@kya-os/create-mcpi-app 1.4.4 → 1.6.0

package/dist/helpers/fetch-cloudflare-mcpi-template.js

@@ -21,6 +21,8 @@ export async function fetchCloudflareMcpiTemplate(projectPath, options = {}) {
             version: "0.1.0",
             private: true,
             scripts: {
+                setup: "node scripts/setup.js",
+                postinstall: "npm run setup",
                 deploy: "wrangler deploy",
                 dev: "wrangler dev",
                 start: "wrangler dev",
@@ -46,9 +48,12 @@ export async function fetchCloudflareMcpiTemplate(projectPath, options = {}) {
                 "kv:setup": "echo 'KV Commands: kv:create (create all), kv:list (list all), kv:keys-* (view keys), kv:delete (delete all), kv:reset (delete+recreate)'",
                 "cf-typegen": "wrangler types",
                 "type-check": "tsc --noEmit",
+                test: "vitest",
+                "test:watch": "vitest --watch",
+                "test:coverage": "vitest run --coverage",
             },
             dependencies: {
-                "@kya-os/mcp-i-cloudflare": "^1.3.0",
+                "@kya-os/mcp-i-cloudflare": "^1.3.2",
                 "@modelcontextprotocol/sdk": "^1.19.1",
                 "agents": "^0.2.8",
                 "hono": "^4.9.10",
@@ -56,7 +61,10 @@ export async function fetchCloudflareMcpiTemplate(projectPath, options = {}) {
             },
             devDependencies: {
                 "@cloudflare/workers-types": "^4.20240925.0",
+                "@vitest/coverage-v8": "^3.2.4",
+                "miniflare": "^3.0.0",
                 "typescript": "^5.6.2",
+                "vitest": "^3.2.4",
                 "wrangler": "^4.42.2",
             },
         };
@@ -66,6 +74,500 @@ export async function fetchCloudflareMcpiTemplate(projectPath, options = {}) {
         const srcDir = path.join(projectPath, "src");
         const toolsDir = path.join(srcDir, "tools");
         fs.ensureDirSync(toolsDir);
+        // Create scripts directory
+        const scriptsDir = path.join(projectPath, "scripts");
+        fs.ensureDirSync(scriptsDir);
+        // Create setup.js automation script
+        const setupScriptContent = `#!/usr/bin/env node
+
+/**
+ * Automated Setup Script for ${projectName}
+ *
+ * This script automates the tedious process of:
+ * 1. Checking/installing wrangler
+ * 2. Creating KV namespaces
+ * 3. Extracting namespace IDs
+ * 4. Updating wrangler.toml automatically
+ * 5. Setting up local development environment
+ */
+
+const { execSync } = require('child_process');
+const fs = require('fs');
+const path = require('path');
+const readline = require('readline');
+
+const rl = readline.createInterface({
+  input: process.stdin,
+  output: process.stdout
+});
+
+// Colors for terminal output
+const colors = {
+  reset: '\\x1b[0m',
+  bright: '\\x1b[1m',
+  green: '\\x1b[32m',
+  yellow: '\\x1b[33m',
+  blue: '\\x1b[36m',
+  red: '\\x1b[31m'
+};
+
+function log(message, color = colors.reset) {
+  console.log(color + message + colors.reset);
+}
+
+async function setup() {
+  log('\\n🚀 Starting automated setup for ${projectName}...\\n', colors.bright + colors.blue);
+
+  // 1. Check wrangler installation
+  try {
+    const wranglerVersion = execSync('wrangler --version', { encoding: 'utf-8' });
+    log('✅ Wrangler CLI detected: ' + wranglerVersion.trim(), colors.green);
+  } catch {
+    log('📦 Wrangler CLI not found. Installing...', colors.yellow);
+    try {
+      execSync('npm install -g wrangler', { stdio: 'inherit' });
+      log('✅ Wrangler CLI installed successfully', colors.green);
+    } catch (error) {
+      log('❌ Failed to install Wrangler. Please install manually: npm install -g wrangler', colors.red);
+      process.exit(1);
+    }
+  }
+
+  // 2. Check if user is logged in to Cloudflare
+  try {
+    execSync('wrangler whoami', { encoding: 'utf-8' });
+    log('✅ Logged in to Cloudflare', colors.green);
+  } catch {
+    log('🔑 Please log in to Cloudflare:', colors.yellow);
+    try {
+      execSync('wrangler login', { stdio: 'inherit' });
+    } catch (error) {
+      log('❌ Login failed. Please run: wrangler login', colors.red);
+      process.exit(1);
+    }
+  }
+
+  // 3. Create KV namespaces
+  log('\\n📚 Creating KV namespaces...\\n', colors.bright);
+
+  const namespaces = [
+    { binding: '${className.toUpperCase()}_NONCE_CACHE', name: 'Nonce Cache', purpose: 'Replay attack prevention' },
+    { binding: '${className.toUpperCase()}_PROOF_ARCHIVE', name: 'Proof Archive', purpose: 'Cryptographic proof storage' },
+    { binding: '${className.toUpperCase()}_IDENTITY_STORAGE', name: 'Identity Storage', purpose: 'Agent identity persistence' },
+    { binding: '${className.toUpperCase()}_DELEGATION_STORAGE', name: 'Delegation Storage', purpose: 'OAuth token storage' },
