npm - @kya-os/mcp-i - Versions diffs - 0.1.0-alpha.2.3 → 0.1.0-alpha.2.5 - Mend

@kya-os/mcp-i 0.1.0-alpha.2.3 → 0.1.0-alpha.2.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (58) hide show

package/README.md +192 -216
package/dist/auto.d.ts +0 -12
package/dist/auto.js +3 -14
package/dist/crypto.d.ts +10 -26
package/dist/crypto.js +117 -37
package/dist/dev-helper.d.ts +3 -0
package/dist/dev-helper.js +46 -0
package/dist/encrypted-storage.d.ts +11 -0
package/dist/encrypted-storage.js +73 -0
package/dist/index.d.ts +29 -106
package/dist/index.js +225 -392
package/dist/logger.d.ts +32 -0
package/dist/logger.js +66 -0
package/dist/registry/index.d.ts +0 -31
package/dist/registry/index.js +2 -42
package/dist/registry/knowthat.d.ts +3 -18
package/dist/registry/knowthat.js +10 -35
package/dist/rotation.d.ts +35 -0
package/dist/rotation.js +102 -0
package/dist/storage.d.ts +41 -0
package/dist/storage.js +163 -0
package/dist/transport.d.ts +35 -0
package/dist/transport.js +189 -0
package/dist/types.d.ts +72 -99
package/dist/types.js +0 -4
package/package.json +16 -6
package/dist/__tests__/challenge-response.test.d.ts +0 -5
package/dist/__tests__/challenge-response.test.d.ts.map +0 -1
package/dist/__tests__/challenge-response.test.js +0 -218
package/dist/__tests__/challenge-response.test.js.map +0 -1
package/dist/__tests__/crypto.test.d.ts +0 -5
package/dist/__tests__/crypto.test.d.ts.map +0 -1
package/dist/__tests__/crypto.test.js +0 -153
package/dist/__tests__/crypto.test.js.map +0 -1
package/dist/auto.d.ts.map +0 -1
package/dist/auto.js.map +0 -1
package/dist/crypto.d.ts.map +0 -1
package/dist/crypto.js.map +0 -1
package/dist/index.d.ts.map +0 -1
package/dist/index.js.map +0 -1
package/dist/registry/cursor.d.ts +0 -25
package/dist/registry/cursor.d.ts.map +0 -1
package/dist/registry/cursor.js +0 -108
package/dist/registry/cursor.js.map +0 -1
package/dist/registry/glama.d.ts +0 -25
package/dist/registry/glama.d.ts.map +0 -1
package/dist/registry/glama.js +0 -111
package/dist/registry/glama.js.map +0 -1
package/dist/registry/index.d.ts.map +0 -1
package/dist/registry/index.js.map +0 -1
package/dist/registry/knowthat.d.ts.map +0 -1
package/dist/registry/knowthat.js.map +0 -1
package/dist/registry/smithery.d.ts +0 -29
package/dist/registry/smithery.d.ts.map +0 -1
package/dist/registry/smithery.js +0 -119
package/dist/registry/smithery.js.map +0 -1
package/dist/types.d.ts.map +0 -1
package/dist/types.js.map +0 -1

package/dist/index.js CHANGED Viewed

@@ -1,27 +1,4 @@
 "use strict";
-/**
- * @kya-os/mcp-i - Ultra-light MCP Identity auto-registration
- *
- * Enable any MCP server to get a verifiable identity with just 2 lines of code:
- *
- * ```typescript
- * import "@kya-os/mcp-i/auto";  // That's it! Your server now has identity
- * ```
- *
- * Or with configuration:
- * ```typescript
- * import { enableMCPIdentity } from "@kya-os/mcp-i";
- * await enableMCPIdentity({ name: "My Amazing Agent" });
- * ```
- *
- * Future multi-registry support:
- * ```typescript
- * await enableMCPIdentity({
- *   name: "My Agent",
- *   // Additional registries will be supported as directories adopt MCP-I
- * });
- * ```
- */
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     var desc = Object.getOwnPropertyDescriptor(m, k);
@@ -58,123 +35,113 @@ var __importStar = (this && this.__importStar) || (function () {
 var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.MCPIdentity = exports.resolveRegistries = exports.REGISTRY_TIERS = exports.RegistryFactory = void 0;
+exports.MCPIdentity = exports.showAgentStatus = exports.initWithDevExperience = exports.KeyRotationManager = exports.RuntimeDetector = exports.TransportFactory = exports.FileStorage = exports.MemoryStorage = exports.StorageFactory = exports.SilentLogger = exports.ConsoleLogger = exports.LoggerFactory = exports.resolveRegistries = exports.REGISTRY_TIERS = exports.RegistryFactory = void 0;
 exports.enableMCPIdentity = enableMCPIdentity;
-const axios_1 = __importDefault(require("axios"));
-const fs = __importStar(require("fs"));
-const path = __importStar(require("path"));
+exports.createMCPMiddleware = createMCPMiddleware;
 const crypto = __importStar(require("./crypto"));
