npm - @kya-os/mcp-i-core - Versions diffs - 1.2.2-canary.28 → 1.2.2-canary.29 - Mend

@kya-os/mcp-i-core 1.2.2-canary.28 → 1.2.2-canary.29

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/.turbo/turbo-build.log +1 -1
package/.turbo/turbo-test$colon$coverage.log +3943 -2389
package/.turbo/turbo-test.log +967 -985
package/package.json +1 -1

package/.turbo/turbo-test.log CHANGED Viewed

@@ -1,277 +1,539 @@
-> @kya-os/mcp-i-core@1.2.2-canary.24 test /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core
+> @kya-os/mcp-i-core@1.2.2-canary.28 test /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core
 > vitest run
-▲ [WARNING] The condition "types" here will never be used as it comes after both "import" and "require" [package.json]
-    package.json:32:6:
-      32 │       "types": "./dist/utils/did-helpers.d.ts"
-         ╵       ~~~~~~~
-  The "import" condition comes earlier and will be used for all "import" statements:
-    package.json:31:6:
-      31 │       "import": "./dist/utils/did-helpers.js",
-         ╵       ~~~~~~~~
-  The "require" condition comes earlier and will be used for all "require" calls:
-    package.json:30:6:
-      30 │       "require": "./dist/utils/did-helpers.js",
-         ╵       ~~~~~~~~~
  RUN  v4.0.5 /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core
-stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > API Authentication > should use X-API-Key header for new endpoint
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - new endpoint format > should fetch from project-scoped endpoint when projectId is available
 [ToolProtectionService] Config loaded from API {
   source: 'api',
-  toolCount: 0,
-  protectedTools: [],
+  toolCount: 2,
+  protectedTools: [ 'checkout' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'test-project-123',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.411Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.646Z'
 }
-stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > API Authentication > should use Authorization Bearer header for old endpoint
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - new endpoint format > should handle new endpoint format with toolProtections object
 [ToolProtectionService] Config loaded from API {
   source: 'api',
-  toolCount: 0,
-  protectedTools: [],
+  toolCount: 2,
+  protectedTools: [ 'protected_tool' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
+  projectId: 'test-project-123',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.414Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.647Z'
 }
-stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Endpoint Selection > should use project-scoped endpoint when projectId is available
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - new endpoint format > should parse oauthProvider from new endpoint format (Phase 2)
 [ToolProtectionService] Config loaded from API {
   source: 'api',
-  toolCount: 0,
-  protectedTools: [],
+  toolCount: 2,
+  protectedTools: [ 'read_repos', 'send_email' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'test-project-123',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.415Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.647Z'
 }
-stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Endpoint Selection > should use agent-scoped endpoint when projectId is not available
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - new endpoint format > should preserve oauthProvider through cache operations
 [ToolProtectionService] Config loaded from API {
   source: 'api',
-  toolCount: 0,
-  protectedTools: [],
+  toolCount: 1,
+  protectedTools: [ 'read_repos' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
+  projectId: 'test-project-123',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.415Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.648Z'
 }
-stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Endpoint Selection > should encode projectId in URL
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - old endpoint format > should fetch from agent-scoped endpoint when projectId is not available
 [ToolProtectionService] Config loaded from API {
   source: 'api',
-  toolCount: 0,
-  protectedTools: [],
+  toolCount: 2,
+  protectedTools: [ 'checkout' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'project/with/special-chars',
+  projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.416Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.648Z'
 }
-stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Endpoint Selection > should encode agent DID in URL
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - old endpoint format > should handle old endpoint format with tools array
 [ToolProtectionService] Config loaded from API {
   source: 'api',
-  toolCount: 0,
-  protectedTools: [],
+  toolCount: 2,
+  protectedTools: [ 'tool1' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.416Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.648Z'
 }
-stderr | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Error Handling > should handle network timeout
-[ToolProtectionService] API fetch failed, using fallback config { agentDid: 'did:key:z6MkhaXgBZDv...', error: 'Network timeout' }
-stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Response Format Compatibility > should handle new endpoint format (toolProtections object)
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - old endpoint format > should parse oauthProvider from old endpoint format (tools array)
 [ToolProtectionService] Config loaded from API {
   source: 'api',
   toolCount: 2,
-  protectedTools: [ 'checkout' ],
+  protectedTools: [ 'read_repos', 'send_email' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project-123',
+  projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.416Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.648Z'
 }
-stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Response Format Compatibility > should handle old endpoint format (tools array)
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - old endpoint format > should handle old endpoint format with tools object
 [ToolProtectionService] Config loaded from API {
   source: 'api',
   toolCount: 2,
-  protectedTools: [ 'checkout' ],
+  protectedTools: [ 'tool1' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.416Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.648Z'
 }
-stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Response Format Compatibility > should handle old endpoint format (tools object)
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - old endpoint format > should parse oauthProvider from old endpoint format (tools object)
 [ToolProtectionService] Config loaded from API {
   source: 'api',
   toolCount: 2,
-  protectedTools: [ 'checkout' ],
+  protectedTools: [ 'read_repos', 'send_email' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.416Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.649Z'
 }
-stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Response Format Compatibility > should handle snake_case field names
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - old endpoint format > should skip tools without name in array format
+[ToolProtectionService] Cache miss, fetching from API {
+  source: 'api-fetch-start',
+  cacheKey: 'agent:did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK',
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'none',
+  apiUrl: 'https://kya.vouched.id',
+  endpoint: '/api/v1/bouncer/config?agent_did=did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK'
+}
+[ToolProtectionService] Fetching from API: https://kya.vouched.id/api/v1/bouncer/config?agent_did=did%3Akey%3Az6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK {
+  method: 'config?agent_did (old)',
+  projectId: 'none',
+  apiKeyPresent: true,
+  apiKeyLength: 18,
+  apiKeyMasked: 'test-api...'
+}
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - old endpoint format > should skip tools without name in array format
+[ToolProtectionService] API response received {
+  source: 'api-fetch-complete',
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'none',
+  responseKeys: [ 'success', 'data', 'metadata' ],
+  dataKeys: [ 'tools' ],
+  rawToolProtections: null,
+  rawTools: [
+    { name: 'valid_tool', requiresDelegation: true },
+    { requiresDelegation: false }
+  ],
+  responseMetadata: {}
+}
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - old endpoint format > should skip tools without name in array format
 [ToolProtectionService] Config loaded from API {
   source: 'api',
   toolCount: 1,
-  protectedTools: [ 'tool1' ],
+  protectedTools: [ 'valid_tool' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project-123',
+  projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.417Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.649Z'
+}
+[ToolProtectionService] API fetch successful, config cached {
+  source: 'cache-write',
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  cacheKey: 'agent:did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK',
+  toolCount: 1,
+  tools: [ { name: 'valid_tool', requiresDelegation: true, scopeCount: 0 } ],
+  ttlMs: 300000,
+  ttlMinutes: 5,
+  expiresAt: '2025-11-24T00:12:31.649Z',
+  expiresIn: '300s'
 }
-stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Response Format Compatibility > should handle camelCase field names
+stderr | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch error handling > should handle network errors gracefully
+[ToolProtectionService] API fetch failed, no fallback, failing closed (deny-all) {
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > caching behavior > should cache successful API responses
+  agentDid: 'did:key:z6MkhaXgBZDv...',
 [ToolProtectionService] Config loaded from API {
   source: 'api',
   toolCount: 1,
   protectedTools: [ 'tool1' ],
+  error: 'ECONNREFUSED',
+  cacheKey: 'agent:did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK'
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project-123',
+}
+  projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.417Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.652Z'
 }
-stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Response Format Compatibility > should prefer camelCase over snake_case when both present
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > caching behavior > should use default cache TTL when not specified
 [ToolProtectionService] Config loaded from API {
   source: 'api',
-  toolCount: 1,
-  protectedTools: [ 'tool1' ],
+  toolCount: 0,
+  protectedTools: [],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project-123',
+  projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.417Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.652Z'
 }
-stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Caching Integration > should cache successful API responses
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > caching behavior > should use custom cache TTL when specified
 [ToolProtectionService] Config loaded from API {
-stderr | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Fallback Behavior > should cache fallback config
   source: 'api',
-  toolCount: 1,
-  protectedTools: [ 'tool1' ],
+  toolCount: 0,
+  protectedTools: [],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-[ToolProtectionService] API fetch failed, using fallback config { agentDid: 'did:key:z6MkhaXgBZDv...', error: 'Network error' }
-  projectId: 'test-project-123',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.419Z'
+  projectId: 'none',
+  cacheTtlMs: 600000,
+  cacheExpiresAt: '2025-11-24T00:17:31.652Z'
 }
-stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Caching Integration > should respect cache TTL
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > edge cases > should handle empty toolProtections object
 [ToolProtectionService] Config loaded from API {
   source: 'api',
   toolCount: 0,
   protectedTools: [],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project-123',
-  cacheTtlMs: 1000,
-  cacheExpiresAt: '2025-11-22T06:55:55.419Z'
+  projectId: 'none',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.652Z'
 }
-stdout | src/__tests__/regression/phase2-regression.test.ts > Phase 2 Regression Tests > Backward Compatibility > Phase 1 tools (no oauthProvider) > should work with Phase 1 tools that don't specify oauthProvider
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > edge cases > should handle null requiredScopes
 [ToolProtectionService] Config loaded from API {
   source: 'api',
   toolCount: 1,
-  protectedTools: [ 'phase1_tool' ],
+  protectedTools: [ 'tool1' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.420Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.653Z'
 }
-stdout | src/__tests__/regression/phase2-regression.test.ts > Phase 2 Regression Tests > Backward Compatibility > Old API endpoint format > should still support old endpoint format (tools array)
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > edge cases > should handle mixed camelCase and snake_case in response
 [ToolProtectionService] Config loaded from API {
   source: 'api',
-  toolCount: 1,
-  protectedTools: [ 'old_tool' ],
+  toolCount: 2,
+  protectedTools: [ 'tool1' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.425Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.653Z'
 }
-stdout | src/__tests__/regression/phase2-regression.test.ts > Phase 2 Regression Tests > Backward Compatibility > Old API endpoint format > should still support old endpoint format (tools object)
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should return null when tool has no protection
 [ToolProtectionService] Config loaded from API {
   source: 'api',
   toolCount: 1,
-  protectedTools: [ 'old_tool' ],
+  protectedTools: [],
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.425Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.653Z'
 }
-stderr | src/__tests__/regression/phase2-regression.test.ts > Phase 2 Regression Tests > No Regressions > Phase 1 OAuth flow > should still work with Phase 1 OAuth flow (no oauthProvider)
-[ProviderResolver] Tool does not specify oauthProvider. Using first configured provider "github" as fallback. This is deprecated - configure oauthProvider in AgentShield dashboard for Phase 2+.