+    { binding: '${className.toUpperCase()}_TOOL_PROTECTION_KV', name: 'Tool Protection', purpose: 'Permission caching' }
+  ];
+
+  const kvIds = {};
+  const wranglerTomlPath = path.join(__dirname, '..', 'wrangler.toml');
+
+  for (const ns of namespaces) {
+    log(\`Creating \${ns.name} (\${ns.purpose})...\`, colors.blue);
+
+    try {
+      // Create the namespace
+      const output = execSync(\`wrangler kv namespace create "\${ns.binding}"\`, { encoding: 'utf-8' });
+
+      // Extract the ID from output
+      const idMatch = output.match(/id = "([^"]+)"/);
+
+      if (idMatch && idMatch[1]) {
+        kvIds[ns.binding] = idMatch[1];
+        log(\`  ✅ Created with ID: \${idMatch[1]}\`, colors.green);
+      } else {
+        // Try to get existing namespace
+        const listOutput = execSync('wrangler kv namespace list', { encoding: 'utf-8' });
+        const existingMatch = listOutput.match(new RegExp(\`\${ns.binding}.*?id":\\s*"([^"]+)"\`));
+
+        if (existingMatch && existingMatch[1]) {
+          kvIds[ns.binding] = existingMatch[1];
+          log(\`  ⚠️  Namespace already exists with ID: \${existingMatch[1]}\`, colors.yellow);
+        } else {
+          log(\`  ⚠️  Could not extract ID for \${ns.binding}. You may need to add it manually.\`, colors.yellow);
+        }
+      }
+    } catch (error) {
+      // Check if namespace already exists
+      try {
+        const listOutput = execSync('wrangler kv namespace list', { encoding: 'utf-8' });
+        const existingMatch = listOutput.match(new RegExp(\`\${ns.binding}.*?id":\\s*"([^"]+)"\`));
+
+        if (existingMatch && existingMatch[1]) {
+          kvIds[ns.binding] = existingMatch[1];
+          log(\`  ⚠️  Namespace already exists with ID: \${existingMatch[1]}\`, colors.yellow);
+        } else {
+          log(\`  ❌ Failed to create \${ns.binding}: \${error.message}\`, colors.red);
+        }
+      } catch (listError) {
+        log(\`  ❌ Failed to create or find \${ns.binding}\`, colors.red);
+      }
+    }
+  }
+
+  // 4. Update wrangler.toml with KV IDs
+  if (Object.keys(kvIds).length > 0) {
+    log('\\n📝 Updating wrangler.toml with KV namespace IDs...\\n', colors.bright);
+
+    try {
+      let wranglerContent = fs.readFileSync(wranglerTomlPath, 'utf-8');
+      let updatedCount = 0;
+
+      for (const [binding, id] of Object.entries(kvIds)) {
+        // Match pattern: binding = "BINDING_NAME"\\nid = ""
+        const pattern = new RegExp(\`(binding = "\${binding}")\\\\s*\\\\nid = ""\`, 'g');
+        const replacement = \`$1\\nid = "\${id}"\`;
+
+        const newContent = wranglerContent.replace(pattern, replacement);
+        if (newContent !== wranglerContent) {
+          updatedCount++;
+          log(\`  ✅ Updated \${binding} with ID: \${id}\`, colors.green);
+        }
+        wranglerContent = newContent;
+      }
+
+      fs.writeFileSync(wranglerTomlPath, wranglerContent);
+      log(\`\\n✅ Updated \${updatedCount} namespace ID(s) in wrangler.toml\`, colors.green);
+
+      // Show remaining empty IDs if any
+      const emptyMatches = wranglerContent.match(/binding = "[^"]+"\s*\nid = ""/g);
+      if (emptyMatches) {
+        log('\\n⚠️  Some namespace IDs still need to be added manually:', colors.yellow);
+        emptyMatches.forEach(match => {
+          const bindingMatch = match.match(/binding = "([^"]+)"/);
+          if (bindingMatch) {
+            log(\`  - \${bindingMatch[1]}\`, colors.yellow);
+          }
+        });
+      }
+    } catch (error) {
+      log(\`❌ Failed to update wrangler.toml: \${error.message}\`, colors.red);
+    }
+  }
+
+  // 5. Create .dev.vars from example if it doesn't exist
+  const devVarsPath = path.join(__dirname, '..', '.dev.vars');
+  const devVarsExamplePath = path.join(__dirname, '..', '.dev.vars.example');
+
+  if (!fs.existsSync(devVarsPath) && fs.existsSync(devVarsExamplePath)) {
+    log('\\n📋 Creating .dev.vars from example...', colors.blue);
+    fs.copyFileSync(devVarsExamplePath, devVarsPath);
+    log('✅ Created .dev.vars - Please update with your values', colors.green);
+  }
+
+  // 6. Check if identity needs to be generated
+  if (fs.existsSync(devVarsPath)) {
+    const devVarsContent = fs.readFileSync(devVarsPath, 'utf-8');
+    if (devVarsContent.includes('your-private-key-here')) {
+      log('\\n🔑 Generating agent identity...', colors.blue);
+      try {
+        execSync('npx @kya-os/create-mcpi-app regenerate-identity', { stdio: 'inherit' });
+        log('✅ Identity generated successfully', colors.green);
+      } catch {
+        log('⚠️  Could not generate identity automatically. Run: npx @kya-os/create-mcpi-app regenerate-identity', colors.yellow);
+      }
+    }
+  }
+
+  // 7. Show next steps