-const registry_1 = require("./registry");
-// Re-export types and registry utilities for convenience
+const storage_1 = require("./storage");
+const transport_1 = require("./transport");
+const logger_1 = require("./logger");
+const rotation_1 = require("./rotation");
 __exportStar(require("./types"), exports);
-var registry_2 = require("./registry");
-Object.defineProperty(exports, "RegistryFactory", { enumerable: true, get: function () { return registry_2.RegistryFactory; } });
-Object.defineProperty(exports, "REGISTRY_TIERS", { enumerable: true, get: function () { return registry_2.REGISTRY_TIERS; } });
-Object.defineProperty(exports, "resolveRegistries", { enumerable: true, get: function () { return registry_2.resolveRegistries; } });
-// Global identity instance
+var registry_1 = require("./registry");
+Object.defineProperty(exports, "RegistryFactory", { enumerable: true, get: function () { return registry_1.RegistryFactory; } });
+Object.defineProperty(exports, "REGISTRY_TIERS", { enumerable: true, get: function () { return registry_1.REGISTRY_TIERS; } });
+Object.defineProperty(exports, "resolveRegistries", { enumerable: true, get: function () { return registry_1.resolveRegistries; } });
+var logger_2 = require("./logger");
+Object.defineProperty(exports, "LoggerFactory", { enumerable: true, get: function () { return logger_2.LoggerFactory; } });
+Object.defineProperty(exports, "ConsoleLogger", { enumerable: true, get: function () { return logger_2.ConsoleLogger; } });
+Object.defineProperty(exports, "SilentLogger", { enumerable: true, get: function () { return logger_2.SilentLogger; } });
+var storage_2 = require("./storage");
+Object.defineProperty(exports, "StorageFactory", { enumerable: true, get: function () { return storage_2.StorageFactory; } });
+Object.defineProperty(exports, "MemoryStorage", { enumerable: true, get: function () { return storage_2.MemoryStorage; } });
+Object.defineProperty(exports, "FileStorage", { enumerable: true, get: function () { return storage_2.FileStorage; } });
+var transport_2 = require("./transport");
+Object.defineProperty(exports, "TransportFactory", { enumerable: true, get: function () { return transport_2.TransportFactory; } });
+Object.defineProperty(exports, "RuntimeDetector", { enumerable: true, get: function () { return transport_2.RuntimeDetector; } });
+var rotation_2 = require("./rotation");
+Object.defineProperty(exports, "KeyRotationManager", { enumerable: true, get: function () { return rotation_2.KeyRotationManager; } });
+var dev_helper_1 = require("./dev-helper");
+Object.defineProperty(exports, "initWithDevExperience", { enumerable: true, get: function () { return dev_helper_1.initWithDevExperience; } });
+Object.defineProperty(exports, "showAgentStatus", { enumerable: true, get: function () { return dev_helper_1.showAgentStatus; } });
 let globalIdentity = null;
 class MCPIdentity {
     constructor(identity, options = {}) {
         this.usedNonces = new Set();
-        this.registryAdapters = new Map();
+        if (options.logger) {
+            logger_1.LoggerFactory.setLogger(options.logger);
+        }
+        else if (options.logLevel && options.logLevel !== 'silent') {
+            logger_1.LoggerFactory.setLogger(logger_1.LoggerFactory.createConsoleLogger(options.logLevel));
+        }
+        this.logger = (0, logger_1.getLogger)();
         this.did = identity.did;
         this.publicKey = identity.publicKey;
         this.privateKey = identity.privateKey;
-        this.timestampTolerance = options.timestampTolerance || 60000; // 60 seconds
+        this.encryptionPassword = options.encryptionPassword;
+        this.timestampTolerance = options.timestampTolerance || 60000;
         this.enableNonceTracking = options.enableNonceTracking !== false;
-        // Multi-registry initialization
-        this.didHost = identity.didHost || 'knowthat';
-        this.registries = identity.registries || [
-            {
-                name: this.didHost,
-                status: 'active',
-                type: 'primary',
-                registeredAt: identity.registeredAt
-            }
-        ];