-stdout | src/__tests__/regression/phase2-regression.test.ts > Phase 2 Regression Tests > Backward Compatibility > snake_case field names > should still support snake_case field names
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should return null when tool is not in config
 [ToolProtectionService] Config loaded from API {
   source: 'api',
   toolCount: 1,
-  protectedTools: [ 'tool_with_snake_case' ],
+  protectedTools: [ 'other_tool' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project-123',
+  projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.425Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.653Z'
 }
-stdout | src/__tests__/regression/phase2-regression.test.ts > Phase 2 Regression Tests > Mixed Phase 1 and Phase 2 tools > should handle mix of Phase 1 and Phase 2 tools in same project
+stderr | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should use wildcard protection in fail-safe deny-all mode
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should return null when tool is not in config
+[ToolProtectionService] Protection check {
+[ToolProtectionService] API fetch failed, no fallback, failing closed (deny-all) {
+  tool: 'unknown_tool',
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  found: false,
+  isWildcard: true,
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  error: 'Network error',
+  requiresDelegation: false,
+  availableTools: [ 'other_tool' ]
+}
+  cacheKey: 'agent:did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK'
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should return wildcard protection when tool not found and wildcard exists
 [ToolProtectionService] Config loaded from API {
+}
   source: 'api',
   toolCount: 2,
-  protectedTools: [ 'phase1_tool', 'phase2_tool' ],
+  protectedTools: [ '*' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project-123',
+  projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.426Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.653Z'
 }
- ✓ src/__tests__/regression/phase2-regression.test.ts (12 tests) 8ms
-stderr | src/services/__tests__/storage.service.test.ts > StorageService > createStorageProviders > should prefer Redis over KV when both are configured
-[StorageService] Failed to connect to Redis, falling back to memory: Redis package not available
-stderr | src/services/__tests__/storage.service.test.ts > StorageService > createStorageProviders > should prefer Redis over KV when both are configured
-[StorageService] Failed to initialize KV, falling back to memory: Failed to import Cloudflare storage providers: Cannot find package '@kya-os/mcp-i-cloudflare/providers/storage' imported from '/Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/storage.service.ts'
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should return wildcard protection when tool not found and wildcard exists
+[ToolProtectionService] Protection check {
+  tool: 'unknown_tool',
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  found: true,
+  isWildcard: true,
+  requiresDelegation: true,
+  availableTools: [ '*', 'specific_tool' ]
+}
-stderr | src/services/__tests__/storage.service.test.ts > StorageService > createStorageProviders > should fall back to memory when Redis connection fails
-[StorageService] Failed to connect to Redis, falling back to memory: Redis package not available
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should prioritize specific tool protection over wildcard
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 2,
+  protectedTools: [ '*' ],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'none',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.654Z'
+}
-stderr | src/services/__tests__/storage.service.test.ts > StorageService > createStorageProviders > should use KV namespace when provided
-[StorageService] Failed to initialize KV, falling back to memory: Failed to import Cloudflare storage providers: Cannot find package '@kya-os/mcp-i-cloudflare/providers/storage' imported from '/Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/storage.service.ts'
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should use wildcard protection in fail-safe deny-all mode
+[ToolProtectionService] Protection check {
+  tool: 'any_tool',
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  found: true,
+  isWildcard: true,
+  requiresDelegation: true,
+  availableTools: [ '*' ]
+}
-stderr | src/services/__tests__/access-control.service.test.ts > AccessControlApiService > submitProofs > should submit proofs successfully
-[AccessControl] 🔍 RAW API RESPONSE (before parsing): {
-  correlationId: 'c15ae448-52f1-4753-93d6-1f0d60c8fa0b',
-  status: 200,
-  statusText: '',
-  headers: { 'content-type': 'application/json' },
-  responseTextLength: 100,
-  responseTextPreview: '{"success":true,"accepted":1,"rejected":0,"outcomes":{"success":1,"failed":0,"blocked":0,"error":0}}',
-  fullResponseText: '{"success":true,"accepted":1,"rejected":0,"outcomes":{"success":1,"failed":0,"blocked":0,"error":0}}'
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should return protection config when tool requires delegation
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 1,
+  protectedTools: [ 'protected_tool' ],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'none',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.654Z'
 }
-[AccessControl] 🔍 PARSED RESPONSE DATA: {
-  correlationId: 'c15ae448-52f1-4753-93d6-1f0d60c8fa0b',
-  status: 200,
-  responseDataType: 'object',
-  responseDataKeys: [ 'success', 'accepted', 'rejected', 'outcomes' ],
-  responseData: '{\n' +
-    '  "success": true,\n' +
-    '  "accepted": 1,\n' +
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should return protection config when tool requires delegation
+[ToolProtectionService] Protection check {
+  tool: 'protected_tool',
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  found: true,
+  isWildcard: false,
+  requiresDelegation: true,
+  availableTools: [ 'protected_tool' ]
+}
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > integration with NoOpToolProtectionCache > should work with NoOpToolProtectionCache
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 1,
+  protectedTools: [ 'tool1' ],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'none',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.655Z'
+}
+stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > integration with NoOpToolProtectionCache > should work with NoOpToolProtectionCache
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 1,
+  protectedTools: [ 'tool1' ],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'none',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.655Z'
+}
+stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > API Authentication > should use X-API-Key header for new endpoint
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 0,
+  protectedTools: [],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'test-project-123',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.678Z'
+}
+stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > API Authentication > should use Authorization Bearer header for old endpoint
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 0,
+  protectedTools: [],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'none',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.683Z'
+}
+ ✓ src/__tests__/services/tool-protection.service.test.ts (49 tests) 15ms
+stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Endpoint Selection > should use project-scoped endpoint when projectId is available
+stderr | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Error Handling > should handle network timeout
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 0,
+[ToolProtectionService] API fetch failed, using fallback config { agentDid: 'did:key:z6MkhaXgBZDv...', error: 'Network timeout' }
+  protectedTools: [],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'test-project-123',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.686Z'
+}
+stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Endpoint Selection > should use agent-scoped endpoint when projectId is not available
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 0,
+  protectedTools: [],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'none',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.687Z'
+stderr | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Fallback Behavior > should cache fallback config
+}
+stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Endpoint Selection > should encode projectId in URL
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 0,
+  protectedTools: [],
+[ToolProtectionService] API fetch failed, using fallback config { agentDid: 'did:key:z6MkhaXgBZDv...', error: 'Network error' }
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'project/with/special-chars',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.687Z'
+}
+stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Endpoint Selection > should encode agent DID in URL
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 0,
+  protectedTools: [],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'none',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.688Z'
+}
+stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Response Format Compatibility > should handle new endpoint format (toolProtections object)
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 2,
+  protectedTools: [ 'checkout' ],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'test-project-123',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.688Z'
+}
+stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Response Format Compatibility > should handle old endpoint format (tools array)
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 2,
+  protectedTools: [ 'checkout' ],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'none',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.688Z'
+}
+stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Response Format Compatibility > should handle old endpoint format (tools object)
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 2,
+  protectedTools: [ 'checkout' ],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'none',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.689Z'
+}
+stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Response Format Compatibility > should handle snake_case field names
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 1,
+  protectedTools: [ 'tool1' ],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'test-project-123',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.689Z'
+}
+stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Response Format Compatibility > should handle camelCase field names
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 1,
+  protectedTools: [ 'tool1' ],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'test-project-123',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.689Z'
+}
+stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Response Format Compatibility > should prefer camelCase over snake_case when both present
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 1,
+  protectedTools: [ 'tool1' ],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'test-project-123',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.689Z'
+}
+stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Caching Integration > should cache successful API responses
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 1,
+  protectedTools: [ 'tool1' ],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'test-project-123',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.692Z'
+}
+stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Caching Integration > should respect cache TTL
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 0,
+  protectedTools: [],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'test-project-123',
+  cacheTtlMs: 1000,
+  cacheExpiresAt: '2025-11-24T00:07:32.692Z'
+}
+stderr | src/services/__tests__/access-control.service.test.ts > AccessControlApiService > submitProofs > should submit proofs successfully
+[AccessControl] 🔍 RAW API RESPONSE (before parsing): {
+  correlationId: 'cdf89417-bb4e-43ad-a8a9-447046ca7443',
+  status: 200,
+  statusText: '',
+  headers: { 'content-type': 'application/json' },
+  responseTextLength: 100,
+  responseTextPreview: '{"success":true,"accepted":1,"rejected":0,"outcomes":{"success":1,"failed":0,"blocked":0,"error":0}}',
+  fullResponseText: '{"success":true,"accepted":1,"rejected":0,"outcomes":{"success":1,"failed":0,"blocked":0,"error":0}}'
+}
+[AccessControl] 🔍 PARSED RESPONSE DATA: {
+  correlationId: 'cdf89417-bb4e-43ad-a8a9-447046ca7443',
+  status: 200,
+  responseDataType: 'object',
+  responseDataKeys: [ 'success', 'accepted', 'rejected', 'outcomes' ],
+  responseData: '{\n' +
+    '  "success": true,\n' +
+    '  "accepted": 1,\n' +
     '  "rejected": 0,\n' +
     '  "outcomes": {\n' +
     '    "success": 1,\n' +
@@ -293,10 +555,9 @@ stderr | src/services/__tests__/access-control.service.test.ts > AccessControlAp
   }
 }
- ✓ src/services/__tests__/storage.service.test.ts (17 tests) 16ms
 stderr | src/services/__tests__/access-control.service.test.ts > AccessControlApiService > submitProofs > should handle all_proofs_rejected error gracefully
 [AccessControl] 🔍 RAW API RESPONSE (before parsing): {
-  correlationId: '3e395c63-242a-4f2a-abf1-9986bab09084',
+  correlationId: '33847abb-0cf4-4314-ac3b-b001281354e9',
   status: 400,
   statusText: '',
   headers: { 'content-type': 'application/json' },
@@ -305,7 +566,7 @@ stderr | src/services/__tests__/access-control.service.test.ts > AccessControlAp
   fullResponseText: '{"success":false,"error":{"code":"all_proofs_rejected","message":"All proofs rejected","details":{"rejected":1,"errors":[{"proof_index":0,"error":{"code":"invalid_signature","message":"Invalid signature"}}]}}}'
 }
 [AccessControl] 🔍 PARSED RESPONSE DATA: {
-  correlationId: '3e395c63-242a-4f2a-abf1-9986bab09084',
+  correlationId: '33847abb-0cf4-4314-ac3b-b001281354e9',
   status: 400,
   responseDataType: 'object',
   responseDataKeys: [ 'success', 'error' ],
@@ -332,16 +593,16 @@ stderr | src/services/__tests__/access-control.service.test.ts > AccessControlAp
 stderr | src/services/__tests__/access-control.service.test.ts > AccessControlApiService > submitProofs > should handle wrapped response format
 [AccessControl] 🔍 RAW API RESPONSE (before parsing): {
-  correlationId: '763cbfba-61ff-4bad-8d57-93789f897191',
+  correlationId: '95f2790c-d1b6-4fbf-aa56-a15e0e2165e0',
   status: 200,
   statusText: '',
   headers: { 'content-type': 'application/json' },
   responseTextLength: 206,
-  responseTextPreview: '{"success":true,"data":{"success":true,"accepted":1,"rejected":0,"outcomes":{"success":1,"failed":0,"blocked":0,"error":0}},"metadata":{"requestId":"test-request-id","timestamp":"2025-11-22T06:55:54.452Z"}}',
-  fullResponseText: '{"success":true,"data":{"success":true,"accepted":1,"rejected":0,"outcomes":{"success":1,"failed":0,"blocked":0,"error":0}},"metadata":{"requestId":"test-request-id","timestamp":"2025-11-22T06:55:54.452Z"}}'
+  responseTextPreview: '{"success":true,"data":{"success":true,"accepted":1,"rejected":0,"outcomes":{"success":1,"failed":0,"blocked":0,"error":0}},"metadata":{"requestId":"test-request-id","timestamp":"2025-11-24T00:07:31.731Z"}}',
+  fullResponseText: '{"success":true,"data":{"success":true,"accepted":1,"rejected":0,"outcomes":{"success":1,"failed":0,"blocked":0,"error":0}},"metadata":{"requestId":"test-request-id","timestamp":"2025-11-24T00:07:31.731Z"}}'
 }
 [AccessControl] 🔍 PARSED RESPONSE DATA: {
-  correlationId: '763cbfba-61ff-4bad-8d57-93789f897191',
+  correlationId: '95f2790c-d1b6-4fbf-aa56-a15e0e2165e0',
   status: 200,
   responseDataType: 'object',
   responseDataKeys: [ 'success', 'data', 'metadata' ],
@@ -360,7 +621,7 @@ stderr | src/services/__tests__/access-control.service.test.ts > AccessControlAp
     '  },\n' +
     '  "metadata": {\n' +
     '    "requestId": "test-request-id",\n' +
-    '    "timestamp": "2025-11-22T06:55:54.452Z"\n' +
+    '    "timestamp": "2025-11-24T00:07:31.731Z"\n' +
     '  }\n' +
     '}'
 }
@@ -379,11 +640,11 @@ stderr | src/services/__tests__/access-control.service.test.ts > AccessControlAp
   },
   "metadata": {
     "requestId": "test-request-id",
-    "timestamp": "2025-11-22T06:55:54.452Z"
+    "timestamp": "2025-11-24T00:07:31.731Z"
   }
 }
 [AccessControl] 🔍 DATA OBJECT STRUCTURE: {
-  correlationId: '763cbfba-61ff-4bad-8d57-93789f897191',
+  correlationId: '95f2790c-d1b6-4fbf-aa56-a15e0e2165e0',
   dataKeys: [ 'success', 'accepted', 'rejected', 'outcomes' ],
   hasAccepted: true,
   hasRejected: true,
@@ -409,7 +670,7 @@ stderr | src/services/__tests__/access-control.service.test.ts > AccessControlAp
 stderr | src/services/__tests__/access-control.service.test.ts > AccessControlApiService > submitProofs > should handle response with missing outcomes field (outcomes is optional)
 [AccessControl] 🔍 RAW API RESPONSE (before parsing): {
-  correlationId: '83067c19-4a75-4487-8c41-84154a231b4a',
+  correlationId: '8b230c4d-7525-401e-9840-92ffe27b6a9b',
   status: 200,
   statusText: '',
   headers: { 'content-type': 'application/json' },
@@ -418,7 +679,7 @@ stderr | src/services/__tests__/access-control.service.test.ts > AccessControlAp
   fullResponseText: '{"success":true,"accepted":1,"rejected":0}'
 }
 [AccessControl] 🔍 PARSED RESPONSE DATA: {
-  correlationId: '83067c19-4a75-4487-8c41-84154a231b4a',
+  correlationId: '8b230c4d-7525-401e-9840-92ffe27b6a9b',
   status: 200,
   responseDataType: 'object',
   responseDataKeys: [ 'success', 'accepted', 'rejected' ],
@@ -432,7 +693,7 @@ stderr | src/services/__tests__/access-control.service.test.ts > AccessControlAp
 stderr | src/services/__tests__/access-control.service.test.ts > AccessControlApiService > submitProofs > should handle response with missing outcomes field (outcomes is optional)
 [AccessControl] 🔍 RAW API RESPONSE (before parsing): {
-  correlationId: '04630779-2ff2-4a2d-956c-324823bc9fbc',
+  correlationId: '19533ac6-9d3e-48d0-a81d-2b02656d2f22',
   status: 200,
   statusText: '',
   headers: { 'content-type': 'application/json' },
@@ -441,7 +702,7 @@ stderr | src/services/__tests__/access-control.service.test.ts > AccessControlAp
   fullResponseText: '{"success":true,"accepted":1,"rejected":0,"outcomes":{"success":1,"failed":0,"blocked":0,"error":0}}'
 }
 [AccessControl] 🔍 PARSED RESPONSE DATA: {
-  correlationId: '04630779-2ff2-4a2d-956c-324823bc9fbc',
+  correlationId: '19533ac6-9d3e-48d0-a81d-2b02656d2f22',
   status: 200,
   responseDataType: 'object',
   responseDataKeys: [ 'success', 'accepted', 'rejected', 'outcomes' ],
@@ -471,7 +732,7 @@ stderr | src/services/__tests__/access-control.service.test.ts > AccessControlAp
 stderr | src/services/__tests__/access-control.service.test.ts > AccessControlApiService > submitProofs > should handle response with missing outcomes field (outcomes is optional)
 [AccessControl] 🔍 RAW API RESPONSE (before parsing): {
-  correlationId: '3dc1bfbc-39a0-41f7-82d3-c87e0093ab55',
+  correlationId: '730acd89-1153-4885-bf14-4d126eaf93f2',
   status: 200,
   statusText: '',
   headers: { 'content-type': 'application/json' },
@@ -480,7 +741,7 @@ stderr | src/services/__tests__/access-control.service.test.ts > AccessControlAp