+  log('\\n✨ Setup complete! Next steps:\\n', colors.bright + colors.green);
+  log('1. Review .dev.vars and add any missing values (AgentShield API key, etc.)', colors.blue);
+  log('2. Start development server: npm run dev', colors.blue);
+  log('3. Deploy to production: npm run deploy', colors.blue);
+  log('\\nUseful commands:', colors.bright);
+  log('  npm run dev                    - Start local development server');
+  log('  npm run deploy                 - Deploy to Cloudflare Workers');
+  log('  npm run kv:list                - List all KV namespaces');
+  log('  wrangler secret put <KEY>      - Set production secrets');
+  log('\\nFor more information, see the README.md file.\\n');
+
+  rl.close();
+}
+
+// Handle errors gracefully
+process.on('unhandledRejection', (error) => {
+  log(\`\\n❌ Setup failed: \${error.message}\`, colors.red);
+  process.exit(1);
+});
+
+// Run the setup
+setup().catch((error) => {
+  log(\`\\n❌ Setup failed: \${error.message}\`, colors.red);
+  process.exit(1);
+});
+`;
+        fs.writeFileSync(path.join(scriptsDir, "setup.js"), setupScriptContent);
+        // Make setup script executable
+        if (process.platform !== 'win32') {
+            fs.chmodSync(path.join(scriptsDir, "setup.js"), '755');
+        }
+        // Create tests directory
+        const testsDir = path.join(projectPath, "tests");
+        fs.ensureDirSync(testsDir);
+        // Create delegation test file
+        const delegationTestContent = `import { describe, test, expect, vi, beforeEach } from 'vitest';
+
+/**
+ * Delegation Management Tests
+ * Tests delegation verification, caching, and invalidation
+ */
+describe('Delegation Management', () => {
+  const mockDelegationStorage = {
+    get: vi.fn(),
+    put: vi.fn(),
+    delete: vi.fn()
+  };
+
+  const mockVerificationCache = {
+    get: vi.fn(),
+    put: vi.fn(),
+    delete: vi.fn()
+  };
+
+  const mockEnv = {
+    ${className.toUpperCase()}_DELEGATION_STORAGE: mockDelegationStorage,
+    TOOL_PROTECTION_KV: mockVerificationCache,
+    AGENTSHIELD_API_KEY: 'test-key',
+    AGENTSHIELD_API_URL: 'https://test.agentshield.ai'
+  };
+
+  beforeEach(() => {
+    vi.clearAllMocks();
+    global.fetch = vi.fn();
+  });
+
+  test('should verify delegation token with AgentShield API', async () => {
+    const token = 'test-delegation-token';
+
+    // Mock verification cache miss
+    mockVerificationCache.get.mockResolvedValueOnce(null);
+
+    // Mock API success
+    global.fetch = vi.fn().mockResolvedValueOnce({
+      ok: true
+    });
+
+    // Test verification would happen here
+    expect(global.fetch).toHaveBeenCalledWith(
+      expect.stringContaining('/api/v1/bouncer/delegations/verify'),
+      expect.objectContaining({
+        method: 'POST',
+        body: JSON.stringify({ token })
+      })
+    );
+  });
+
+  test('should use 5-minute cache TTL for delegations', async () => {
+    const token = 'test-token';
+    const sessionId = 'test-session';
+
+    await mockDelegationStorage.put(
+      \`session:\${sessionId}\`,
+      token,
+      { expirationTtl: 300 } // 5 minutes
+    );
+
+    expect(mockDelegationStorage.put).toHaveBeenCalledWith(
+      expect.any(String),
+      token,
+      { expirationTtl: 300 }
+    );
+  });
+
+  test('should invalidate cache on revocation', async () => {
+    const sessionId = 'revoked-session';
+    const token = 'revoked-token';
+
+    // Test invalidation
+    await Promise.all([
+      mockDelegationStorage.delete(\`session:\${sessionId}\`),
+      mockVerificationCache.delete(\`verified:\${token.substring(0, 16)}\`)
+    ]);
+
+    expect(mockDelegationStorage.delete).toHaveBeenCalled();
+    expect(mockVerificationCache.delete).toHaveBeenCalled();
+  });
+});
+`;
+        fs.writeFileSync(path.join(testsDir, "delegation.test.ts"), delegationTestContent);
+        // Create DO routing test file
+        const doRoutingTestContent = `import { describe, test, expect } from 'vitest';
+
+/**
+ * Durable Object Routing Tests
+ * Tests multi-instance DO routing for horizontal scaling
+ */
+describe('DO Multi-Instance Routing', () => {
+
+  function getDoInstanceId(request: Request, env: any): string {
+    const strategy = env.DO_ROUTING_STRATEGY || 'session';
+    const headers = request.headers;
+
+    switch (strategy) {
+      case 'session': {
+        const sessionId = headers.get('mcp-session-id') ||
+                         headers.get('Mcp-Session-Id') ||
+                         crypto.randomUUID();
+        return \`session:\${sessionId}\`;
+      }
+
+      case 'shard': {
+        const identifier = headers.get('mcp-session-id') || Math.random().toString();
+        let hash = 0;
+        for (let i = 0; i < identifier.length; i++) {
+          hash = ((hash << 5) - hash) + identifier.charCodeAt(i);