-        // Start nonce cleanup if tracking is enabled
+        this.directories = identity.directories || 'verified';
+        this.storage = storage_1.StorageFactory.create({
+            storage: options.storage,
+            customPath: options.persistencePath,
+            memoryKey: options.memoryKey || this.did,
+            encryptionPassword: options.encryptionPassword
+        });
+        this.transport = transport_1.TransportFactory.create({
+            transport: options.transport
+        });
+        this.precomputed = {
+            did: this.did,
+            publicKey: this.publicKey,
+            didBytes: new TextEncoder().encode(this.did),
+            signatureCache: new Map()
+        };
+        if (options.storage !== 'memory') {
+            this.rotationManager = new rotation_1.KeyRotationManager(identity, this.transport, {});
+        }
         if (this.enableNonceTracking) {
             this.startNonceCleanup();
         }
     }
-    /**
-     * Initialize MCP Identity - the main entry point
-     *
-     * IMPORTANT: This only makes API calls in these cases:
-     * 1. First time ever (no identity exists) - registers with all specified registries
-     * 2. Adding new registries to existing identity - only calls the new registries
-     *
-     * After initial registration, all subsequent calls load from disk with NO API calls.
-     */
     static async init(options) {
-        // Return existing global identity if already initialized
+        const logger = options?.logger || (0, logger_1.getLogger)();
         if (globalIdentity) {
-            // Check if we need to sync to new registries
-            if (options?.registries) {
-                const requestedRegistries = (0, registry_1.resolveRegistries)(options.registries);
-                await globalIdentity.syncToRegistries(requestedRegistries);
-            }
             return globalIdentity;
         }
-        // Try to load existing identity
-        let identity = await loadIdentity(options?.persistencePath);
-        // Handle existing identity
+        const storage = storage_1.StorageFactory.create({
+            storage: options?.storage,
+            customPath: options?.persistencePath,
+            memoryKey: options?.memoryKey,
+            encryptionPassword: options?.encryptionPassword
+        });
+        let identity = await storage.load();
         if (identity) {
-            console.log('[MCP-I] Loaded existing identity:', identity.did);
+            logger.info('Loaded existing identity:', identity.did);
             globalIdentity = new MCPIdentity(identity, options);
-            // Sync to any new registries specified in options
-            if (options?.registries) {
-                const requestedRegistries = (0, registry_1.resolveRegistries)(options.registries);
-                await globalIdentity.syncToRegistries(requestedRegistries);
-            }
             return globalIdentity;
         }
-        // No existing identity - need to create new one
-        console.log('[MCP-I] No existing identity found, creating new identity...');
-        // Resolve which registries to use
-        const registriesToUse = (0, registry_1.resolveRegistries)(options?.registries);
-        const primaryRegistry = options?.didHost || 'knowthat';
-        // Ensure primary registry is first
-        const orderedRegistries = [
-            primaryRegistry,
-            ...registriesToUse.filter(r => r !== primaryRegistry)
-        ];
-        console.log('[MCP-I] Publishing to registries:', orderedRegistries.join(', '));
-        // Create DID at primary registry (KnowThat by default)
-        const primaryAdapter = registry_1.RegistryFactory.getAdapter(primaryRegistry);
-        if (!primaryAdapter || primaryAdapter.type !== 'primary') {
-            throw new Error(`Primary registry ${primaryRegistry} not available or not a primary registry`);
-        }
-        const publishData = {
-            did: '', // Will be filled after registration
+        logger.info('No existing identity found, creating new identity...');
+        const transport = transport_1.TransportFactory.create({
