				environment,
-			);
-
-			// Validate output if schema is provided
-			if (result.success && result.output && tool.outputSchema) {
-				try {
-					result.output = validateOutput(tool, result.output);
-				} catch (error) {
-					logger.warn(`Output validation failed: ${(error as Error).message}`);
-				}
-			}
-
-			logger.info(
-				`Tool execution completed: ${tool.name} (success: ${result.success})`,
+				{ ...validatedInputs, ...envVars },
+				{
+					vars: { ...envVars, ...validatedInputs },
+					resources: {
+						timeout: options.timeout || tool.timeout || this.options.defaultTimeout,
+					},
+				},
 			);
-			return result;
 		} catch (error) {
-			logger.error(`Error executing tool: ${(error as Error).message}`);
-
 			return {
 				success: false,
 				error: {
 					message: (error as Error).message,
 					code: "EXECUTION_ERROR",
-					details: error,
 				},
 				metadata: {
 					executionId,
 					toolName: tool.name,
-					version: tool.version,
 					executedAt: new Date().toISOString(),
 					environment: "direct",
-					command: tool.command,
 				},
 			};
-		} finally {
-			// Cleanup
-			try {
-				await this.executionProvider.cleanup();
-			} catch (cleanupError) {
-				logger.error("Error during cleanup:", cleanupError);
-			}
 		}
 	}
 
@@ -562,100 +565,27 @@ export class EnactCore {
 		}
 	}
 
+
 	/**
-	 * Verify a tool's signature
+	 * Static method to check if a tool exists
 	 */
-	async verifyTool(
+	static async toolExists(
 		name: string,
-		policy?: string,
-	): Promise<{
-		verified: boolean;
-		signatures: any[];
-		policy: string;
-		errors?: string[];
-	}> {
+		coreOptions: Pick<EnactCoreOptions, 'apiUrl' | 'supabaseUrl'> = {}
+	): Promise<boolean> {
 		try {
-			const tool = await this.getToolByName(name);
-
-			if (!tool) {
-				return {
-					verified: false,
-					signatures: [],
-					policy: policy || "permissive",
-					errors: [`Tool not found: ${name}`],
-				};
-			}
-
-			// Load public key from keys/file-public.pem
-			let publicKey: string | undefined;
-			try {
-				const keyPath = path.resolve(__dirname, "../../keys/file-public.pem");
-				publicKey = fs.readFileSync(keyPath, "utf8");
-			} catch (e) {
-				logger.warn("Could not load public key for signature verification:", e);
-			}
-			if (!publicKey) {
-				return {
-					verified: false,
-					signatures: [],
-					policy: policy || "permissive",
-					errors: ["Public key not found for signature verification"],
-				};
-			}
-			const policyKey = (policy || "permissive").toUpperCase() as
-				| "PERMISSIVE"
-				| "ENTERPRISE"
-				| "PARANOID";
-			const policyObj = VERIFICATION_POLICIES[policyKey];
-			const verificationResult = await verifyToolSignatureWithPolicy(
-				tool,
-				policyObj,
-			);
-
-			if (!verificationResult.isValid) {
-				return {
-					verified: false,
-					signatures: [],
-					policy: policy || "permissive",
-					errors: verificationResult.errors,
-				};
-			}
-
-			const signatures: any[] = [];
-
-			if (tool.signature) {
-				signatures.push(tool.signature);
-			}
-
-			if (tool.signatures) {
-				signatures.push(...Object.values(tool.signatures));
-			}
-
-			return {
-				verified: verificationResult.isValid,
-				signatures,
-				policy: policy || "permissive",
-			};
+			const tool = await EnactCore.getToolByName(name, undefined, coreOptions);
+			return tool !== null;
 		} catch (error) {
-			return {
-				verified: false,
-				signatures: [],
-				policy: policy || "permissive",
-				errors: [`Verification error: ${(error as Error).message}`],
-			};
+			return false;
 		}
 	}
 
 	/**
-	 * Check if a tool exists
+	 * Instance method wrapper for backward compatibility
 	 */
 	async toolExists(name: string): Promise<boolean> {
-		try {
-			const tool = await this.getToolByName(name);
-			return tool !== null;
-		} catch (error) {
-			return false;
-		}
+		return EnactCore.toolExists(name, this.options);
 	}
 
 	/**
@@ -665,11 +595,11 @@ export class EnactCore {
 		tags: string[],
 		limit: number = 20,
 	): Promise<EnactTool[]> {
-		return this.searchTools({
+		return EnactCore.searchTools({
 			query: tags.join(" "),
 			tags,
 			limit,
-		});
+		}, this.options);
 	}
 