+          hash = hash & hash;
+        }
+        const shardCount = parseInt(env.DO_SHARD_COUNT || '10');
+        const shard = Math.abs(hash) % shardCount;
+        return \`shard:\${shard}\`;
+      }
+
+      default:
+        return 'default';
+    }
+  }
+
+  test('should route to different instances for different sessions', () => {
+    const env = { DO_ROUTING_STRATEGY: 'session' };
+
+    const req1 = new Request('http://test/mcp', {
+      headers: { 'mcp-session-id': 'session-123' }
+    });
+    const req2 = new Request('http://test/mcp', {
+      headers: { 'mcp-session-id': 'session-456' }
+    });
+
+    const id1 = getDoInstanceId(req1, env);
+    const id2 = getDoInstanceId(req2, env);
+
+    expect(id1).toBe('session:session-123');
+    expect(id2).toBe('session:session-456');
+    expect(id1).not.toBe(id2);
+  });
+
+  test('should distribute load across shards', () => {
+    const env = {
+      DO_ROUTING_STRATEGY: 'shard',
+      DO_SHARD_COUNT: '10'
+    };
+
+    const distribution = new Map<string, number>();
+
+    // Generate 100 requests
+    for (let i = 0; i < 100; i++) {
+      const req = new Request('http://test/mcp', {
+        headers: { 'mcp-session-id': \`session-\${i}\` }
+      });
+
+      const instanceId = getDoInstanceId(req, env);
+      const shard = instanceId.split(':')[1];
+
+      distribution.set(shard, (distribution.get(shard) || 0) + 1);
+    }
+
+    // Should use multiple shards
+    expect(distribution.size).toBeGreaterThan(5);
+  });
+});
+`;
+        fs.writeFileSync(path.join(testsDir, "do-routing.test.ts"), doRoutingTestContent);
+        // Create security test file
+        const securityTestContent = `import { describe, test, expect } from 'vitest';
+
+/**
+ * Security Tests
+ * Tests CORS configuration and API key handling
+ */
+describe('Security Configuration', () => {
+
+  function getCorsOrigin(requestOrigin: string | null, env: any): string | null {
+    const allowedOrigins = env.ALLOWED_ORIGINS?.split(',').map((o: string) => o.trim()) || [
+      'https://claude.ai',
+      'https://app.anthropic.com'
+    ];
+
+    if (env.MCPI_ENV !== 'production' && !allowedOrigins.includes('http://localhost:3000')) {
+      allowedOrigins.push('http://localhost:3000');
+    }
+
+    const origin = requestOrigin || '';
+    const isAllowed = allowedOrigins.includes(origin);
+
+    return isAllowed ? origin : allowedOrigins[0];
+  }
+
+  test('should allow Claude.ai by default', () => {
+    const env = {};
+    const origin = 'https://claude.ai';
+    const result = getCorsOrigin(origin, env);
+
+    expect(result).toBe(origin);
+  });
+
+  test('should reject unauthorized origins', () => {
+    const env = { MCPI_ENV: 'production' };
+    const origin = 'https://evil.com';
+    const result = getCorsOrigin(origin, env);
+
+    expect(result).toBe('https://claude.ai');
+    expect(result).not.toBe(origin);
+  });
+
+  test('should not expose API keys in wrangler.toml', () => {
+    // This test validates that API keys are only in .dev.vars
+    const wranglerContent = \`
+      [vars]
+      AGENTSHIELD_API_URL = "https://kya.vouched.id"
+      # AGENTSHIELD_API_KEY - Set securely
+    \`;
+
+    expect(wranglerContent).not.toContain('sk_');
+    expect(wranglerContent).toContain('Set securely');
+  });
+
+  test('should use short TTLs for security', () => {
+    const DELEGATION_TTL = 300; // 5 minutes
+    const VERIFICATION_TTL = 60; // 1 minute
+
+    expect(DELEGATION_TTL).toBeLessThanOrEqual(300);
+    expect(VERIFICATION_TTL).toBeLessThanOrEqual(60);
+  });
+});
+`;
+        fs.writeFileSync(path.join(testsDir, "security.test.ts"), securityTestContent);
+        // Create vitest config file
+        const vitestConfigContent = `import { defineConfig } from 'vitest/config';
+
+export default defineConfig({
+  test: {
+    environment: 'miniflare',
+    environmentOptions: {
+      kvNamespaces: [
+        '${className.toUpperCase()}_NONCE_CACHE',
+        '${className.toUpperCase()}_PROOF_ARCHIVE',
+        '${className.toUpperCase()}_IDENTITY_STORAGE',
+        '${className.toUpperCase()}_DELEGATION_STORAGE',
+        '${className.toUpperCase()}_TOOL_PROTECTION_KV'
+      ],
+      durableObjects: {
+        ${className.toUpperCase()}_OBJECT: '${pascalClassName}MCP'
+      }
+    },
+    coverage: {
+      provider: 'v8',
+      reporter: ['text', 'html'],
+      exclude: ['node_modules/', 'tests/', '*.config.ts'],
+      thresholds: {
+        statements: 80,
+        branches: 70,
+        functions: 80,
+        lines: 80
+      }
+    }
+  }
+});
+`;
+        fs.writeFileSync(path.join(projectPath, "vitest.config.ts"), vitestConfigContent);
         // Create greet tool
         const greetToolContent = `import { z } from "zod";
 