+            transport: options?.transport
+        });
+        const apiEndpoint = options?.apiEndpoint || 'https://knowthat.ai';
+        logger.info('Registering with knowthat.ai...');
+        const registrationData = {
             name: options?.name || process.env.MCP_SERVER_NAME || 'Unnamed MCP Server',
             description: options?.description,
             repository: options?.repository,
-            publicKey: '', // Will be filled after key generation
-            metadata: {}
+            directories: options?.directories,
+            isDraft: options?.mode === 'development'
         };
-        // Generate keys first
-        console.log('[MCP-I] Generating cryptographic keys...');
+        logger.info('Generating cryptographic keys...');
         const keyPair = await crypto.generateKeyPair();
-        publishData.publicKey = keyPair.publicKey;
-        // Register with primary registry
-        console.log(`[MCP-I] Registering with primary registry: ${primaryRegistry}`);
-        const primaryResult = await primaryAdapter.publish(publishData);
-        if (!primaryResult.success) {
-            throw new Error(`Failed to register with primary registry: ${primaryResult.error}`);
-        }
-        // Get the full registration response (this is a bit hacky but maintains compatibility)
-        const response = await autoRegister({
-            name: publishData.name,
-            description: publishData.description,
-            repository: publishData.repository,
-            apiEndpoint: primaryRegistry === 'knowthat' ? 'https://knowthat.ai' : options?.apiEndpoint || 'https://knowthat.ai'
+        const response = await autoRegister(transport, {
+            ...registrationData,
+            apiEndpoint,
+            directories: options?.directories
         });
-        // Create persisted identity
         identity = {
             did: response.did,
             publicKey: keyPair.publicKey,
@@ -182,144 +149,113 @@ class MCPIdentity {
             agentId: response.agent.id,
             agentSlug: response.agent.slug,
             registeredAt: new Date().toISOString(),
-            didHost: primaryRegistry,
-            registries: [{
-                    name: primaryRegistry,
-                    status: 'active',
-                    type: 'primary',
-                    registeredAt: new Date().toISOString(),
-                    registryAgentId: response.agent.id
-                }]
+            directories: options?.directories || 'verified'
         };
-        // Save identity before publishing to other registries
-        await saveIdentity(identity, options?.persistencePath);
-        console.log('[MCP-I] ✅ Success! Your agent has been registered.');
-        console.log(`[MCP-I] DID: ${response.did}`);
-        console.log(`[MCP-I] Profile: ${response.agent.url}`);
-        // Create MCPIdentity instance
-        globalIdentity = new MCPIdentity(identity, options);
-        // Publish to additional registries
-        if (orderedRegistries.length > 1) {
-            console.log('[MCP-I] Publishing to additional registries...');
-            await globalIdentity.syncToRegistries(orderedRegistries.slice(1));
+        await storage.save(identity);
+        logger.info('✅ Success! Your agent has been registered.');
+        logger.info(`DID: ${response.did}`);
+        logger.info(`Profile: ${response.agent.url}`);
+        if (response.agent.claimUrl) {
+            logger.info(`Claim your agent: ${response.agent.claimUrl}`);
+        }
+        if (options?.directories && options.directories !== 'none') {
+            const dirMessage = options.directories === 'verified'
+                ? 'Your agent will be submitted to all verified directories'
+                : `Your agent will be submitted to: ${options.directories.join(', ')}`;
+            logger.info(dirMessage);
         }
+        globalIdentity = new MCPIdentity(identity, options);
         return globalIdentity;
     }
-    /**
-     * Sync identity to additional registries
-     *
-     * RATE LIMITED: Each registry can only be synced once per minute to prevent spam.
-     * Skips registries that are already active.