 	/**
@@ -679,33 +609,39 @@ export class EnactCore {
 		author: string,
 		limit: number = 20,
 	): Promise<EnactTool[]> {
-		return this.searchTools({
+		return EnactCore.searchTools({
 			query: `author:${author}`,
 			author,
 			limit,
-		});
+		}, this.options);
 	}
 
 	/**
-	 * Get all tools with filters
+	 * Static method to get all tools with filters
 	 */
-	async getTools(
+	static async getTools(
 		options: {
 			limit?: number;
 			offset?: number;
 			tags?: string[];
 			author?: string;
 		} = {},
+		coreOptions: Pick<EnactCoreOptions, 'apiUrl' | 'supabaseUrl'> = {}
 	): Promise<EnactTool[]> {
+		const apiClient = new EnactApiClient(
+			coreOptions.apiUrl || "https://enact.tools",
+			coreOptions.supabaseUrl || "https://xjnhhxwxovjifdxdwzih.supabase.co"
+		);
+
 		try {
-			const apiResults = await this.apiClient.getTools(options);
+			const apiResults = await apiClient.getTools(options);
 
 			// Parse and validate results
 			const tools: EnactTool[] = [];
 			for (const result of apiResults) {
 				if (result.name) {
 					try {
-						const tool = await this.getToolByName(result.name);
+						const tool = await EnactCore.getToolByName(result.name, undefined, coreOptions);
 						if (tool) {
 							tools.push(tool);
 						}
@@ -724,6 +660,20 @@ export class EnactCore {
 		}
 	}
 
+	/**
+	 * Instance method wrapper for backward compatibility
+	 */
+	async getTools(
+		options: {
+			limit?: number;
+			offset?: number;
+			tags?: string[];
+			author?: string;
+		} = {},
+	): Promise<EnactTool[]> {
+		return EnactCore.getTools(options, this.options);
+	}
+
 	/**
 	 * Get authentication status (placeholder - would need actual auth implementation)
 	 */
@@ -741,22 +691,22 @@ export class EnactCore {
 	}
 
 	/**
-	 * Publish a tool (requires authentication)
+	 * Static method to publish a tool
 	 */
-	async publishTool(
+	static async publishTool(
 		tool: EnactTool,
+		authToken: string,
+		coreOptions: Pick<EnactCoreOptions, 'apiUrl' | 'supabaseUrl'> = {}
 	): Promise<{ success: boolean; message: string }> {
-		if (!this.options.authToken) {
-			return {
-				success: false,
-				message: "Authentication required to publish tools",
-			};
-		}
+		const apiClient = new EnactApiClient(
+			coreOptions.apiUrl || "https://enact.tools",
+			coreOptions.supabaseUrl || "https://xjnhhxwxovjifdxdwzih.supabase.co"
+		);
 
 		try {
 			validateToolStructure(tool);
 
-			await this.apiClient.publishTool(tool, this.options.authToken);
+			await apiClient.publishTool(tool, authToken);
 
 			return {
 				success: true,
@@ -770,11 +720,27 @@ export class EnactCore {
 		}
 	}
 
+	/**
+	 * Instance method wrapper for backward compatibility
+	 */
+	async publishTool(
+		tool: EnactTool,
+	): Promise<{ success: boolean; message: string }> {
+		if (!this.options.authToken) {
+			return {
+				success: false,
+				message: "Authentication required to publish tools",
+			};
+		}
+
+		return EnactCore.publishTool(tool, this.options.authToken, this.options);
+	}
+
 	/**
 	 * Get tool information (alias for getToolByName for consistency)
 	 */
 	async getToolInfo(name: string, version?: string): Promise<EnactTool | null> {
-		return this.getToolByName(name, version);
+		return EnactCore.getToolByName(name, version, this.options);
 	}
 
 	/**
@@ -783,7 +749,6 @@ export class EnactCore {
 	async getStatus(): Promise<{
 		executionProvider: string;
 		apiUrl: string;
-		verificationPolicy: string;
 		defaultTimeout: string;
 		authenticated: boolean;
 	}> {
@@ -792,7 +757,6 @@ export class EnactCore {
 		return {
 			executionProvider: this.options.executionProvider || "direct",
 			apiUrl: this.options.apiUrl || "https://enact.tools",
-			verificationPolicy: this.options.verificationPolicy || "permissive",
 			defaultTimeout: this.options.defaultTimeout || "30s",
 			authenticated: authStatus.authenticated,
 		};
@@ -829,5 +793,4 @@ export class EnactCore {
 	}
 }
 
-// Export a default instance
-export const enactCore = new EnactCore();
+// No default instance to avoid eager initialization of Dagger