@@ -344,6 +846,179 @@ export class ${pascalClassName}MCP extends McpAgent {
     }
   }
 
+  /**
+   * Retrieve delegation token from KV storage
+   * Uses two-tier lookup: session cache (fast) → agent DID (stable)
+   *
+   * @param sessionId - MCP session ID from Claude Desktop
+   * @returns Delegation token if found, null otherwise
+   */
+  private async getDelegationToken(sessionId?: string): Promise<string | null> {
+    const delegationStorage = (this.env as any).${className.toUpperCase()}_DELEGATION_STORAGE;
+
+    if (!delegationStorage) {
+      console.log('[Delegation] No delegation storage configured');
+      return null;
+    }
+
+    try {
+      // Fast path: Try session cache first
+      if (sessionId) {
+        const sessionKey = \`session:\${sessionId}\`;
+        const sessionToken = await delegationStorage.get(sessionKey);
+
+        if (sessionToken) {
+          // Verify token is still valid before returning
+          const isValid = await this.verifyDelegationWithAgentShield(sessionToken);
+          if (isValid) {
+            console.log('[Delegation] ✅ Token retrieved from session cache and verified');
+            return sessionToken;
+          } else {
+            // Token invalid, remove from cache
+            await this.invalidateDelegationCache(sessionId, sessionToken);
+            console.log('[Delegation] ⚠️ Cached token was invalid, removed from cache');
+          }
+        }
+      }
+
+      // Fallback: Try agent DID (stable across session changes)
+      if (this.mcpiRuntime) {
+        const identity = await this.mcpiRuntime.getIdentity();
+        if (identity?.did) {
+          const agentKey = \`agent:\${identity.did}:delegation\`;
+          const agentToken = await delegationStorage.get(agentKey);
+
+          if (agentToken) {
+            // Verify token is still valid before returning
+            const isValid = await this.verifyDelegationWithAgentShield(agentToken);
+            if (isValid) {
+              console.log('[Delegation] ✅ Token retrieved using agent DID and verified');
+
+              // Re-cache for current session (performance optimization)
+              if (sessionId) {
+                const sessionCacheKey = \`session:\${sessionId}\`;
+                await delegationStorage.put(sessionCacheKey, agentToken, {
+                  expirationTtl: 300 // 5 minutes for security (reduced from 30)
+                });
+                console.log('[Delegation] Token cached for session with 5-minute TTL:', sessionId);
+              }
+
+              return agentToken;
+            } else {
+              // Token invalid, remove from cache
+              await this.invalidateDelegationCache(sessionId, agentToken, identity.did);
+              console.log('[Delegation] ⚠️ Agent token was invalid, removed from cache');
+            }
+          }
+        }
+      }
+
+      console.log('[Delegation] No delegation token found');
+      return null;
+    } catch (error) {
+      console.error('[Delegation] Failed to retrieve token:', error);
+      return null;
+    }
+  }
+
+  /**
+   * Verify delegation token with AgentShield API
+   * @param token - Delegation token to verify
+   * @returns True if token is valid, false otherwise
+   */
+  private async verifyDelegationWithAgentShield(token: string): Promise<boolean> {
+    // Check verification cache first (1 minute TTL for verified tokens)
+    const verificationCache = (this.env as any).TOOL_PROTECTION_KV;
+    if (verificationCache) {
+      const cacheKey = \`verified:\${token.substring(0, 16)}\`; // Use prefix to avoid key size issues
+      const cached = await verificationCache.get(cacheKey);
+      if (cached === '1') {
+        console.log('[Delegation] Token verification cached as valid');
+        return true;
+      }
+    }
+
+    try {
+      const agentShieldUrl = (this.env as any).AGENTSHIELD_API_URL || 'https://hobbs.work';
+      const apiKey = (this.env as any).AGENTSHIELD_API_KEY;
+
+      if (!apiKey) {
+        console.warn('[Delegation] No AgentShield API key configured, skipping verification');
+        return true; // Allow in development without API key
+      }
+
+      // Verify with AgentShield API
+      const response = await fetch(\`\${agentShieldUrl}/api/v1/bouncer/delegations/verify\`, {
+        method: 'POST',
+        headers: {
+          'Authorization': \`Bearer \${apiKey}\`,
+          'Content-Type': 'application/json'
+        },
+        body: JSON.stringify({ token })
+      });
+
+      if (response.ok) {
+        // Cache successful verification for 1 minute
+        if (verificationCache) {
+          const cacheKey = \`verified:\${token.substring(0, 16)}\`;
+          await verificationCache.put(cacheKey, '1', {
+            expirationTtl: 60 // 1 minute cache for verified tokens
+          });
+        }
+        console.log('[Delegation] Token verified successfully with AgentShield');
+        return true;
+      }
+
+      if (response.status === 401 || response.status === 403) {
+        console.log('[Delegation] Token verification failed: unauthorized');
+        return false;
+      }
+
+      console.warn('[Delegation] Token verification returned unexpected status:', response.status);
+      return false; // Fail closed for security
+
+    } catch (error) {
+      console.error('[Delegation] Error verifying token with AgentShield:', error);
+      return false; // Fail closed on errors
+    }
+  }
+
+  /**
+   * Invalidate delegation token in all caches
+   * @param sessionId - Session ID to clear
+   * @param token - Token to invalidate
+   * @param agentDid - Agent DID to clear
+   */
+  private async invalidateDelegationCache(sessionId?: string, token?: string, agentDid?: string): Promise<void> {
+    const delegationStorage = (this.env as any).${className.toUpperCase()}_DELEGATION_STORAGE;
+    const verificationCache = (this.env as any).TOOL_PROTECTION_KV;
+
+    if (!delegationStorage) return;
+
+    const deletions: Promise<void>[] = [];
+
+    // Clear session cache
+    if (sessionId) {
+      const sessionKey = \`session:\${sessionId}\`;
+      deletions.push(delegationStorage.delete(sessionKey));
+    }
+
+    // Clear agent cache
+    if (agentDid) {
+      const agentKey = \`agent:\${agentDid}:delegation\`;
+      deletions.push(delegationStorage.delete(agentKey));
+    }
+
+    // Clear verification cache
+    if (token && verificationCache) {
+      const cacheKey = \`verified:\${token.substring(0, 16)}\`;
+      deletions.push(verificationCache.delete(cacheKey));
+    }
+
+    await Promise.all(deletions);
+    console.log('[Delegation] Cache invalidated for revoked/invalid token');
+  }
+
   /**
    * Submit proof to AgentShield API
    * Uses the proof.jws directly (full JWS format from CloudflareRuntime)
@@ -438,14 +1113,30 @@ export class ${pascalClassName}MCP extends McpAgent {
         // Use MCP-I runtime's processToolCall for automatic proof generation
         if (this.mcpiRuntime) {
           try {
-            // Create ephemeral session for stateless Cloudflare Workers
+            // Read MCP session ID from Claude Desktop (via agents framework)
+            let mcpSessionId: string | undefined;
+            try {
+              mcpSessionId = this.getSessionId();
+              console.log('[Delegation] Session ID from agents framework:', mcpSessionId);
+            } catch (error) {
+              console.log('[Delegation] Failed to get session ID from framework:', error);
+              mcpSessionId = undefined;
+            }
+
+            // Retrieve delegation token if available
+            const delegationToken = await this.getDelegationToken(mcpSessionId);
+
+            // Create session with proper ID (use actual session ID when available)
             const timestamp = Date.now();
+            const sessionId = mcpSessionId || \`ephemeral-\${timestamp}-\${Math.random().toString(36).substring(2, 10)}\`;
+
             const session = {
-              id: \`ephemeral-\${timestamp}-\${Math.random().toString(36).substring(2, 10)}\`,
+              id: sessionId,  // Use actual session ID from Claude Desktop
               audience: 'https://kya.vouched.id',  // CRITICAL: Must match AgentShield domain
               agentDid: (await this.mcpiRuntime.getIdentity()).did,
               createdAt: timestamp,
-              expiresAt: timestamp + (30 * 60 * 1000) // 30 minutes
+              expiresAt: timestamp + (30 * 60 * 1000), // 30 minutes
+              delegationToken  // Include delegation token if available
             };
 