   fullResponseText: '{"success":true,"accepted":1,"rejected":0,"outcomes":{}}'
 }
 [AccessControl] 🔍 PARSED RESPONSE DATA: {
-  correlationId: '3dc1bfbc-39a0-41f7-82d3-c87e0093ab55',
+  correlationId: '730acd89-1153-4885-bf14-4d126eaf93f2',
   status: 200,
   responseDataType: 'object',
   responseDataKeys: [ 'success', 'accepted', 'rejected', 'outcomes' ],
@@ -495,7 +756,7 @@ stderr | src/services/__tests__/access-control.service.test.ts > AccessControlAp
 stderr | src/services/__tests__/access-control.service.test.ts > AccessControlApiService > submitProofs > should handle wrapped response with invalid data structure
 [AccessControl] 🔍 RAW API RESPONSE (before parsing): {
-  correlationId: 'c8ced6df-58ca-44ec-b9db-c3973e9d7505',
+  correlationId: 'c6deaac1-4e9e-4ec5-b541-d2bac59c2179',
   status: 200,
   statusText: '',
   headers: { 'content-type': 'application/json' },
@@ -504,7 +765,7 @@ stderr | src/services/__tests__/access-control.service.test.ts > AccessControlAp
   fullResponseText: '{"success":true,"data":{"message":"Invalid format"}}'
 }
 [AccessControl] 🔍 PARSED RESPONSE DATA: {
-  correlationId: 'c8ced6df-58ca-44ec-b9db-c3973e9d7505',
+  correlationId: 'c6deaac1-4e9e-4ec5-b541-d2bac59c2179',
   status: 200,
   responseDataType: 'object',
   responseDataKeys: [ 'success', 'data' ],
@@ -517,7 +778,7 @@ stderr | src/services/__tests__/access-control.service.test.ts > AccessControlAp
   }
 }
 [AccessControl] 🔍 DATA OBJECT STRUCTURE: {
-  correlationId: 'c8ced6df-58ca-44ec-b9db-c3973e9d7505',
+  correlationId: 'c6deaac1-4e9e-4ec5-b541-d2bac59c2179',
   dataKeys: [ 'message' ],
   hasAccepted: false,
   hasRejected: false,
@@ -531,7 +792,7 @@ stderr | src/services/__tests__/access-control.service.test.ts > AccessControlAp
   fullData: '{\n  "message": "Invalid format"\n}'
 }
 [AccessControl] Wrapped response validation failed {
-  correlationId: 'c8ced6df-58ca-44ec-b9db-c3973e9d7505',
+  correlationId: 'c6deaac1-4e9e-4ec5-b541-d2bac59c2179',
   zodErrors: [
     {
       code: 'invalid_type',
@@ -634,7 +895,7 @@ stderr | src/services/__tests__/access-control.service.test.ts > AccessControlAp
   responseData: { success: true, data: { message: 'Invalid format' } }
 }
 [AccessControl] Response validation failed {
-  correlationId: 'c8ced6df-58ca-44ec-b9db-c3973e9d7505',
+  correlationId: 'c6deaac1-4e9e-4ec5-b541-d2bac59c2179',
   zodErrors: [
     {
       code: 'invalid_type',
@@ -719,8 +980,7 @@ stderr | src/services/__tests__/access-control.service.test.ts > AccessControlAp
   }
 }
- ✓ src/delegation/__tests__/vc-verifier.test.ts (35 tests) 40ms
- ✓ src/services/__tests__/access-control.service.test.ts (23 tests) 29ms
+ ✓ src/services/__tests__/access-control.service.test.ts (23 tests) 37ms
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > should allow tool execution when no protection required
 [MCP-I] Checking tool protection: {
   tool: 'unprotectedTool',
@@ -747,8 +1007,8 @@ stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntime
   tool: 'protectedTool',
   requiredScopes: [ 'files:write' ],
   agentDid: 'did:key:zmock123...',
-  resumeToken: 'resume_hkgrpp_mi9xqkbt',
-  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=files%3Awrite&session_id=session123&agent_did=&resume_token=resume_hkgrpp_mi9xqkbt'
+  resumeToken: 'resume_ubsac5_mice138y',
+  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=files%3Awrite&session_id=session123&agent_did=&resume_token=resume_ubsac5_mice138y'
 }
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > should allow tool execution when protection required and delegation provided
@@ -810,18 +1070,18 @@ stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntime
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > should block tool execution when delegation verification fails
 [MCP-I] 🔐 Verifying delegation token with AccessControlApiService {
+stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > should block tool execution when delegation verification fails
   tool: 'protectedTool',
   agentDid: 'did:key:zmock123...',
   hasDelegationToken: true,
-  hasConsentProof: false,
-  requiredScopes: [ 'files:write' ]
-}
-stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > should block tool execution when delegation verification fails
 [MCP-I] ❌ Delegation verification FAILED {
   tool: 'protectedTool',
+  hasConsentProof: false,
+  requiredScopes: [ 'files:write' ]
   agentDid: 'did:key:zmock123...',
   reason: 'Delegation token expired',
+}
   errorCode: undefined,
   errorMessage: undefined,
   requiredScopes: [ 'files:write' ]
@@ -860,86 +1120,86 @@ stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntime
   hasDelegation: true
 }
+stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > should handle API errors during verification gracefully
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > should handle API errors during verification gracefully
+[MCP-I] ❌ Delegation verification error (API failure) {
 [MCP-I] 🔐 Verifying delegation token with AccessControlApiService {
   tool: 'protectedTool',
   agentDid: 'did:key:zmock123...',
   hasDelegationToken: true,
-stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > should handle API errors during verification gracefully
-[MCP-I] ❌ Delegation verification error (API failure) {
-  tool: 'protectedTool',
   hasConsentProof: false,
   requiredScopes: [ 'files:write' ]
+}
+  tool: 'protectedTool',
   agentDid: 'did:key:zmock123...',
+  errorCode: 'network_error',
+  errorMessage: 'API unavailable',
+  errorDetails: {}
 }
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > should allow tool execution when access control service not configured (graceful degradation)
 [MCP-I] Checking tool protection: {
-  errorCode: 'network_error',
   tool: 'protectedTool',
-  errorMessage: 'API unavailable',
   agentDid: 'did:key:zmock123...',
-  errorDetails: {}
   hasDelegation: true
 }
-}
 stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > should allow tool execution when access control service not configured (graceful degradation)
+[MCP-I] ⚠️ Delegation token provided but AccessControlApiService not configured - skipping verification {
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > user_identifier validation > should reject delegation when user_identifier does not match session userDid
-[MCP-I] ⚠️ Delegation token provided but AccessControlApiService not configured - skipping verification {
 [MCP-I] Checking tool protection: {
   tool: 'protectedTool',
-  agentDid: 'did:key:zmock123...',
   tool: 'protectedTool',
+  agentDid: 'did:key:zmock123...',
   hasDelegation: true
 }
-  agentDid: 'did:key:zmock123...',
-  hasDelegationToken: true,
-  hasConsentProof: false
+  agentDid: 'did:key:zmock123...',
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > user_identifier validation > should reject delegation when user_identifier does not match session userDid
 [MCP-I] 🔐 Verifying delegation token with AccessControlApiService {
   tool: 'protectedTool',
+  hasDelegationToken: true,
   agentDid: 'did:key:zmock123...',
-}
   hasDelegationToken: true,
   hasConsentProof: false,
   requiredScopes: [ 'files:write' ]
+}
+  hasConsentProof: false
+}
 stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > user_identifier validation > should reject delegation when user_identifier does not match session userDid
+[MCP-I] 🔒 SECURITY: User identifier validation FAILED {
+  tool: 'protectedTool',
+  agentDid: 'did:key:zmock123...',
+  delegationUserIdentifier: 'did:key:zUserB987654...',
+  sessionUserDid: 'did:key:zUserA123456...',
+  sessionId: 'session123...',
+  reason: 'user_identifier_mismatch',
+  severity: 'high'
 }
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > user_identifier validation > should accept delegation when user_identifier matches session userDid
 [MCP-I] Checking tool protection: {
-[MCP-I] 🔒 SECURITY: User identifier validation FAILED {
   tool: 'protectedTool',
   agentDid: 'did:key:zmock123...',
-  tool: 'protectedTool',
   hasDelegation: true
 }
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > user_identifier validation > should accept delegation when user_identifier matches session userDid
 [MCP-I] 🔐 Verifying delegation token with AccessControlApiService {
-  agentDid: 'did:key:zmock123...',
-  delegationUserIdentifier: 'did:key:zUserB987654...',
   tool: 'protectedTool',
   agentDid: 'did:key:zmock123...',
-  sessionUserDid: 'did:key:zUserA123456...',
   hasDelegationToken: true,
   hasConsentProof: false,
   requiredScopes: [ 'files:write' ]
 }
-  sessionId: 'session123...',
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > user_identifier validation > should accept delegation when user_identifier matches session userDid
 [MCP-I] ✅ User identifier validation PASSED {
   tool: 'protectedTool',
-  reason: 'user_identifier_mismatch',
   agentDid: 'did:key:zmock123...',
-  severity: 'high'
-}
   userDid: 'did:key:zUserA123456...',
   sessionId: 'session123...'
 }
@@ -992,15 +1252,6 @@ stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntime
   requiredScopes: [ 'files:write' ]
 }
-stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > user_identifier validation > should handle missing session userDid gracefully
-[MCP-I] ✅ Delegation verification SUCCEEDED {
-  tool: 'protectedTool',
-  agentDid: 'did:key:zmock123...',
-  delegationId: 'test-delegation-id',
-  credentialScopes: [ 'files:write' ],
-  requiredScopes: [ 'files:write' ]
-}
 stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > user_identifier validation > should handle missing session userDid gracefully
 [MCP-I] ⚠️ Delegation has user_identifier but session missing userDid {
   tool: 'protectedTool',
@@ -1009,6 +1260,15 @@ stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntime
   sessionId: 'session123...'
 }
+stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > user_identifier validation > should handle missing session userDid gracefully
+[MCP-I] ✅ Delegation verification SUCCEEDED {
+  tool: 'protectedTool',
+  agentDid: 'did:key:zmock123...',
+  delegationId: 'test-delegation-id',
+  credentialScopes: [ 'files:write' ],
+  requiredScopes: [ 'files:write' ]
+}
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > should create proof after successful tool execution
 [MCP-I] Checking tool protection: {
   tool: 'unprotectedTool',
@@ -1030,166 +1290,13 @@ stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntime
   hasDelegation: false
 }
-stderr | src/services/__tests__/access-control.integration.test.ts > AccessControlApiService Integration > Proof Submission Flow > should submit proof end-to-end
-[AccessControl] 🔍 RAW API RESPONSE (before parsing): {
-  correlationId: '310c7df3-f656-4845-9d96-a3d1dde07c85',
-  status: 200,
-  statusText: '',
-  headers: { 'content-type': 'application/json' },
-  responseTextLength: 100,
-  responseTextPreview: '{"success":true,"accepted":1,"rejected":0,"outcomes":{"success":1,"failed":0,"blocked":0,"error":0}}',
-  fullResponseText: '{"success":true,"accepted":1,"rejected":0,"outcomes":{"success":1,"failed":0,"blocked":0,"error":0}}'
-}
-[AccessControl] 🔍 PARSED RESPONSE DATA: {
-  correlationId: '310c7df3-f656-4845-9d96-a3d1dde07c85',
-  status: 200,
-  responseDataType: 'object',
-  responseDataKeys: [ 'success', 'accepted', 'rejected', 'outcomes' ],
-  responseData: '{\n' +
-    '  "success": true,\n' +
-    '  "accepted": 1,\n' +
-    '  "rejected": 0,\n' +
-    '  "outcomes": {\n' +
-    '    "success": 1,\n' +
-    '    "failed": 0,\n' +
-    '    "blocked": 0,\n' +
-    '    "error": 0\n' +
-    '  }\n' +
-    '}'
-}
-[AccessControl] Raw response received: {
-  "success": true,
-  "accepted": 1,
-  "rejected": 0,
-  "outcomes": {
-    "success": 1,
-    "failed": 0,
-    "blocked": 0,
-    "error": 0
-  }
-}
-stderr | src/services/__tests__/access-control.integration.test.ts > AccessControlApiService Integration > Proof Submission Flow > should handle proof submission with errors
-[AccessControl] 🔍 RAW API RESPONSE (before parsing): {
-  correlationId: '320c0345-efcf-4339-832f-41a67055e5e2',
-  status: 200,
-  statusText: '',
-  headers: { 'content-type': 'application/json' },
-  responseTextLength: 200,
-  responseTextPreview: '{"success":true,"accepted":0,"rejected":1,"outcomes":{"success":0,"failed":1,"blocked":0,"error":0},"errors":[{"proof_index":0,"error":{"code":"invalid_signature","message":"Invalid JWS signature"}}]}',
-  fullResponseText: '{"success":true,"accepted":0,"rejected":1,"outcomes":{"success":0,"failed":1,"blocked":0,"error":0},"errors":[{"proof_index":0,"error":{"code":"invalid_signature","message":"Invalid JWS signature"}}]}'
-}
-[AccessControl] 🔍 PARSED RESPONSE DATA: {
-  correlationId: '320c0345-efcf-4339-832f-41a67055e5e2',
-  status: 200,
-  responseDataType: 'object',
-  responseDataKeys: [ 'success', 'accepted', 'rejected', 'outcomes', 'errors' ],
-  responseData: '{\n' +
-    '  "success": true,\n' +
-    '  "accepted": 0,\n' +
-    '  "rejected": 1,\n' +
-    '  "outcomes": {\n' +
-    '    "success": 0,\n' +
-    '    "failed": 1,\n' +
-    '    "blocked": 0,\n' +
-    '    "error": 0\n' +
-    '  },\n' +
-    '  "errors": [\n' +
-    '    {\n' +
-    '      "proof_index": 0,\n' +
-    '      "error": {\n' +
-    '        "code": "invalid_signature",\n' +
-    '        "message": "Invalid JWS signature"\n' +
-    '      }\n' +
-    '    }\n' +
-    '  ]\n' +
-    '}'
-}
-[AccessControl] Raw response received: {
-  "success": true,
-  "accepted": 0,
-  "rejected": 1,
-  "outcomes": {
-    "success": 0,
-    "failed": 1,
-    "blocked": 0,
-    "error": 0
-  },
-  "errors": [
-    {
-      "proof_index": 0,
-      "error": {
-        "code": "invalid_signature",
-        "message": "Invalid JWS signature"
-      }
-    }
-  ]
-}
-stderr | src/services/__tests__/access-control.integration.test.ts > AccessControlApiService Integration > Proof Verification Flow > should verify proof using ProofVerifier
-[CryptoService] Key ID mismatch
-stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Tool protection enforcement flow > should allow unprotected tool calls
-[ToolProtectionService] Config loaded from API {
 stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > processToolCall with tool protection > should not create proof when tool execution is blocked
-  source: 'api',
-  toolCount: 1,
 [MCP-I] BLOCKED: Tool requires delegation but none provided {
-  protectedTools: [],
   tool: 'protectedTool',
-  agentDid: 'did:key:z6MkhaXgBZDv...',
   requiredScopes: [ 'files:write' ],
   agentDid: 'did:key:zmock123...',
-  projectId: 'test-project',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.479Z'
-  resumeToken: 'resume_hkgr0q_mi9xqkc0',
-  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=files%3Awrite&session_id=session123&agent_did=&resume_token=resume_hkgr0q_mi9xqkc0'
-}
-}
-stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Tool protection enforcement flow > should intercept protected tool calls without delegation
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 1,
-  protectedTools: [ 'checkout' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.480Z'
-}
-stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Tool protection enforcement flow > should intercept protected tool calls without delegation
-[ToolProtectionService] Protection check {
-  tool: 'checkout',
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  found: true,
-  isWildcard: false,
-  requiresDelegation: true,
-  availableTools: [ 'checkout' ]
-}
-stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > AgentShield integration flow > should fetch tool protection config from AgentShield
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 1,
-  protectedTools: [ 'protected_tool' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.480Z'
-}
-stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > AgentShield integration flow > should cache tool protection config
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 1,
-  protectedTools: [ 'tool1' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.482Z'
+  resumeToken: 'resume_ubsa59_mice1395',
+  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=files%3Awrite&session_id=session123&agent_did=&resume_token=resume_ubsa59_mice1395'
 }
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > DelegationRequiredError details > should include tool name in error
@@ -1204,97 +1311,87 @@ stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntime
   tool: 'protectedTool',
   requiredScopes: [ 'files:write' ],
   agentDid: 'did:key:zmock123...',
-  resumeToken: 'resume_hkgqz0_mi9xqkc2',
-  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=files%3Awrite&session_id=session123&agent_did=&resume_token=resume_hkgqz0_mi9xqkc2'
+  resumeToken: 'resume_ubsa59_mice1395',
+  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=files%3Awrite&session_id=session123&agent_did=&resume_token=resume_ubsa59_mice1395'
 }
-stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > DelegationRequiredError details > should include required scopes in error
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > DelegationRequiredError details > should include required scopes in error
 [MCP-I] Checking tool protection: {
   tool: 'protectedTool',
-[MCP-I] BLOCKED: Tool requires delegation but none provided {
-  tool: 'protectedTool',
-  requiredScopes: [ 'files:write', 'files:read' ],
-  agentDid: 'did:key:zmock123...',
   agentDid: 'did:key:zmock123...',
   hasDelegation: false
 }
-  resumeToken: 'resume_hkgqz0_mi9xqkc2',
-  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=files%3Awrite%2Cfiles%3Aread&session_id=session123&agent_did=&resume_token=resume_hkgqz0_mi9xqkc2'
-}
-stderr | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > AgentShield integration flow > should use fallback config when API fails
-[ToolProtectionService] API fetch failed, using fallback config { agentDid: 'did:key:z6MkhaXgBZDv...', error: 'Network error' }
+stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > DelegationRequiredError details > should include required scopes in error
+[MCP-I] BLOCKED: Tool requires delegation but none provided {
+  tool: 'protectedTool',
+  requiredScopes: [ 'files:write', 'files:read' ],
+  agentDid: 'did:key:zmock123...',
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > DelegationRequiredError details > should include consent URL in error
 [MCP-I] Checking tool protection: {
+  resumeToken: 'resume_ubsa59_mice1395',
   tool: 'protectedTool',
+  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=files%3Awrite%2Cfiles%3Aread&session_id=session123&agent_did=&resume_token=resume_ubsa59_mice1395'
+}
   agentDid: 'did:key:zmock123...',
   hasDelegation: false
 }
 stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > DelegationRequiredError details > should include consent URL in error
 [MCP-I] BLOCKED: Tool requires delegation but none provided {
   tool: 'protectedTool',
   requiredScopes: [ 'files:write' ],
   agentDid: 'did:key:zmock123...',
-  resumeToken: 'resume_hkgqy5_mi9xqkc3',
-  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=files%3Awrite&session_id=session123&agent_did=&resume_token=resume_hkgqy5_mi9xqkc3'
-}
-stderr | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Error handling in full flow > should handle tool protection service errors gracefully
-[ToolProtectionService] API fetch failed, no fallback, failing closed (deny-all) {
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  error: 'Network error',
-  cacheKey: 'config:tool-protections:test-project'