-     */
-    async syncToRegistries(registryNames) {
-        const publishData = {
-            did: this.did,
-            name: this.extractAgentName(),
-            description: '', // Would need to store this
-            repository: '', // Would need to store this
-            publicKey: this.publicKey,
-            agentId: this.extractAgentId(),
-            agentSlug: this.extractAgentSlug(),
-            metadata: {}
-        };
-        for (const registryName of registryNames) {
-            // Skip if already registered
-            if (this.registries.some(r => r.name === registryName && r.status === 'active')) {
-                continue;
+    async enableAutoRotation(policy) {
+        if (!this.rotationManager) {
+            throw new Error('Key rotation not available in memory storage mode');
+        }
+        this.rotationManager.setupAutoRotation((result) => {
+            if (result.success) {
+                this.logger.info('Keys rotated successfully');
+                this.persistIdentity();
             }
-            const adapter = registry_1.RegistryFactory.getAdapter(registryName);
-            if (!adapter) {
-                console.warn(`[MCP-I] Registry ${registryName} not available, skipping`);
-                continue;
+            else {
+                this.logger.error('Key rotation failed:', result.error);
             }
+        });
+    }
+    async rotateKeys(reason) {
+        if (!this.rotationManager) {
+            throw new Error('Key rotation not available in memory storage mode');
+        }
+        const result = await this.rotationManager.rotateKeys(reason);
+        if (result.success) {
+            await this.persistIdentity();
+        }
+        return result;
+    }
+    checkKeyHealth() {
+        if (!this.rotationManager) {
+            return null;
+        }
+        return this.rotationManager.checkKeyHealth();
+    }
+    async getPrivateKey() {
+        if (this.decryptedPrivateKey) {
+            return this.decryptedPrivateKey;
+        }
+        if (this.encryptionPassword && this.privateKey.startsWith('enc:')) {
             try {
-                console.log(`[MCP-I] Publishing to ${registryName}...`);
-                const result = await adapter.publish(publishData);
-                if (result.success) {
-                    // Update registry status
-                    const existingIndex = this.registries.findIndex(r => r.name === registryName);
-                    const newStatus = {
-                        name: registryName,
-                        status: 'active',
-                        type: adapter.type,
-                        registeredAt: new Date().toISOString(),
-                        registryAgentId: result.registryAgentId
-                    };
-                    if (existingIndex >= 0) {
-                        this.registries[existingIndex] = newStatus;
-                    }
-                    else {
-                        this.registries.push(newStatus);
-                    }
-                    console.log(`[MCP-I] ✅ Published to ${registryName}: ${result.profileUrl || 'success'}`);
-                }
-                else {
-                    console.error(`[MCP-I] ❌ Failed to publish to ${registryName}: ${result.error}`);
-                    // Update registry status with error
-                    this.registries.push({
-                        name: registryName,
-                        status: 'failed',
-                        type: adapter.type,
-                        error: result.error,
-                        lastSyncAt: new Date().toISOString()
-                    });
-                }
+                this.decryptedPrivateKey = await crypto.decrypt(this.privateKey, this.encryptionPassword);
+                this.logger.debug('Private key decrypted successfully');
+                return this.decryptedPrivateKey;
             }
             catch (error) {
-                console.error(`[MCP-I] ❌ Error publishing to ${registryName}:`, error.message);
-                this.registries.push({
-                    name: registryName,
-                    status: 'failed',
-                    type: 'secondary',
-                    error: error.message,
-                    lastSyncAt: new Date().toISOString()
-                });
+                this.logger.error('Failed to decrypt private key:', error);
+                throw new Error('Invalid encryption password');
             }
         }
-        // Save updated registry status
-        await this.persistRegistryStatus();
-    }
-    /**
-     * Add a new registry
-     */
-    async addRegistry(registryName) {
-        await this.syncToRegistries([registryName]);