             // Execute tool with automatic proof generation
@@ -469,25 +1160,35 @@ export class ${pascalClassName}MCP extends McpAgent {
                 jwsValid: proof.jws.split('.').length === 3
               });
 
-              // Store in KV archive
+              // Parallelize proof operations for better performance
+              const proofOperations: Promise<void>[] = [];
+
+              // Add proof archive operation
               if (this.proofArchive) {
-                try {
-                  await this.proofArchive.store(proof, {
+                proofOperations.push(
+                  this.proofArchive.store(proof, {
                     toolName: greetTool.name
-                  });
-                  console.log('[MCP-I] Proof stored in archive');
-                } catch (archiveError) {
-                  console.error('[MCP-I] Archive error:', archiveError);
-                }
+                  }).then(() => {
+                    console.log('[MCP-I] Proof stored in archive');
+                  }).catch((archiveError: any) => {
+                    console.error('[MCP-I] Archive error:', archiveError);
+                  })
+                );
               }
 
-              // Submit to AgentShield with context
+              // Add AgentShield submission operation
               if (this.agentShieldConfig) {
-                try {
-                  await this.submitProofToAgentShield(proof, session, greetTool.name, args, result);
-                } catch (err: any) {
-                  console.error('[MCP-I] AgentShield failed:', err.message);
-                }
+                proofOperations.push(
+                  this.submitProofToAgentShield(proof, session, greetTool.name, args, result)
+                    .catch((err: any) => {
+                      console.error('[MCP-I] AgentShield failed:', err.message);
+                    })
+                );
+              }
+
+              // Execute all proof operations in parallel for better performance
+              if (proofOperations.length > 0) {
+                await Promise.allSettled(proofOperations);
               }
 