+  resumeToken: 'resume_ubs9mb_mice1396',
+  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=files%3Awrite&session_id=session123&agent_did=&resume_token=resume_ubs9mb_mice1396'
 }
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > DelegationRequiredError details > should include resume token in error
 [MCP-I] Checking tool protection: {
+stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > DelegationRequiredError details > should include resume token in error
   tool: 'protectedTool',
+[MCP-I] BLOCKED: Tool requires delegation but none provided {
   agentDid: 'did:key:zmock123...',
   hasDelegation: false
 }
-stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > DelegationRequiredError details > should include resume token in error
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > DelegationRequiredError details > should include intercepted call context in error
 [MCP-I] Checking tool protection: {
-[MCP-I] BLOCKED: Tool requires delegation but none provided {
-  tool: 'protectedTool',
   tool: 'protectedTool',
   agentDid: 'did:key:zmock123...',
   hasDelegation: false
+}
+  tool: 'protectedTool',
   requiredScopes: [ 'files:write' ],
+  agentDid: 'did:key:zmock123...',
+  resumeToken: 'resume_ubs9mb_mice1396',
+  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=files%3Awrite&session_id=session123&agent_did=&resume_token=resume_ubs9mb_mice1396'
 }
+stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > DelegationRequiredError details > should include intercepted call context in error
+[MCP-I] BLOCKED: Tool requires delegation but none provided {
+  tool: 'protectedTool',
+  requiredScopes: [ 'files:write' ],
   agentDid: 'did:key:zmock123...',
-  resumeToken: 'resume_hkgqy5_mi9xqkc3',
-  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=files%3Awrite&session_id=session123&agent_did=&resume_token=resume_hkgqy5_mi9xqkc3'
+  resumeToken: 'resume_e522e0_mice1396',
+  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=files%3Awrite&session_id=session123&agent_did=&resume_token=resume_e522e0_mice1396'
 }
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > audit logging > should log tool protection check when audit enabled
 [MCP-I] Checking tool protection: {
   tool: 'testTool',
-stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > DelegationRequiredError details > should include intercepted call context in error
-[MCP-I] BLOCKED: Tool requires delegation but none provided {
   agentDid: 'did:key:zmock123...',
   hasDelegation: false
 }
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > audit logging > should log tool protection check when audit enabled
 [MCP-I] Tool protection check passed (no delegation required) {
-  tool: 'protectedTool',
   tool: 'testTool',
   agentDid: 'did:key:zmock123...',
-  requiredScopes: [ 'files:write' ],
   reason: 'Tool not configured to require delegation'
 }
-  agentDid: 'did:key:zmock123...',
-  resumeToken: 'resume_1dqjpu_mi9xqkc3',
-  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=files%3Awrite&session_id=session123&agent_did=&resume_token=resume_1dqjpu_mi9xqkc3'
-}
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > audit logging > should log blocked tool call when audit enabled
 [MCP-I] Checking tool protection: {
@@ -1303,584 +1400,459 @@ stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntime
   hasDelegation: false
 }
-stderr | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Error handling in full flow > should handle network timeouts
-[ToolProtectionService] API fetch failed, using fallback config { agentDid: 'did:key:z6MkhaXgBZDv...', error: 'Network timeout' }
+stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > tool protection service integration > should use agent DID from identity for protection check
+[MCP-I] Checking tool protection: {
+  tool: 'testTool',
+  agentDid: 'did:key:zmock123...',
+  hasDelegation: false
+}
- ✓ src/__tests__/runtime/base-extensions.test.ts (38 tests) 15ms
-stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Cache integration in full flow > should share cache across multiple service instances
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 1,
-  protectedTools: [ 'tool1' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.484Z'
+stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > tool protection service integration > should use agent DID from identity for protection check
+[MCP-I] Tool protection check passed (no delegation required) {
+  tool: 'testTool',
+  agentDid: 'did:key:zmock123...',
+  reason: 'Tool not configured to require delegation'
 }
-stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Cache integration in full flow > should clear cache when needed
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 1,
-  protectedTools: [ 'tool1' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.484Z'
+stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > tool protection service integration > should handle tool protection service errors gracefully
+[MCP-I] Checking tool protection: {
+  tool: 'testTool',
+  agentDid: 'did:key:zmock123...',
+  hasDelegation: false
 }
-stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Cache integration in full flow > should clear cache when needed
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 1,
-  protectedTools: [ 'tool1' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.484Z'
-}
-stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Real-world e-commerce scenario > should handle complete e-commerce flow with tool protection
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 3,
-  protectedTools: [ 'add_to_cart', 'checkout' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.485Z'
-}
-stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Real-world e-commerce scenario > should handle complete e-commerce flow with tool protection
-[ToolProtectionService] Protection check {
-  tool: 'add_to_cart',
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  found: true,
-  isWildcard: false,
-  requiresDelegation: true,
-  availableTools: [ 'search_products', 'add_to_cart', 'checkout' ]
-}
-stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > tool protection service integration > should use agent DID from identity for protection check
-[MCP-I] Checking tool protection: {
-  tool: 'testTool',
-  agentDid: 'did:key:zmock123...',
-  hasDelegation: false
-}
-stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > tool protection service integration > should use agent DID from identity for protection check
-[MCP-I] Tool protection check passed (no delegation required) {
-  tool: 'testTool',
-  agentDid: 'did:key:zmock123...',
-  reason: 'Tool not configured to require delegation'
-}
-stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > tool protection service integration > should handle tool protection service errors gracefully
-[MCP-I] Checking tool protection: {
-  tool: 'testTool',
-  agentDid: 'did:key:zmock123...',
-  hasDelegation: false
-}
-stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Concurrent operations > should handle concurrent cache operations
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 1,
-  protectedTools: [ 'tool1' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.485Z'
-}
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 1,
-  protectedTools: [ 'tool1' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.485Z'
-}
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 1,
-  protectedTools: [ 'tool1' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.485Z'
-}
-stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > edge cases > should handle empty required scopes array
-[MCP-I] Checking tool protection: {
-  tool: 'protectedTool',
-  agentDid: 'did:key:zmock123...',
-  hasDelegation: false
+stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > edge cases > should handle empty required scopes array
+[MCP-I] Checking tool protection: {
+  tool: 'protectedTool',
+  agentDid: 'did:key:zmock123...',
+  hasDelegation: false
 }
 stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > edge cases > should handle empty required scopes array
-[MCP-I] BLOCKED: Tool requires delegation but none provided {
-  tool: 'protectedTool',
-  requiredScopes: [],
-  agentDid: 'did:key:zmock123...',
-  resumeToken: 'resume_hkgqvk_mi9xqkc6',
-  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=&session_id=session123&agent_did=&resume_token=resume_hkgqvk_mi9xqkc6'
-}
-stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > edge cases > should handle multiple required scopes
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > edge cases > should handle multiple required scopes
 [MCP-I] Checking tool protection: {
-[MCP-I] BLOCKED: Tool requires delegation but none provided {
   tool: 'protectedTool',
   agentDid: 'did:key:zmock123...',
+[MCP-I] BLOCKED: Tool requires delegation but none provided {
   hasDelegation: false
-  tool: 'protectedTool',
-  requiredScopes: [ 'scope1', 'scope2', 'scope3' ],
-}
-  agentDid: 'did:key:zmock123...',
-  resumeToken: 'resume_hkgqvk_mi9xqkc6',
-  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=scope1%2Cscope2%2Cscope3&session_id=session123&agent_did=&resume_token=resume_hkgqvk_mi9xqkc6'
 }
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > edge cases > should handle session without id
-stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > edge cases > should handle session without id
-[MCP-I] BLOCKED: Tool requires delegation but none provided {
-[MCP-I] Checking tool protection: {
-  tool: 'protectedTool',
   tool: 'protectedTool',
+  requiredScopes: [],
+[MCP-I] Checking tool protection: {
   agentDid: 'did:key:zmock123...',
-  requiredScopes: [ 'files:write' ],
+  tool: 'protectedTool',
+  resumeToken: 'resume_ubs9lg_mice1397',
   agentDid: 'did:key:zmock123...',
-  resumeToken: 'resume_4ieqgu_mi9xqkc6',
+  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=&session_id=session123&agent_did=&resume_token=resume_ubs9lg_mice1397'
   hasDelegation: false
 }
-  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=files%3Awrite&session_id=&agent_did=&resume_token=resume_4ieqgu_mi9xqkc6'
+stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > edge cases > should handle multiple required scopes
+[MCP-I] BLOCKED: Tool requires delegation but none provided {
 }
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > edge cases > should handle handler errors independently of protection
+  tool: 'protectedTool',
 [MCP-I] Checking tool protection: {
   tool: 'errorTool',
   agentDid: 'did:key:zmock123...',
   hasDelegation: false
+  requiredScopes: [ 'scope1', 'scope2', 'scope3' ],
 }
+  agentDid: 'did:key:zmock123...',
+  resumeToken: 'resume_ubs9h5_mice139c',
+  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=scope1%2Cscope2%2Cscope3&session_id=session123&agent_did=&resume_token=resume_ubs9h5_mice139c'
+}
 stdout | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > edge cases > should handle handler errors independently of protection
 [MCP-I] Tool protection check passed (no delegation required) {
   tool: 'errorTool',
   agentDid: 'did:key:zmock123...',
   reason: 'Tool not configured to require delegation'
 }
- ✓ src/__tests__/integration/full-flow.test.ts (21 tests) 21ms
- ✓ src/__tests__/runtime/tool-protection-enforcement.test.ts (29 tests) 21ms
- ✓ src/delegation/__tests__/vc-issuer.test.ts (21 tests) 77ms
- ✓ src/__tests__/runtime/route-interception.test.ts (21 tests) 32ms
-stderr | src/services/__tests__/proof-verifier.integration.test.ts > ProofVerifier Integration - Real DID Resolution > did:web Resolution (HTTP) > should handle HTTP errors gracefully
-[ProofVerifier] Failed to fetch public key from DID: Error: Failed to resolve did:web:nonexistent-domain-that-does-not-exist-12345.com: fetch failed
-    at Object.resolveDID (/Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/__tests__/proof-verifier.integration.test.ts:143:19)
-    at processTicksAndRejections (node:internal/process/task_queues:103:5)
-    at ProofVerifier.fetchPublicKeyFromDID (/Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/proof-verifier.ts:348:22)
-    at /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/__tests__/proof-verifier.integration.test.ts:252:7
-    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:753:20
-stderr | src/services/__tests__/proof-verifier.integration.test.ts > ProofVerifier Integration - Real DID Resolution > did:web Resolution (HTTP) > should handle HTTP errors gracefully
-[ProofVerifier] Failed to fetch public key from DID: Error: Failed to resolve did:web:nonexistent-domain-that-does-not-exist-12345.com: fetch failed
-    at Object.resolveDID (/Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/__tests__/proof-verifier.integration.test.ts:143:19)
-    at processTicksAndRejections (node:internal/process/task_queues:103:5)
-    at ProofVerifier.fetchPublicKeyFromDID (/Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/proof-verifier.ts:348:22)
-    at /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/__tests__/proof-verifier.integration.test.ts:257:9
-    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:753:20
- ✓ src/services/__tests__/proof-verifier.integration.test.ts (13 tests | 1 skipped) 77ms
- ✓ src/__tests__/cache/tool-protection-cache.test.ts (49 tests) 161ms
-stderr | src/__tests__/identity/user-did-manager.test.ts > UserDidManager > error handling > should handle storage.get errors gracefully
-[UserDidManager] Storage.get failed, generating new DID: Error: Storage error
-    at /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/__tests__/identity/user-did-manager.test.ts:187:67
-    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:157:11
-    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:753:26
-    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1636:20
-    at new Promise (<anonymous>)
-    at runWithTimeout (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1602:10)
-    at runTest (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1309:12)
-    at processTicksAndRejections (node:internal/process/task_queues:103:5)
-    at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
-    at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
-stderr | src/__tests__/identity/user-did-manager.test.ts > UserDidManager > error handling > should handle storage.set errors gracefully
-[UserDidManager] Storage.set failed, continuing with cached DID: Error: Storage error
-    at /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/__tests__/identity/user-did-manager.test.ts:196:67
-    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:157:11
-    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:753:26
-    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1636:20
-    at new Promise (<anonymous>)
-    at runWithTimeout (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1602:10)
-    at runTest (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1309:12)
-    at processTicksAndRejections (node:internal/process/task_queues:103:5)
-    at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
-    at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
-stderr | src/__tests__/identity/user-did-manager.test.ts > UserDidManager > error handling > should handle storage.delete errors gracefully
-[UserDidManager] Storage.delete failed, continuing: Error: Storage error
-    at /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/__tests__/identity/user-did-manager.test.ts:206:70
-    at processTicksAndRejections (node:internal/process/task_queues:103:5)
-    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:753:20
- ✓ src/__tests__/identity/user-did-manager.test.ts (17 tests) 10ms
- ✓ src/services/__tests__/access-control.integration.test.ts (9 tests) 122ms
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - new endpoint format > should fetch from project-scoped endpoint when projectId is available
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 2,
-  protectedTools: [ 'checkout' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project-123',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.600Z'
-}
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - new endpoint format > should handle new endpoint format with toolProtections object
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 2,
-  protectedTools: [ 'protected_tool' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project-123',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.602Z'
-}
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - new endpoint format > should parse oauthProvider from new endpoint format (Phase 2)
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 2,
-  protectedTools: [ 'read_repos', 'send_email' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project-123',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.602Z'
-}
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - new endpoint format > should preserve oauthProvider through cache operations
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 1,
-  protectedTools: [ 'read_repos' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project-123',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.602Z'
-}
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - old endpoint format > should fetch from agent-scoped endpoint when projectId is not available
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 2,
-  protectedTools: [ 'checkout' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.603Z'
-}
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - old endpoint format > should handle old endpoint format with tools array
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 2,
-  protectedTools: [ 'tool1' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.603Z'
-}
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - old endpoint format > should parse oauthProvider from old endpoint format (tools array)
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 2,
-  protectedTools: [ 'read_repos', 'send_email' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.603Z'
-}
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - old endpoint format > should handle old endpoint format with tools object
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 2,
-  protectedTools: [ 'tool1' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.603Z'
-}
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - old endpoint format > should parse oauthProvider from old endpoint format (tools object)
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 2,
-  protectedTools: [ 'read_repos', 'send_email' ],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.603Z'
-}
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - old endpoint format > should skip tools without name in array format
-[ToolProtectionService] Cache miss, fetching from API {
-  source: 'api-fetch-start',
-  cacheKey: 'agent:did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK',
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
-  apiUrl: 'https://kya.vouched.id',
-  endpoint: '/api/v1/bouncer/config?agent_did=did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK'
-}
-[ToolProtectionService] Fetching from API: https://kya.vouched.id/api/v1/bouncer/config?agent_did=did%3Akey%3Az6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK {
-  method: 'config?agent_did (old)',
-  projectId: 'none',
-  apiKeyPresent: true,
-  apiKeyLength: 18,
-  apiKeyMasked: 'test-api...'