-    }
-    /**
-     * Add multiple registries
-     */
-    async addRegistries(registryNames) {
-        await this.syncToRegistries(registryNames);
-    }
-    /**
-     * Get current registry status
-     */
-    getRegistryStatus() {
-        return [...this.registries];
-    }
-    /**
-     * Check if registered with a specific registry
-     */
-    isRegisteredWith(registryName) {
-        return this.registries.some(r => r.name === registryName && r.status === 'active');
+        return this.privateKey;
     }
-    /**
-     * Sign a message with the agent's private key using Ed25519
-     */
     async sign(message) {
-        return crypto.sign(message, this.privateKey);
+        const messageStr = typeof message === 'string' ? message : message.toString('base64');
+        const cached = this.precomputed.signatureCache.get(messageStr);
+        if (cached) {
+            return cached;
+        }
+        const privateKey = await this.getPrivateKey();
+        const signature = await crypto.sign(message, privateKey);
+        if (this.precomputed.signatureCache.size > 100) {
+            const firstKey = this.precomputed.signatureCache.keys().next().value;
+            if (firstKey) {
+                this.precomputed.signatureCache.delete(firstKey);
+            }
+        }
+        this.precomputed.signatureCache.set(messageStr, signature);
+        if (this.rotationManager) {
+            this.rotationManager.incrementSignatureCount();
+        }
+        return signature;
+    }
+    async requestEditAccess() {
+        const timestamp = Date.now();
+        const message = `edit-request:${this.did}:knowthat.ai:${timestamp}`;
+        const signature = await this.sign(message);
+        const baseUrl = 'https://knowthat.ai';
+        const editUrl = new URL(`${baseUrl}/agents/edit`);
+        editUrl.searchParams.set('did', this.did);
+        editUrl.searchParams.set('timestamp', timestamp.toString());
+        editUrl.searchParams.set('signature', signature);
+        const claimUrl = new URL(`${baseUrl}/agents/claim`);
+        claimUrl.searchParams.set('did', this.did);
+        claimUrl.searchParams.set('timestamp', timestamp.toString());
+        claimUrl.searchParams.set('signature', signature);
+        return {
+            editUrl: editUrl.toString(),
+            claimUrl: claimUrl.toString()
+        };
     }
-    /**
-     * Verify a signature against a public key
-     */
     async verify(message, signature, publicKey) {
         return crypto.verify(message, signature, publicKey || this.publicKey);
     }
-    /**
-     * Respond to an MCP-I challenge
-     */
     async respondToChallenge(challenge) {
-        // Validate timestamp to prevent replay attacks
         const now = Date.now();
         const challengeAge = now - challenge.timestamp;
         if (challengeAge > this.timestampTolerance) {
@@ -328,14 +264,12 @@ class MCPIdentity {
         if (challengeAge < 0) {
             throw new Error('Challenge timestamp is in the future');
         }
-        // Check for nonce reuse if tracking is enabled
         if (this.enableNonceTracking) {
             if (this.usedNonces.has(challenge.nonce)) {
                 throw new Error('Nonce already used');
             }
             this.usedNonces.add(challenge.nonce);
         }
-        // Create the message to sign
         const messageComponents = [
             challenge.nonce,
             challenge.timestamp.toString(),
@@ -344,9 +278,7 @@ class MCPIdentity {
             (challenge.scope || []).join(',')
         ];
         const message = messageComponents.join(':');
-        // Sign the challenge
         const signature = await this.sign(message);
-        // Return the response
         return {
             did: this.did,
             signature,
@@ -355,43 +287,29 @@ class MCPIdentity {
             publicKey: this.publicKey
         };
     }
-    /**
-     * Get MCP-I capabilities for advertisement
-     */
     getCapabilities() {
-        const activeRegistries = this.registries.filter(r => r.status === 'active');
-        const secondaryRegistries = activeRegistries
-            .filter(r => r.type === 'secondary')
-            .map(r => r.name);
         return {
             version: '1.0',
             did: this.did,
             publicKey: this.publicKey,
-            conformanceLevel: 2, // Level 2: Full crypto with challenge-response
+            conformanceLevel: 2,
             handshakeSupported: true,
             handshakeEndpoint: '/_mcp-i/handshake',
-            verificationEndpoint: `https://${this.didHost === 'knowthat' ? 'knowthat.ai' : this.didHost}/api/agents/${this.did}/verify`,
-            registries: {