               // Attach proof to result for MCP Inspector
@@ -524,12 +1225,29 @@ export class ${pascalClassName}MCP extends McpAgent {
 
 const app = new Hono();
 
-app.use("/*", cors({
-  origin: "*",
-  allowMethods: ["GET", "POST", "PUT", "DELETE", "OPTIONS"],
-  allowHeaders: ["Content-Type", "Authorization", "mcp-session-id", "mcp-protocol-version"],
-  exposeHeaders: ["mcp-session-id"],
-}));
+// Secure CORS configuration
+app.use("/*", (c, next) => {
+  const allowedOrigins = c.env.ALLOWED_ORIGINS?.split(',').map((o: string) => o.trim()) || [
+    'https://claude.ai',
+    'https://app.anthropic.com'
+  ];
+
+  // Add localhost for development if not in production
+  if (c.env.MCPI_ENV !== 'production' && !allowedOrigins.includes('http://localhost:3000')) {
+    allowedOrigins.push('http://localhost:3000');
+  }
+
+  const origin = c.req.header('Origin') || '';
+  const isAllowed = allowedOrigins.includes(origin);
+
+  return cors({
+    origin: isAllowed ? origin : allowedOrigins[0], // Default to first allowed origin if not matched
+    allowMethods: ["GET", "POST", "PUT", "DELETE", "OPTIONS"],
+    allowHeaders: ["Content-Type", "Authorization", "mcp-session-id", "Mcp-Session-Id", "mcp-protocol-version"],
+    exposeHeaders: ["mcp-session-id", "Mcp-Session-Id"],
+    credentials: true,
+  })(c, next);
+});
 
 app.get("/health", (c) => c.json({
   status: 'healthy',
@@ -663,8 +1381,69 @@ app.get('/oauth/callback', (c) => {
   })(c);
 });
 
-app.mount("/sse", ${pascalClassName}MCP.serveSSE("/sse").fetch, { replaceRequest: false });
-app.mount("/mcp", ${pascalClassName}MCP.serve("/mcp").fetch, { replaceRequest: false });
+/**
+ * Get Durable Object instance ID based on routing strategy
+ * This enables horizontal scaling across multiple DO instances
+ *
+ * @param request - Incoming request
+ * @param env - Environment bindings
+ * @returns Instance ID for DO routing
+ */
+function getDoInstanceId(request: Request, env: any): string {
+  const strategy = env.DO_ROUTING_STRATEGY || 'session';
+  const headers = request.headers;
+
+  switch (strategy) {
+    case 'session': {
+      // MCP Protocol compliant session routing - one DO per session
+      const sessionId = headers.get('mcp-session-id') ||
+                       headers.get('Mcp-Session-Id') ||
+                       crypto.randomUUID();
+      return \`session:\${sessionId}\`;
+    }
+
+    case 'shard': {
+      // Distribute across N shards for high load
+      const identifier = headers.get('mcp-session-id') || Math.random().toString();
+      // Simple hash-based distribution
+      let hash = 0;
+      for (let i = 0; i < identifier.length; i++) {
+        hash = ((hash << 5) - hash) + identifier.charCodeAt(i);
+        hash = hash & hash; // Convert to 32bit integer
+      }
+      const shardCount = parseInt(env.DO_SHARD_COUNT || '10');
+      const shard = Math.abs(hash) % shardCount;
+      return \`shard:\${shard}\`;
+    }
+
+    default:
+      // Fallback to single instance (legacy behavior)
+      return 'default';
+  }
+}
+
+// Multi-instance DO routing for scalability
+// Legacy direct mount (single DO instance - bottleneck):
+// app.mount("/mcp", ${pascalClassName}MCP.serve("/mcp").fetch);
+
+// New scalable routing (multiple DO instances):
+app.all('/sse/*', async (c) => {
+  const instanceId = getDoInstanceId(c.req.raw, c.env);
+  const doId = c.env.MCP_OBJECT.idFromName(instanceId);
+  const stub = c.env.MCP_OBJECT.get(doId);
+
+  console.log(\`[DO Routing] SSE request routed to instance: \${instanceId}\`);
+  return stub.fetch(c.req.raw);
+});
+
+app.all('/mcp/*', async (c) => {
+  const instanceId = getDoInstanceId(c.req.raw, c.env);
+  const doId = c.env.MCP_OBJECT.idFromName(instanceId);
+  const stub = c.env.MCP_OBJECT.get(doId);
+
+  console.log(\`[DO Routing] MCP request routed to instance: \${instanceId}\`);
+  return stub.fetch(c.req.raw);
+});
 
 export default app;
 `;
@@ -759,9 +1538,10 @@ XMCP_I_TS_SKEW_SEC = "120"
 XMCP_I_SESSION_TTL = "1800"
 