-}
- ✓ src/__tests__/runtime/base.test.ts (55 tests) 14ms
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - old endpoint format > should skip tools without name in array format
-[ToolProtectionService] API response received {
-  source: 'api-fetch-complete',
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
-  responseKeys: [ 'success', 'data', 'metadata' ],
-  dataKeys: [ 'tools' ],
-  rawToolProtections: null,
-  rawTools: [
-    { name: 'valid_tool', requiresDelegation: true },
-    { requiresDelegation: false }
-  ],
-  responseMetadata: {}
+stderr | src/__tests__/runtime/tool-protection-enforcement.test.ts > MCPIRuntimeBase - Tool Protection Enforcement > edge cases > should handle session without id
+[MCP-I] BLOCKED: Tool requires delegation but none provided {
+  tool: 'protectedTool',
+  requiredScopes: [ 'files:write' ],
+  agentDid: 'did:key:zmock123...',
+  resumeToken: 'resume_h9q92f_mice139c',
+  consentUrl: 'https://kya.vouched.id/bouncer/consent?tool=protectedTool&scopes=files%3Awrite&session_id=&agent_did=&resume_token=resume_h9q92f_mice139c'
 }
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch - old endpoint format > should skip tools without name in array format
+ ✓ src/delegation/__tests__/vc-verifier.test.ts (35 tests) 84ms
+stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Tool protection enforcement flow > should allow unprotected tool calls
 [ToolProtectionService] Config loaded from API {
   source: 'api',
   toolCount: 1,
-  protectedTools: [ 'valid_tool' ],
+  protectedTools: [],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
+  projectId: 'test-project',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.604Z'
-}
-[ToolProtectionService] API fetch successful, config cached {
-  source: 'cache-write',
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  cacheKey: 'agent:did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK',
-  toolCount: 1,
-  tools: [ { name: 'valid_tool', requiresDelegation: true, scopeCount: 0 } ],
-  ttlMs: 300000,
-  ttlMinutes: 5,
-  expiresAt: '2025-11-22T07:00:54.604Z',
-  expiresIn: '300s'
-}
-stderr | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > API fetch error handling > should handle network errors gracefully
-[ToolProtectionService] API fetch failed, no fallback, failing closed (deny-all) {
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  error: 'ECONNREFUSED',
-  cacheKey: 'agent:did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK'
+  cacheExpiresAt: '2025-11-24T00:12:31.773Z'
 }
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > caching behavior > should cache successful API responses
+stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Tool protection enforcement flow > should intercept protected tool calls without delegation
 [ToolProtectionService] Config loaded from API {
   source: 'api',
   toolCount: 1,
-  protectedTools: [ 'tool1' ],
+  protectedTools: [ 'checkout' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
+  projectId: 'test-project',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.610Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.775Z'
 }
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > caching behavior > should use default cache TTL when not specified
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 0,
-  protectedTools: [],
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
-  cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.610Z'
-}
+stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Tool protection enforcement flow > should intercept protected tool calls without delegation
+stderr | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > AgentShield integration flow > should use fallback config when API fails
+[ToolProtectionService] Protection check {
+[ToolProtectionService] API fetch failed, using fallback config { agentDid: 'did:key:z6MkhaXgBZDv...', error: 'Network error' }
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > caching behavior > should use custom cache TTL when specified
-[ToolProtectionService] Config loaded from API {
-  source: 'api',
-  toolCount: 0,
-  protectedTools: [],
+  tool: 'checkout',
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
-  cacheTtlMs: 600000,
-  cacheExpiresAt: '2025-11-22T07:05:54.611Z'
+  found: true,
+stderr | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Error handling in full flow > should handle tool protection service errors gracefully
+  isWildcard: false,
+  requiresDelegation: true,
+[ToolProtectionService] API fetch failed, no fallback, failing closed (deny-all) {
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  availableTools: [ 'checkout' ]
 }
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > edge cases > should handle empty toolProtections object
+stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > AgentShield integration flow > should fetch tool protection config from AgentShield
+  error: 'Network error',
+  cacheKey: 'config:tool-protections:test-project'
+}
 [ToolProtectionService] Config loaded from API {
   source: 'api',
-  toolCount: 0,
-  protectedTools: [],
+  toolCount: 1,
+  protectedTools: [ 'protected_tool' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
+  projectId: 'test-project',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.611Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.775Z'
 }
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > edge cases > should handle null requiredScopes
+stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > AgentShield integration flow > should cache tool protection config
 [ToolProtectionService] Config loaded from API {
   source: 'api',
   toolCount: 1,
   protectedTools: [ 'tool1' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
+  projectId: 'test-project',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.611Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.776Z'
 }
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > getToolProtectionConfig > edge cases > should handle mixed camelCase and snake_case in response
+stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Cache integration in full flow > should share cache across multiple service instances
 [ToolProtectionService] Config loaded from API {
+stderr | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Error handling in full flow > should handle network timeouts
   source: 'api',
-  toolCount: 2,
+  toolCount: 1,
+[ToolProtectionService] API fetch failed, using fallback config { agentDid: 'did:key:z6MkhaXgBZDv...', error: 'Network timeout' }
   protectedTools: [ 'tool1' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
+  projectId: 'test-project',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.612Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.779Z'
 }
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should return null when tool has no protection
+ ✓ src/__tests__/runtime/tool-protection-enforcement.test.ts (29 tests) 21ms
+stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Cache integration in full flow > should clear cache when needed
 [ToolProtectionService] Config loaded from API {
   source: 'api',
   toolCount: 1,
-  protectedTools: [],
+  protectedTools: [ 'tool1' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
+  projectId: 'test-project',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.613Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.779Z'
 }
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should return null when tool is not in config
+stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Cache integration in full flow > should clear cache when needed
 [ToolProtectionService] Config loaded from API {
   source: 'api',
   toolCount: 1,
-  protectedTools: [ 'other_tool' ],
+  protectedTools: [ 'tool1' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
+  projectId: 'test-project',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.613Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.779Z'
 }
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should return null when tool is not in config
-[ToolProtectionService] Protection check {
-  tool: 'unknown_tool',
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  found: false,
-  isWildcard: true,
-  requiresDelegation: false,
-  availableTools: [ 'other_tool' ]
+stderr | src/services/__tests__/access-control.integration.test.ts > AccessControlApiService Integration > Proof Submission Flow > should submit proof end-to-end
+[AccessControl] 🔍 RAW API RESPONSE (before parsing): {
+  correlationId: 'b9f3bfd5-7493-4d84-9433-945207c1aecf',
+  status: 200,
+  statusText: '',
+  headers: { 'content-type': 'application/json' },
+  responseTextLength: 100,
+  responseTextPreview: '{"success":true,"accepted":1,"rejected":0,"outcomes":{"success":1,"failed":0,"blocked":0,"error":0}}',
+  fullResponseText: '{"success":true,"accepted":1,"rejected":0,"outcomes":{"success":1,"failed":0,"blocked":0,"error":0}}'
+}
+[AccessControl] 🔍 PARSED RESPONSE DATA: {
+  correlationId: 'b9f3bfd5-7493-4d84-9433-945207c1aecf',
+  status: 200,
+  responseDataType: 'object',
+  responseDataKeys: [ 'success', 'accepted', 'rejected', 'outcomes' ],
+  responseData: '{\n' +
+    '  "success": true,\n' +
+    '  "accepted": 1,\n' +
+    '  "rejected": 0,\n' +
+    '  "outcomes": {\n' +
+    '    "success": 1,\n' +
+    '    "failed": 0,\n' +
+    '    "blocked": 0,\n' +
+    '    "error": 0\n' +
+    '  }\n' +
+    '}'
+}
+[AccessControl] Raw response received: {
+  "success": true,
+  "accepted": 1,
+  "rejected": 0,
+  "outcomes": {
+    "success": 1,
+    "failed": 0,
+    "blocked": 0,
+    "error": 0
+  }
 }
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should return wildcard protection when tool not found and wildcard exists
+stderr | src/services/__tests__/access-control.integration.test.ts > AccessControlApiService Integration > Proof Submission Flow > should handle proof submission with errors
+[AccessControl] 🔍 RAW API RESPONSE (before parsing): {
+  correlationId: '427b30ad-3c1c-4298-b6f8-ca91bc973942',
+  status: 200,
+  statusText: '',
+  headers: { 'content-type': 'application/json' },
+  responseTextLength: 200,
+  responseTextPreview: '{"success":true,"accepted":0,"rejected":1,"outcomes":{"success":0,"failed":1,"blocked":0,"error":0},"errors":[{"proof_index":0,"error":{"code":"invalid_signature","message":"Invalid JWS signature"}}]}',
+  fullResponseText: '{"success":true,"accepted":0,"rejected":1,"outcomes":{"success":0,"failed":1,"blocked":0,"error":0},"errors":[{"proof_index":0,"error":{"code":"invalid_signature","message":"Invalid JWS signature"}}]}'
+}
+[AccessControl] 🔍 PARSED RESPONSE DATA: {
+  correlationId: '427b30ad-3c1c-4298-b6f8-ca91bc973942',
+  status: 200,
+  responseDataType: 'object',
+  responseDataKeys: [ 'success', 'accepted', 'rejected', 'outcomes', 'errors' ],
+  responseData: '{\n' +
+    '  "success": true,\n' +
+    '  "accepted": 0,\n' +
+    '  "rejected": 1,\n' +
+    '  "outcomes": {\n' +
+    '    "success": 0,\n' +
+    '    "failed": 1,\n' +
+    '    "blocked": 0,\n' +
+    '    "error": 0\n' +
+    '  },\n' +
+    '  "errors": [\n' +
+    '    {\n' +
+    '      "proof_index": 0,\n' +
+    '      "error": {\n' +
+    '        "code": "invalid_signature",\n' +
+    '        "message": "Invalid JWS signature"\n' +
+    '      }\n' +
+    '    }\n' +
+    '  ]\n' +
+    '}'
+}
+[AccessControl] Raw response received: {
+  "success": true,
+  "accepted": 0,
+  "rejected": 1,
+  "outcomes": {
+    "success": 0,
+    "failed": 1,
+    "blocked": 0,
+    "error": 0
+  },
+  "errors": [
+    {
+      "proof_index": 0,
+      "error": {
+        "code": "invalid_signature",
+        "message": "Invalid JWS signature"
+      }
+    }
+  ]
+}
+stderr | src/services/__tests__/access-control.integration.test.ts > AccessControlApiService Integration > Proof Verification Flow > should verify proof using ProofVerifier
+[CryptoService] Key ID mismatch
+stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Real-world e-commerce scenario > should handle complete e-commerce flow with tool protection
 [ToolProtectionService] Config loaded from API {
   source: 'api',
-  toolCount: 2,
-  protectedTools: [ '*' ],
+  toolCount: 3,
+  protectedTools: [ 'add_to_cart', 'checkout' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
+  projectId: 'test-project',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.614Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.779Z'
 }
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should return wildcard protection when tool not found and wildcard exists
+stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Real-world e-commerce scenario > should handle complete e-commerce flow with tool protection
 [ToolProtectionService] Protection check {
-  tool: 'unknown_tool',
+  tool: 'add_to_cart',
   agentDid: 'did:key:z6MkhaXgBZDv...',
   found: true,
-  isWildcard: true,
+  isWildcard: false,
   requiresDelegation: true,
-  availableTools: [ '*', 'specific_tool' ]
+  availableTools: [ 'search_products', 'add_to_cart', 'checkout' ]
 }
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should prioritize specific tool protection over wildcard
+stdout | src/__tests__/integration/full-flow.test.ts > Full Flow Integration > Concurrent operations > should handle concurrent cache operations
 [ToolProtectionService] Config loaded from API {
   source: 'api',
-  toolCount: 2,
-  protectedTools: [ '*' ],
+  toolCount: 1,
+  protectedTools: [ 'tool1' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
+  projectId: 'test-project',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.780Z'
+}
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 1,
+  protectedTools: [ 'tool1' ],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'test-project',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:31.780Z'
+}
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 1,
+  protectedTools: [ 'tool1' ],
+  agentDid: 'did:key:z6MkhaXgBZDv...',
+  projectId: 'test-project',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.614Z'
+  cacheExpiresAt: '2025-11-24T00:12:31.780Z'
 }
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should use wildcard protection in fail-safe deny-all mode
-[ToolProtectionService] Protection check {
-  tool: 'any_tool',
-stderr | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should use wildcard protection in fail-safe deny-all mode
-[ToolProtectionService] API fetch failed, no fallback, failing closed (deny-all) {
+ ✓ src/__tests__/integration/full-flow.test.ts (21 tests) 12ms
+ ✓ src/__tests__/runtime/base.test.ts (55 tests) 13ms
+stderr | src/services/__tests__/proof-verifier.integration.test.ts > ProofVerifier Integration - Real DID Resolution > did:web Resolution (HTTP) > should handle HTTP errors gracefully