 # AgentShield Integration (https://kya.vouched.id)
-# ${apikey ? 'Configure' : 'Uncomment and configure'} these variables to enable proof submission to AgentShield
 AGENTSHIELD_API_URL = "https://kya.vouched.id"
-${apikey ? `AGENTSHIELD_API_KEY = "${apikey}"  # Provided via --apikey flag` : '# AGENTSHIELD_API_KEY = "sk_your_api_key_here"  # Get from https://kya.vouched.id/dashboard'}
+# AGENTSHIELD_API_KEY - Set securely using one of these methods:
+#   Development: Add to .dev.vars file (already configured if --apikey was provided)
+#   Production: wrangler secret put AGENTSHIELD_API_KEY
 MCPI_ENV = "development"
 
 # Optional: MCP Server URL for tool discovery
@@ -778,31 +1558,72 @@ MCPI_ENV = "development"
                 const wranglerPath = path.join(projectPath, "wrangler.toml");
                 let wranglerTomlContent = fs.readFileSync(wranglerPath, "utf8");
                 // Find [vars] section and add identity environment variables
+                // Only add the DID to wrangler.toml (public info, safe to commit)
                 const varsMatch = wranglerTomlContent.match(/\[vars\]/);
                 if (varsMatch) {
                     const insertPosition = varsMatch.index + varsMatch[0].length;
                     const identityVars = `
-# Persistent Identity (generated by create-mcpi-app)
-# SECURITY: For production, use \`wrangler secret put\` instead of storing in wrangler.toml
-# Development: These values work for local testing and dev deployments
+# Agent DID (public identifier - safe to commit)
 MCP_IDENTITY_AGENT_DID = "${identity.did}"
-MCP_IDENTITY_PRIVATE_KEY = "${identity.privateKey}"
-MCP_IDENTITY_PUBLIC_KEY = "${identity.publicKey}"
+
+# ALLOWED_ORIGINS for CORS (update for production)
+ALLOWED_ORIGINS = "https://claude.ai,https://app.anthropic.com"
+
+# DO routing strategy: "session" for dev, "shard" for production high-load
+DO_ROUTING_STRATEGY = "session"
+DO_SHARD_COUNT = "10"  # Number of shards if using shard strategy
 
 `;
                     wranglerTomlContent =
                         wranglerTomlContent.slice(0, insertPosition) +
                             identityVars +
                             wranglerTomlContent.slice(insertPosition);
-                    // Write updated wrangler.toml
+                    // Write updated wrangler.toml (without secrets)
                     fs.writeFileSync(wranglerPath, wranglerTomlContent);
+                    // Create .dev.vars file for local development (git-ignored)
+                    const devVarsPath = path.join(projectPath, ".dev.vars");
+                    const devVarsContent = `# Local development secrets (DO NOT COMMIT)
+# This file is git-ignored and contains sensitive data
+
+# Identity keys (generated by create-mcpi-app)
+MCP_IDENTITY_PRIVATE_KEY="${identity.privateKey}"
+MCP_IDENTITY_PUBLIC_KEY="${identity.publicKey}"
+
+# AgentShield API key (get from https://agentshield.ai)
+AGENTSHIELD_API_KEY="${apikey || ''}"${apikey ? '  # Provided via --apikey flag' : ''}
+
+# Admin API key for protected endpoints
+ADMIN_API_KEY=""
+`;
+                    fs.writeFileSync(devVarsPath, devVarsContent);
+                    // Create .dev.vars.example for reference
+                    const devVarsExamplePath = path.join(projectPath, ".dev.vars.example");
+                    const devVarsExampleContent = `# Copy this file to .dev.vars and fill in your values
+# DO NOT commit .dev.vars to version control
+
+# Identity keys (generate with: npx @kya-os/create-mcpi-app regenerate-identity)
+MCP_IDENTITY_PRIVATE_KEY="your-private-key-here"
+MCP_IDENTITY_PUBLIC_KEY="your-public-key-here"
+
+# AgentShield API key (get from https://agentshield.ai)
+AGENTSHIELD_API_KEY="your-api-key-here"
+
+# Admin API key for protected endpoints
+ADMIN_API_KEY="your-admin-key-here"
+`;
+                    fs.writeFileSync(devVarsExamplePath, devVarsExampleContent);
                     console.log(chalk.green("✅ Generated persistent identity"));
                     console.log(chalk.dim(`   DID: ${identity.did}`));
-                    console.log(chalk.dim(`   Keys stored in wrangler.toml [vars] section`));
+                    console.log(chalk.green("✅ Created secure configuration:"));
+                    console.log(chalk.dim("   • Public DID in wrangler.toml (safe to commit)"));
+                    console.log(chalk.dim("   • Private keys in .dev.vars (git-ignored)"));
+                    console.log(chalk.dim("   • Example template in .dev.vars.example"));
                     console.log();
-                    console.log(chalk.yellow("⚠️  Security Note:"));
-                    console.log(chalk.dim("   For production, move secrets to wrangler using:"));
+                    console.log(chalk.yellow("🔒 Production Security:"));
+                    console.log(chalk.dim("   Set secrets using wrangler (never commit them):"));
                     console.log(chalk.cyan("   $ wrangler secret put MCP_IDENTITY_PRIVATE_KEY"));
+                    console.log(chalk.cyan("   $ wrangler secret put MCP_IDENTITY_PUBLIC_KEY"));
+                    console.log(chalk.cyan("   $ wrangler secret put AGENTSHIELD_API_KEY"));
                     console.log();
                 }
             }