+[ProofVerifier] Failed to fetch public key from DID: Error: Failed to resolve did:web:nonexistent-domain-that-does-not-exist-12345.com: fetch failed
+    at Object.resolveDID (/Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/__tests__/proof-verifier.integration.test.ts:143:19)
+    at processTicksAndRejections (node:internal/process/task_queues:103:5)
+    at ProofVerifier.fetchPublicKeyFromDID (/Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/proof-verifier.ts:348:22)
+    at /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/__tests__/proof-verifier.integration.test.ts:252:7
+    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:753:20
+stderr | src/services/__tests__/proof-verifier.integration.test.ts > ProofVerifier Integration - Real DID Resolution > did:web Resolution (HTTP) > should handle HTTP errors gracefully
+[ProofVerifier] Failed to fetch public key from DID: Error: Failed to resolve did:web:nonexistent-domain-that-does-not-exist-12345.com: fetch failed
+    at Object.resolveDID (/Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/__tests__/proof-verifier.integration.test.ts:143:19)
+    at processTicksAndRejections (node:internal/process/task_queues:103:5)
+    at ProofVerifier.fetchPublicKeyFromDID (/Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/proof-verifier.ts:348:22)
+    at /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/__tests__/proof-verifier.integration.test.ts:257:9
+    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:753:20
+ ✓ src/__tests__/runtime/base-extensions.test.ts (38 tests) 10ms
+ ✓ src/services/__tests__/proof-verifier.integration.test.ts (13 tests | 1 skipped) 53ms
+ ✓ src/__tests__/runtime/route-interception.test.ts (21 tests) 25ms
+ ✓ src/delegation/__tests__/vc-issuer.test.ts (21 tests) 94ms
+ ✓ src/__tests__/cache/tool-protection-cache.test.ts (49 tests) 166ms
+ ✓ src/services/__tests__/access-control.integration.test.ts (9 tests) 126ms
+stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Caching Integration > should respect cache TTL
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+stderr | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Real-world Scenarios > should handle API rate limiting gracefully
+  toolCount: 0,
+[ToolProtectionService] API fetch failed, using fallback config {
+  protectedTools: [],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  error: 'Network error',
+  projectId: 'test-project-123',
+  cacheTtlMs: 1000,
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  cacheKey: 'agent:did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK'
-  found: true,
-  isWildcard: true,
-  requiresDelegation: true,
-  availableTools: [ '*' ]
+  cacheExpiresAt: '2025-11-24T00:07:33.793Z'
+  error: 'Failed to fetch bouncer config: 429 Too Many Requests - Rate limit exceeded'
 }
 }
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should return protection config when tool requires delegation
+stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Real-world Scenarios > should handle typical e-commerce tool protection config
 [ToolProtectionService] Config loaded from API {
   source: 'api',
-  toolCount: 1,
-  protectedTools: [ 'protected_tool' ],
+  toolCount: 4,
+  protectedTools: [ 'add_to_cart', 'checkout' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
+  projectId: 'test-project-123',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.614Z'
+  cacheExpiresAt: '2025-11-24T00:12:32.794Z'
 }
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > checkToolProtection > should return protection config when tool requires delegation
-[ToolProtectionService] Protection check {
-  tool: 'protected_tool',
+stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Real-world Scenarios > should handle concurrent requests
+[ToolProtectionService] Config loaded from API {
+  source: 'api',
+  toolCount: 1,
+  protectedTools: [ 'tool1' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  found: true,
-  isWildcard: false,
-  requiresDelegation: true,
-  availableTools: [ 'protected_tool' ]
+  projectId: 'test-project-123',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:32.795Z'
 }
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > integration with NoOpToolProtectionCache > should work with NoOpToolProtectionCache
 [ToolProtectionService] Config loaded from API {
   source: 'api',
   toolCount: 1,
   protectedTools: [ 'tool1' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
+  projectId: 'test-project-123',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.615Z'
+  cacheExpiresAt: '2025-11-24T00:12:32.795Z'
 }
-stdout | src/__tests__/services/tool-protection.service.test.ts > ToolProtectionService > integration with NoOpToolProtectionCache > should work with NoOpToolProtectionCache
 [ToolProtectionService] Config loaded from API {
   source: 'api',
   toolCount: 1,
   protectedTools: [ 'tool1' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'none',
+  projectId: 'test-project-123',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.615Z'
+  cacheExpiresAt: '2025-11-24T00:12:32.795Z'
 }
- ✓ src/__tests__/services/tool-protection.service.test.ts (49 tests) 21ms
+ ✓ src/__tests__/services/agentshield-integration.test.ts (30 tests) 1119ms
+       ✓ should respect cache TTL  1102ms
+stderr | src/config/__tests__/remote-config.spec.ts > fetchRemoteConfig > Error handling > should return null if API request fails
+[RemoteConfig] API returned 404: Not Found
+stderr | src/config/__tests__/remote-config.spec.ts > fetchRemoteConfig > Error handling > should return null if API throws error
+[RemoteConfig] Failed to fetch config: Error: Network error
+    at /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/config/__tests__/remote-config.spec.ts:170:35
+    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:157:11
+    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:753:26
+    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1636:20
+    at new Promise (<anonymous>)
+    at runWithTimeout (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1602:10)
+    at runTest (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1309:12)
+    at processTicksAndRejections (node:internal/process/task_queues:103:5)
+    at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
+    at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
+stderr | src/config/__tests__/remote-config.spec.ts > fetchRemoteConfig > Error handling > should return null if neither projectId nor agentDid provided
+[RemoteConfig] Neither projectId nor agentDid provided
+stderr | src/config/__tests__/remote-config.spec.ts > fetchRemoteConfig > Error handling > should handle cache read errors gracefully
+[RemoteConfig] Cache read failed: Error: Cache error
+    at /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/config/__tests__/remote-config.spec.ts:198:50
+    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:157:11
+    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:753:26
+    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1636:20
+    at new Promise (<anonymous>)
+    at runWithTimeout (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1602:10)
+    at runTest (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1309:12)
+    at processTicksAndRejections (node:internal/process/task_queues:103:5)
+    at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
+    at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
+ ✓ src/config/__tests__/remote-config.spec.ts (9 tests) 5ms
+stderr | src/services/__tests__/storage.service.test.ts > StorageService > createStorageProviders > should prefer Redis over KV when both are configured
+[StorageService] Failed to connect to Redis, falling back to memory: Redis package not available
 stderr | src/services/__tests__/crypto.service.test.ts > CryptoService > verifyEd25519 > should return false on verification error
 [CryptoService] Ed25519 verification error: Error: Verification failed
     at /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/__tests__/crypto.service.test.ts:62:9
@@ -1982,7 +1954,6 @@ stderr | src/services/__tests__/crypto.service.test.ts > CryptoService > verifyJ
 stderr | src/services/__tests__/crypto.service.test.ts > CryptoService > verifyJWS > should handle malformed JWS - invalid JSON header
 [CryptoService] Invalid JWS format: Error: Invalid header base64: Unexpected token 'o', "notjson" is not valid JSON
- ✓ src/delegation/__tests__/bitstring.test.ts (30 tests) 5ms
     at CryptoService.parseJWS (/Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/crypto.service.ts:91:13)
     at CryptoService.verifyJWS (/Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/crypto.service.ts:169:23)
     at /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/__tests__/crypto.service.test.ts:316:42
@@ -2039,22 +2010,16 @@ stderr | src/services/__tests__/crypto.service.test.ts > CryptoService > verifyJ
     at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
     at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
- ✓ src/services/__tests__/crypto.service.test.ts (34 tests) 11ms
-stderr | src/services/__tests__/proof-verifier.test.ts > ProofVerifier Security > Signature Verification > should handle signature verification errors gracefully
-[CryptoService] Ed25519 verification error: Error: Crypto error
-    at /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/__tests__/proof-verifier.test.ts:328:9
-    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:157:11
-    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:753:26
-    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1636:20
-    at new Promise (<anonymous>)
-    at runWithTimeout (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1602:10)
-    at runTest (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1309:12)
-    at processTicksAndRejections (node:internal/process/task_queues:103:5)
-    at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
-    at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
+ ✓ src/services/__tests__/crypto.service.test.ts (34 tests) 17ms
+stderr | src/services/__tests__/storage.service.test.ts > StorageService > createStorageProviders > should prefer Redis over KV when both are configured
+[StorageService] Failed to initialize KV, falling back to memory: Failed to import Cloudflare storage providers: Cannot find package '@kya-os/mcp-i-cloudflare/providers/storage' imported from '/Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/storage.service.ts'
+stderr | src/services/__tests__/storage.service.test.ts > StorageService > createStorageProviders > should fall back to memory when Redis connection fails
+[StorageService] Failed to connect to Redis, falling back to memory: Redis package not available
+stderr | src/services/__tests__/storage.service.test.ts > StorageService > createStorageProviders > should use KV namespace when provided
+[StorageService] Failed to initialize KV, falling back to memory: Failed to import Cloudflare storage providers: Cannot find package '@kya-os/mcp-i-cloudflare/providers/storage' imported from '/Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/storage.service.ts'
- ✓ src/services/__tests__/proof-verifier.test.ts (21 tests) 15ms
- ✓ src/__tests__/providers/memory.test.ts (34 tests) 13ms
 stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolProtectionService - oauthProvider Parsing > New endpoint format (toolProtections object) > should parse oauthProvider from camelCase field
 [ToolProtectionService] Config loaded from API {
   source: 'api',
@@ -2063,7 +2028,7 @@ stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolPro
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'test-project-123',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.666Z'
+  cacheExpiresAt: '2025-11-24T00:12:33.003Z'
 }
 stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolProtectionService - oauthProvider Parsing > New endpoint format (toolProtections object) > should parse oauthProvider from snake_case field
@@ -2074,7 +2039,7 @@ stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolPro
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'test-project-123',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.671Z'
+  cacheExpiresAt: '2025-11-24T00:12:33.009Z'
 }
 stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolProtectionService - oauthProvider Parsing > New endpoint format (toolProtections object) > should prefer camelCase over snake_case when both present
@@ -2085,7 +2050,7 @@ stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolPro
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'test-project-123',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.672Z'
+  cacheExpiresAt: '2025-11-24T00:12:33.010Z'
 }
 stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolProtectionService - oauthProvider Parsing > New endpoint format (toolProtections object) > should handle missing oauthProvider field (backward compatible)
@@ -2096,7 +2061,7 @@ stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolPro
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'test-project-123',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.672Z'
+  cacheExpiresAt: '2025-11-24T00:12:33.010Z'
 }
 stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolProtectionService - oauthProvider Parsing > Old endpoint format (tools array) > should parse oauthProvider from array format with camelCase
@@ -2107,7 +2072,7 @@ stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolPro
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.672Z'
+  cacheExpiresAt: '2025-11-24T00:12:33.011Z'
 }
 stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolProtectionService - oauthProvider Parsing > Old endpoint format (tools array) > should parse oauthProvider from array format with snake_case
@@ -2118,7 +2083,7 @@ stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolPro
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.673Z'
+  cacheExpiresAt: '2025-11-24T00:12:33.011Z'
 }
 stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolProtectionService - oauthProvider Parsing > Old endpoint format (tools array) > should prefer camelCase over snake_case in array format
@@ -2129,7 +2094,7 @@ stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolPro
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.673Z'
+  cacheExpiresAt: '2025-11-24T00:12:33.011Z'
 }
 stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolProtectionService - oauthProvider Parsing > Old endpoint format (tools object) > should parse oauthProvider from object format with camelCase
@@ -2140,7 +2105,7 @@ stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolPro
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.673Z'
+  cacheExpiresAt: '2025-11-24T00:12:33.011Z'
 }
 stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolProtectionService - oauthProvider Parsing > Old endpoint format (tools object) > should parse oauthProvider from object format with snake_case
@@ -2151,7 +2116,7 @@ stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolPro
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.673Z'
+  cacheExpiresAt: '2025-11-24T00:12:33.011Z'
 }
 stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolProtectionService - oauthProvider Parsing > Old endpoint format (tools object) > should prefer camelCase over snake_case in object format
@@ -2162,7 +2127,7 @@ stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolPro
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.673Z'
+  cacheExpiresAt: '2025-11-24T00:12:33.012Z'
 }
 stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolProtectionService - oauthProvider Parsing > Caching > should cache oauthProvider field correctly
@@ -2173,7 +2138,7 @@ stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolPro
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'test-project-123',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.673Z'
+  cacheExpiresAt: '2025-11-24T00:12:33.012Z'
 }
 stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolProtectionService - oauthProvider Parsing > oauthProvider field inclusion > should include oauthProvider in returned ToolProtection objects when present
@@ -2184,7 +2149,7 @@ stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolPro
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'test-project-123',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.674Z'
+  cacheExpiresAt: '2025-11-24T00:12:33.013Z'
 }
 stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolProtectionService - oauthProvider Parsing > oauthProvider field inclusion > should handle empty string oauthProvider gracefully
@@ -2195,103 +2160,85 @@ stdout | src/__tests__/services/tool-protection-oauth-provider.test.ts > ToolPro
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'test-project-123',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:54.674Z'
+  cacheExpiresAt: '2025-11-24T00:12:33.013Z'
 }
- ✓ src/__tests__/services/tool-protection-oauth-provider.test.ts (14 tests) 9ms
- ✓ src/delegation/__tests__/delegation-graph.test.ts (28 tests) 9ms
- ✓ src/delegation/__tests__/cascading-revocation.test.ts (23 tests) 7ms
- ✓ src/delegation/storage/__tests__/memory-graph-storage.test.ts (27 tests) 4ms
+ ✓ src/__tests__/services/tool-protection-oauth-provider.test.ts (14 tests) 11ms
+ ✓ src/__tests__/runtime/delegation-flow.test.ts (4 tests) 4ms
+ ✓ src/delegation/__tests__/delegation-graph.test.ts (28 tests) 35ms
+ ✓ src/compliance/__tests__/schema-verifier.test.ts (30 tests) 43ms
+ ✓ src/services/__tests__/storage.service.test.ts (17 tests) 81ms
+stderr | src/__tests__/identity/user-did-manager.test.ts > UserDidManager > error handling > should handle storage.get errors gracefully
+[UserDidManager] Storage.get failed, generating new DID: Error: Storage error
+    at /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/__tests__/identity/user-did-manager.test.ts:187:67
+    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:157:11
+    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:753:26
+    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1636:20
+    at new Promise (<anonymous>)
+    at runWithTimeout (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1602:10)
+    at runTest (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1309:12)
+    at processTicksAndRejections (node:internal/process/task_queues:103:5)
+    at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
+    at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
+stderr | src/__tests__/identity/user-did-manager.test.ts > UserDidManager > error handling > should handle storage.set errors gracefully
+[UserDidManager] Storage.set failed, continuing with cached DID: Error: Storage error
+    at /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/__tests__/identity/user-did-manager.test.ts:196:67
+    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:157:11
+    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:753:26
+    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1636:20
+    at new Promise (<anonymous>)
+    at runWithTimeout (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1602:10)
+    at runTest (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1309:12)
+    at processTicksAndRejections (node:internal/process/task_queues:103:5)
+    at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
+    at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
+stderr | src/__tests__/identity/user-did-manager.test.ts > UserDidManager > error handling > should handle storage.delete errors gracefully
+[UserDidManager] Storage.delete failed, continuing: Error: Storage error
+    at /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/__tests__/identity/user-did-manager.test.ts:206:70
+    at processTicksAndRejections (node:internal/process/task_queues:103:5)
+    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:753:20
+ ✓ src/__tests__/identity/user-did-manager.test.ts (17 tests) 6ms
+ ✓ src/__tests__/providers/memory.test.ts (34 tests) 42ms
 stdout | src/__tests__/integration.test.ts > Integration Tests > Full handshake and tool execution flow > should complete full authentication and tool execution cycle
-[AUDIT] {"event":"runtime_initialized","data":{"did":"did:key:zeqxrq_Zh-Oegc6fQD_kt1M9ErLXRWDI6","environment":"development","userDidGeneration":"disabled"},"timestamp":1763794554785,"timestampFormatted":"2025-11-22T06:55:54.785Z"}
+[AUDIT] {"event":"runtime_initialized","data":{"did":"did:key:zgawzmezJZQ6wgeXt7HYTSNpnhRFYVBOF","environment":"development","userDidGeneration":"disabled"},"timestamp":1763942853304,"timestampFormatted":"2025-11-24T00:07:33.304Z"}
 stdout | src/__tests__/integration.test.ts > Integration Tests > Full handshake and tool execution flow > should complete full authentication and tool execution cycle
-[AUDIT] {"event":"tool_executed","data":{"tool":"greetingTool","sessionId":"c530c14265ef07e0c752bc47783137c9","timestamp":1763794554785},"timestamp":1763794554785,"timestampFormatted":"2025-11-22T06:55:54.785Z"}
+[AUDIT] {"event":"tool_executed","data":{"tool":"greetingTool","sessionId":"fc3e2ac26e26d1afcf44f37e8734cc77","timestamp":1763942853304},"timestamp":1763942853304,"timestampFormatted":"2025-11-24T00:07:33.304Z"}
- ✓ src/__tests__/runtime/proof-client-did.test.ts (17 tests) 7ms
 stdout | src/__tests__/integration.test.ts > Integration Tests > Session expiry handling > should handle expired sessions correctly
-[AUDIT] {"event":"runtime_initialized","data":{"did":"did:key:zxzn59vlikLFcjp4Ms1ky9NT58tfd_Nga","environment":"development","userDidGeneration":"disabled"},"timestamp":1763794554790,"timestampFormatted":"2025-11-22T06:55:54.790Z"}
+[AUDIT] {"event":"runtime_initialized","data":{"did":"did:key:ze9fflR5vjBAYUnZX928lRvPuRcxjSk-z","environment":"development","userDidGeneration":"disabled"},"timestamp":1763942853307,"timestampFormatted":"2025-11-24T00:07:33.307Z"}
 stdout | src/__tests__/integration.test.ts > Integration Tests > Key rotation flow > should handle key rotation and maintain functionality
-[AUDIT] {"event":"runtime_initialized","data":{"did":"did:key:zCwsCghSNSMbm1LFk7gdrOt_2A4wnZKDX","environment":"development","userDidGeneration":"disabled"},"timestamp":1763794554790,"timestampFormatted":"2025-11-22T06:55:54.790Z"}
+[AUDIT] {"event":"runtime_initialized","data":{"did":"did:key:z3ZDZtNttwmtt7ELJWFCeIzqlL8nzjMcH","environment":"development","userDidGeneration":"disabled"},"timestamp":1763942853307,"timestampFormatted":"2025-11-24T00:07:33.307Z"}
 stdout | src/__tests__/integration.test.ts > Integration Tests > Key rotation flow > should handle key rotation and maintain functionality
-[AUDIT] {"event":"keys_rotated","data":{"oldDid":"did:key:zCwsCghSNSMbm1LFk7gdrOt_2A4wnZKDX","newDid":"did:key:za1bflbxqV3z4fePIgP0pDA9sPJwT-c-2","timestamp":1763794554790},"timestamp":1763794554790,"timestampFormatted":"2025-11-22T06:55:54.790Z"}
+[AUDIT] {"event":"keys_rotated","data":{"oldDid":"did:key:z3ZDZtNttwmtt7ELJWFCeIzqlL8nzjMcH","newDid":"did:key:z4J4RwFFWLeP9-gRswfbNpWtnaEVMBQwt","timestamp":1763942853307},"timestamp":1763942853307,"timestampFormatted":"2025-11-24T00:07:33.307Z"}
 stdout | src/__tests__/integration.test.ts > Integration Tests > Well-known endpoints > should provide identity discovery endpoints
-[AUDIT] {"event":"runtime_initialized","data":{"did":"did:key:zMX2zYkeub9P4A0KJFcf2Ub6CkG5Zm7Qx","environment":"development","userDidGeneration":"disabled"},"timestamp":1763794554790,"timestampFormatted":"2025-11-22T06:55:54.790Z"}
+[AUDIT] {"event":"runtime_initialized","data":{"did":"did:key:z7vYoHwFRIEPr3gdS3vF692iZw-bYe9fH","environment":"development","userDidGeneration":"disabled"},"timestamp":1763942853308,"timestampFormatted":"2025-11-24T00:07:33.308Z"}
 stdout | src/__tests__/integration.test.ts > Integration Tests > Nonce replay protection > should prevent nonce reuse
-[AUDIT] {"event":"runtime_initialized","data":{"did":"did:key:zJVjnn3r9EqEgOzvAdoqVWPqXoWwW6fb1","environment":"development","userDidGeneration":"disabled"},"timestamp":1763794554791,"timestampFormatted":"2025-11-22T06:55:54.791Z"}
+[AUDIT] {"event":"runtime_initialized","data":{"did":"did:key:zO7YtLrN6P77XvtYcNzcZ1tbn2VrCV7Xo","environment":"development","userDidGeneration":"disabled"},"timestamp":1763942853308,"timestampFormatted":"2025-11-24T00:07:33.308Z"}
 stdout | src/__tests__/integration.test.ts > Integration Tests > Error handling > should handle network errors gracefully
-[AUDIT] {"event":"runtime_initialized","data":{"did":"did:key:z8CR_h7UfAeM44qxgD7oaWnVXpThED5o2","environment":"development","userDidGeneration":"disabled"},"timestamp":1763794554791,"timestampFormatted":"2025-11-22T06:55:54.791Z"}
+[AUDIT] {"event":"runtime_initialized","data":{"did":"did:key:zH8ooTd1wnDFYDUQAbOaeDNDv7VzURDE7","environment":"development","userDidGeneration":"disabled"},"timestamp":1763942853308,"timestampFormatted":"2025-11-24T00:07:33.308Z"}
 stdout | src/__tests__/integration.test.ts > Integration Tests > Error handling > should handle malformed DID documents
-[AUDIT] {"event":"runtime_initialized","data":{"did":"did:key:zKEZjNv2uz55rsGbJ2-sGcSuqChtFX-tL","environment":"development","userDidGeneration":"disabled"},"timestamp":1763794554791,"timestampFormatted":"2025-11-22T06:55:54.791Z"}
+[AUDIT] {"event":"runtime_initialized","data":{"did":"did:key:zb5ziS5X4pWwyrngBvH0HMSjeDlBIMCzK","environment":"development","userDidGeneration":"disabled"},"timestamp":1763942853308,"timestampFormatted":"2025-11-24T00:07:33.308Z"}
 stdout | src/__tests__/integration.test.ts > Integration Tests > Debug endpoint > should provide debug information in development
-[AUDIT] {"event":"runtime_initialized","data":{"did":"did:key:z833pBdL_6KZzuMEWAYx92Y1mpe9aQ7ef","environment":"development","userDidGeneration":"disabled"},"timestamp":1763794554791,"timestampFormatted":"2025-11-22T06:55:54.791Z"}
+[AUDIT] {"event":"runtime_initialized","data":{"did":"did:key:z_K5ogsrvWrR3jcXVCAqoUe8Mg7YJabC8","environment":"development","userDidGeneration":"disabled"},"timestamp":1763942853309,"timestampFormatted":"2025-11-24T00:07:33.309Z"}
 stdout | src/__tests__/integration.test.ts > Integration Tests > Debug endpoint > should be disabled in production
-[AUDIT] {"event":"runtime_initialized","data":{"did":"did:key:zJDzMR3c5sqTz2BmfkXQNIpD9RhDLr5td","environment":"development","userDidGeneration":"disabled"},"timestamp":1763794554792,"timestampFormatted":"2025-11-22T06:55:54.792Z"}
-stderr | src/config/__tests__/remote-config.spec.ts > fetchRemoteConfig > Error handling > should return null if API request fails
-[RemoteConfig] API returned 404: Not Found
-stderr | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Scope inference edge cases (Priority 2) > should handle empty scopes array
-stdout | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Scope inference edge cases (Priority 2) > should verify gmail → google mapping works
-[ProviderResolver] Inferred provider "google" from scopes
-[ProviderResolver] Tool does not specify oauthProvider. Using first configured provider "github" as fallback. This is deprecated - configure oauthProvider in AgentShield dashboard for Phase 2+.
-stdout | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Scope inference edge cases (Priority 2) > should verify calendar → google mapping works
-[ProviderResolver] Inferred provider "google" from scopes
-stderr | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Scope inference edge cases (Priority 2) > should handle ambiguous scopes (multiple providers inferred)
-stdout | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Scope inference edge cases (Priority 2) > should verify outlook → microsoft mapping works
-[ProviderResolver] Tool does not specify oauthProvider. Using first configured provider "github" as fallback. This is deprecated - configure oauthProvider in AgentShield dashboard for Phase 2+.
-[ProviderResolver] Inferred provider "microsoft" from scopes
-stdout | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Provider name case sensitivity > should handle provider names case-insensitively in inference
-[ProviderResolver] Inferred provider "github" from scopes
-stdout | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Multiple scopes with same provider > should handle multiple scopes from same provider
-stderr | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Scope inference edge cases (Priority 2) > should handle unknown scope prefixes
-[ProviderResolver] Tool does not specify oauthProvider. Using first configured provider "github" as fallback. This is deprecated - configure oauthProvider in AgentShield dashboard for Phase 2+.
-[ProviderResolver] Inferred provider "github" from scopes
-stderr | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Scope inference edge cases (Priority 2) > should handle scopes without colons
-[ProviderResolver] Tool does not specify oauthProvider. Using first configured provider "github" as fallback. This is deprecated - configure oauthProvider in AgentShield dashboard for Phase 2+.
-stderr | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Scope inference edge cases (Priority 2) > should handle inferred provider not in registry
-[ProviderResolver] Tool does not specify oauthProvider. Using first configured provider "google" as fallback. This is deprecated - configure oauthProvider in AgentShield dashboard for Phase 2+.
-stderr | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Fallback behavior (Priority 3) > should use first configured provider when oauthProvider not specified
-[ProviderResolver] Tool does not specify oauthProvider. Using first configured provider "github" as fallback. This is deprecated - configure oauthProvider in AgentShield dashboard for Phase 2+.
-stderr | src/config/__tests__/remote-config.spec.ts > fetchRemoteConfig > Error handling > should return null if API throws error
- ✓ src/__tests__/integration.test.ts (9 tests) 8ms
-[RemoteConfig] Failed to fetch config: Error: Network error
-    at /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/config/__tests__/remote-config.spec.ts:170:35
-    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:157:11
-    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:753:26
-    at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1636:20
-    at new Promise (<anonymous>)
-    at runWithTimeout (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1602:10)
-    at runTest (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1309:12)
-    at processTicksAndRejections (node:internal/process/task_queues:103:5)
-    at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
-    at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
-stderr | src/config/__tests__/remote-config.spec.ts > fetchRemoteConfig > Error handling > should return null if neither projectId nor agentDid provided
-[RemoteConfig] Neither projectId nor agentDid provided
+[AUDIT] {"event":"runtime_initialized","data":{"did":"did:key:zzYWh9Bo-lzescoRstmmSjQCiMfkE4hlh","environment":"development","userDidGeneration":"disabled"},"timestamp":1763942853309,"timestampFormatted":"2025-11-24T00:07:33.309Z"}
-stderr | src/config/__tests__/remote-config.spec.ts > fetchRemoteConfig > Error handling > should handle cache read errors gracefully
-[RemoteConfig] Cache read failed: Error: Cache error
-    at /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/config/__tests__/remote-config.spec.ts:198:50
+ ✓ src/__tests__/integration.test.ts (9 tests) 6ms
+stderr | src/services/__tests__/proof-verifier.test.ts > ProofVerifier Security > Signature Verification > should handle signature verification errors gracefully
+[CryptoService] Ed25519 verification error: Error: Crypto error
+    at /Users/dylanhobbs/Documents/@kya-os/xmcp-i/packages/mcp-i-core/src/services/__tests__/proof-verifier.test.ts:328:9
     at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:157:11
     at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:753:26
     at file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1636:20
@@ -2302,97 +2249,132 @@ stderr | src/config/__tests__/remote-config.spec.ts > fetchRemoteConfig > Error
     at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
     at runSuite (file:///Users/dylanhobbs/Documents/@kya-os/xmcp-i/node_modules/.pnpm/@vitest+runner@4.0.5/node_modules/@vitest/runner/dist/index.js:1468:8)
- ✓ src/__tests__/services/provider-resolver-edge-cases.test.ts (19 tests | 1 skipped) 6ms
- ✓ src/config/__tests__/remote-config.spec.ts (9 tests) 5ms
- ✓ src/__tests__/providers/base.test.ts (14 tests) 7ms
- ✓ src/services/__tests__/oauth-provider-registry.test.ts (9 tests) 3ms
- ✓ src/compliance/__tests__/schema-verifier.test.ts (30 tests) 4ms
- ✓ src/__tests__/runtime/delegation-flow.test.ts (4 tests) 8ms
-stdout | src/services/__tests__/provider-resolver.test.ts > ProviderResolver > resolveProvider - Priority 2: Scope inference > should infer provider from github scope prefix
-[ProviderResolver] Inferred provider "github" from scopes
-stderr | src/services/__tests__/provider-resolver.test.ts > ProviderResolver > resolveProvider - Priority 2: Scope inference > should return null for ambiguous scopes
-stdout | src/services/__tests__/provider-resolver.test.ts > ProviderResolver > resolveProvider - Priority 2: Scope inference > should infer provider from gmail scope prefix (maps to google)
-[ProviderResolver] Inferred provider "google" from scopes
-[ProviderResolver] Tool does not specify oauthProvider. Using first configured provider "github" as fallback. This is deprecated - configure oauthProvider in AgentShield dashboard for Phase 2+.
- ✓ src/services/__tests__/provider-resolver.test.ts (8 tests) 6ms
-stderr | src/services/__tests__/provider-resolution.integration.test.ts > Provider Resolution Integration > Backward compatibility > should work with Phase 1 tools (no oauthProvider field)
-[ProviderResolver] Tool does not specify oauthProvider. Using first configured provider "github" as fallback. This is deprecated - configure oauthProvider in AgentShield dashboard for Phase 2+.
- ✓ src/services/__tests__/provider-resolution.integration.test.ts (6 tests) 5ms
- ✓ src/delegation/__tests__/utils.test.ts (28 tests) 3ms
- ✓ src/services/__tests__/batch-delegation.service.test.ts (11 tests) 5ms
- ✓ src/__tests__/runtime/audit-logger.test.ts (9 tests) 2ms
- ✓ src/utils/__tests__/did-helpers.test.ts (11 tests) 2ms
- ✓ src/__tests__/config/provider-runtime-config.test.ts (9 tests) 2ms
- ✓ src/delegation/storage/__tests__/memory-statuslist-storage.test.ts (14 tests) 3ms
- ✓ src/delegation/__tests__/audience-validator.test.ts (5 tests) 1ms
- ↓ src/__tests__/delegation-e2e.test.ts (14 tests | 14 skipped)
- ✓ src/__tests__/index.test.ts (4 tests) 2ms
-stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Caching Integration > should respect cache TTL
+ ✓ src/services/__tests__/proof-verifier.test.ts (21 tests) 13ms
+ ✓ src/__tests__/providers/base.test.ts (14 tests) 4ms
+stdout | src/__tests__/regression/phase2-regression.test.ts > Phase 2 Regression Tests > Backward Compatibility > Phase 1 tools (no oauthProvider) > should work with Phase 1 tools that don't specify oauthProvider
 [ToolProtectionService] Config loaded from API {
   source: 'api',
-  toolCount: 0,
-  protectedTools: [],
+  toolCount: 1,
+  protectedTools: [ 'phase1_tool' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project-123',
-  cacheTtlMs: 1000,
-  cacheExpiresAt: '2025-11-22T06:55:56.520Z'
+  projectId: 'none',
+  cacheTtlMs: 300000,
+  cacheExpiresAt: '2025-11-24T00:12:33.429Z'
 }
-stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Real-world Scenarios > should handle typical e-commerce tool protection config
+stderr | src/__tests__/regression/phase2-regression.test.ts > Phase 2 Regression Tests > No Regressions > Phase 1 OAuth flow > should still work with Phase 1 OAuth flow (no oauthProvider)
+stdout | src/__tests__/regression/phase2-regression.test.ts > Phase 2 Regression Tests > Backward Compatibility > Old API endpoint format > should still support old endpoint format (tools array)
+[ProviderResolver] Tool does not specify oauthProvider. Using first configured provider "github" as fallback. This is deprecated - configure oauthProvider in AgentShield dashboard for Phase 2+.
 [ToolProtectionService] Config loaded from API {
   source: 'api',
-  toolCount: 4,
-  protectedTools: [ 'add_to_cart', 'checkout' ],
+  toolCount: 1,
+  protectedTools: [ 'old_tool' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project-123',
+  projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:55.520Z'
+  cacheExpiresAt: '2025-11-24T00:12:33.433Z'
 }
-stderr | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Real-world Scenarios > should handle API rate limiting gracefully
-[ToolProtectionService] API fetch failed, using fallback config {
-  agentDid: 'did:key:z6MkhaXgBZDv...',
-  error: 'Failed to fetch bouncer config: 429 Too Many Requests - Rate limit exceeded'
-}
-stdout | src/__tests__/services/agentshield-integration.test.ts > AgentShield Integration > Real-world Scenarios > should handle concurrent requests
+stdout | src/__tests__/regression/phase2-regression.test.ts > Phase 2 Regression Tests > Backward Compatibility > Old API endpoint format > should still support old endpoint format (tools object)
 [ToolProtectionService] Config loaded from API {
   source: 'api',
   toolCount: 1,
-  protectedTools: [ 'tool1' ],
+  protectedTools: [ 'old_tool' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
-  projectId: 'test-project-123',
+  projectId: 'none',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:55.521Z'
+  cacheExpiresAt: '2025-11-24T00:12:33.433Z'
 }
+stdout | src/__tests__/regression/phase2-regression.test.ts > Phase 2 Regression Tests > Backward Compatibility > snake_case field names > should still support snake_case field names
 [ToolProtectionService] Config loaded from API {
   source: 'api',
   toolCount: 1,
-  protectedTools: [ 'tool1' ],
+  protectedTools: [ 'tool_with_snake_case' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'test-project-123',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:55.521Z'
+  cacheExpiresAt: '2025-11-24T00:12:33.433Z'
 }
+stdout | src/__tests__/regression/phase2-regression.test.ts > Phase 2 Regression Tests > Mixed Phase 1 and Phase 2 tools > should handle mix of Phase 1 and Phase 2 tools in same project
 [ToolProtectionService] Config loaded from API {
   source: 'api',
-  toolCount: 1,
-  protectedTools: [ 'tool1' ],
+  toolCount: 2,
+  protectedTools: [ 'phase1_tool', 'phase2_tool' ],
   agentDid: 'did:key:z6MkhaXgBZDv...',
   projectId: 'test-project-123',
   cacheTtlMs: 300000,
-  cacheExpiresAt: '2025-11-22T07:00:55.521Z'
+  cacheExpiresAt: '2025-11-24T00:12:33.434Z'
 }
- ✓ src/__tests__/services/agentshield-integration.test.ts (30 tests) 1112ms
-       ✓ should respect cache TTL  1101ms
+ ✓ src/__tests__/regression/phase2-regression.test.ts (12 tests) 6ms
+stdout | src/services/__tests__/provider-resolver.test.ts > ProviderResolver > resolveProvider - Priority 2: Scope inference > should infer provider from github scope prefix
+[ProviderResolver] Inferred provider "github" from scopes
+stdout | src/services/__tests__/provider-resolver.test.ts > ProviderResolver > resolveProvider - Priority 2: Scope inference > should infer provider from gmail scope prefix (maps to google)
+stderr | src/services/__tests__/provider-resolver.test.ts > ProviderResolver > resolveProvider - Priority 2: Scope inference > should return null for ambiguous scopes
+[ProviderResolver] Tool does not specify oauthProvider. Using first configured provider "github" as fallback. This is deprecated - configure oauthProvider in AgentShield dashboard for Phase 2+.
+stderr | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Scope inference edge cases (Priority 2) > should handle empty scopes array
+[ProviderResolver] Inferred provider "google" from scopes
+[ProviderResolver] Tool does not specify oauthProvider. Using first configured provider "github" as fallback. This is deprecated - configure oauthProvider in AgentShield dashboard for Phase 2+.
+ ✓ src/delegation/__tests__/cascading-revocation.test.ts (23 tests) 8ms
+stdout | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Scope inference edge cases (Priority 2) > should verify gmail → google mapping works
+[ProviderResolver] Inferred provider "google" from scopes
+stderr | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Scope inference edge cases (Priority 2) > should handle ambiguous scopes (multiple providers inferred)
+[ProviderResolver] Tool does not specify oauthProvider. Using first configured provider "github" as fallback. This is deprecated - configure oauthProvider in AgentShield dashboard for Phase 2+.
+stderr | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Scope inference edge cases (Priority 2) > should handle unknown scope prefixes
+stdout | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Scope inference edge cases (Priority 2) > should verify calendar → google mapping works
+[ProviderResolver] Inferred provider "google" from scopes
+stdout | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Scope inference edge cases (Priority 2) > should verify outlook → microsoft mapping works
+[ProviderResolver] Inferred provider "microsoft" from scopes
+[ProviderResolver] Tool does not specify oauthProvider. Using first configured provider "github" as fallback. This is deprecated - configure oauthProvider in AgentShield dashboard for Phase 2+.
+stderr | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Scope inference edge cases (Priority 2) > should handle scopes without colons
+[ProviderResolver] Tool does not specify oauthProvider. Using first configured provider "github" as fallback. This is deprecated - configure oauthProvider in AgentShield dashboard for Phase 2+.
+stderr | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Scope inference edge cases (Priority 2) > should handle inferred provider not in registry
+[ProviderResolver] Tool does not specify oauthProvider. Using first configured provider "google" as fallback. This is deprecated - configure oauthProvider in AgentShield dashboard for Phase 2+.
+stderr | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Fallback behavior (Priority 3) > should use first configured provider when oauthProvider not specified
+[ProviderResolver] Tool does not specify oauthProvider. Using first configured provider "github" as fallback. This is deprecated - configure oauthProvider in AgentShield dashboard for Phase 2+.
+stdout | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Provider name case sensitivity > should handle provider names case-insensitively in inference
+[ProviderResolver] Inferred provider "github" from scopes
+stdout | src/__tests__/services/provider-resolver-edge-cases.test.ts > ProviderResolver - Edge Cases > Multiple scopes with same provider > should handle multiple scopes from same provider
+[ProviderResolver] Inferred provider "github" from scopes
+ ✓ src/__tests__/services/provider-resolver-edge-cases.test.ts (19 tests | 1 skipped) 9ms
+ ✓ src/delegation/storage/__tests__/memory-statuslist-storage.test.ts (14 tests) 2ms
+ ✓ src/delegation/__tests__/bitstring.test.ts (30 tests) 4ms
+ ✓ src/delegation/storage/__tests__/memory-graph-storage.test.ts (27 tests) 4ms
+ ✓ src/services/__tests__/provider-resolver.test.ts (8 tests) 5ms
+ ✓ src/__tests__/runtime/proof-client-did.test.ts (17 tests) 8ms
+ ✓ src/services/__tests__/batch-delegation.service.test.ts (11 tests) 4ms
+stderr | src/services/__tests__/provider-resolution.integration.test.ts > Provider Resolution Integration > Backward compatibility > should work with Phase 1 tools (no oauthProvider field)
+[ProviderResolver] Tool does not specify oauthProvider. Using first configured provider "github" as fallback. This is deprecated - configure oauthProvider in AgentShield dashboard for Phase 2+.
+ ✓ src/services/__tests__/provider-resolution.integration.test.ts (6 tests) 3ms
+ ✓ src/services/__tests__/oauth-provider-registry.test.ts (9 tests) 5ms
+ ✓ src/__tests__/runtime/audit-logger.test.ts (9 tests) 3ms
+ ✓ src/__tests__/config/provider-runtime-config.test.ts (9 tests) 2ms
+ ✓ src/delegation/__tests__/utils.test.ts (28 tests) 110ms
+ ✓ src/utils/__tests__/did-helpers.test.ts (11 tests) 4ms
+ ✓ src/delegation/__tests__/audience-validator.test.ts (5 tests) 11ms
+ ↓ src/__tests__/delegation-e2e.test.ts (14 tests | 14 skipped)
+ ✓ src/__tests__/index.test.ts (4 tests) 2ms
  Test Files  42 passed | 1 skipped (43)
       Tests  864 passed | 16 skipped (880)
-   Start at  00:55:54
-   Duration  1.38s (transform 2.11s, setup 0ms, collect 3.19s, tests 1.92s, environment 3ms, prepare 321ms)
+   Start at  18:07:30
+   Duration  3.88s (transform 7.04s, setup 0ms, collect 13.19s, tests 2.23s, environment 13ms, prepare 1.77s)