-                primary: this.didHost,
-                secondary: secondaryRegistries
-            }
+            verificationEndpoint: `https://knowthat.ai/api/agents/${this.did}/verify`,
+            registry: 'knowthat.ai'
         };
     }
-    /**
-     * Sign an MCP response with identity metadata
-     */
     async signResponse(response) {
         const timestamp = new Date().toISOString();
         const responseWithIdentity = {
             ...response,
             _mcp_identity: {
                 did: this.did,
-                signature: '', // Will be filled below
+                signature: '',
                 timestamp,
                 conformanceLevel: 2
             }
         };
-        // Sign the response content (excluding the signature field)
         const contentToSign = JSON.stringify({
             ...response,
             _mcp_identity: {
@@ -403,227 +321,142 @@ class MCPIdentity {
         responseWithIdentity._mcp_identity.signature = await this.sign(contentToSign);
         return responseWithIdentity;
     }
-    /**
-     * Generate a new nonce for challenges
-     */
     static generateNonce() {
-        return crypto.generateNonce();
+        return crypto.generateNonceSync();
     }
-    /**
-     * Request edit access to agent profile
-     * Returns a signed URL for editing the agent on the registry
-     */
-    async requestEditAccess(registryName) {
-        const registry = registryName || this.didHost;
-        const timestamp = Date.now();
-        const message = `edit-request:${this.did}:${registry}:${timestamp}`;
-        const signature = await this.sign(message);
-        // Construct edit URL with proof of ownership
-        const baseUrl = registry === 'knowthat'
-            ? 'https://knowthat.ai'
-            : `https://${registry}`;
-        const editUrl = new URL(`${baseUrl}/agents/edit`);
-        editUrl.searchParams.set('did', this.did);
-        editUrl.searchParams.set('timestamp', timestamp.toString());
-        editUrl.searchParams.set('signature', signature);
-        return editUrl.toString();
+    getDirectories() {
+        return this.directories;
     }
-    /**
-     * Clean up old nonces periodically to prevent memory leaks
-     */
     startNonceCleanup() {
-        // Clean up nonces older than 2x the timestamp tolerance
         this.nonceCleanupInterval = setInterval(() => {
-            // In a production system, you'd track nonce timestamps
-            // For now, we'll clear all nonces periodically
             if (this.usedNonces.size > 10000) {
                 this.usedNonces.clear();
             }
         }, this.timestampTolerance * 2);
     }
-    /**
-     * Clean up resources
-     */
     destroy() {
         if (this.nonceCleanupInterval) {
             clearInterval(this.nonceCleanupInterval);
         }
         this.usedNonces.clear();
+        this.precomputed.signatureCache.clear();
     }
-    /**
-     * Helper to extract agent name from DID
-     */
     extractAgentName() {
-        // Try to get from persisted data or environment
         return process.env.MCP_SERVER_NAME || 'Unknown Agent';
     }
-    /**
-     * Helper to extract agent ID
-     */
     extractAgentId() {
         return process.env.AGENT_ID || '';
     }
-    /**
-     * Helper to extract agent slug
-     */
     extractAgentSlug() {
         const parts = this.did.split(':');
         return parts[parts.length - 1];
     }
-    /**
-     * Persist updated registry status
-     */
-    async persistRegistryStatus() {
+    async persistIdentity() {
         try {
-            const filePath = path.join(process.cwd(), '.mcp-identity.json');
-            const current = JSON.parse(fs.readFileSync(filePath, 'utf-8'));
-            current.registries = this.registries;
-            fs.writeFileSync(filePath, JSON.stringify(current, null, 2));
+            const identity = {
+                did: this.did,
+                publicKey: this.publicKey,
+                privateKey: this.privateKey,
+                agentId: this.extractAgentId(),
+                agentSlug: this.extractAgentSlug(),
+                registeredAt: new Date().toISOString(),
+                directories: this.directories
+            };
+            await this.storage.save(identity);
         }
         catch (error) {
-            console.error('[MCP-I] Failed to persist registry status:', error);
+            this.logger.error('Failed to persist identity:', error);
         }
     }
 }
 exports.MCPIdentity = MCPIdentity;
-/**
- * Enable MCP Identity for any MCP server
- * This is the main integration point that patches the MCP Server
- */
 async function enableMCPIdentity(options) {
     const identity = await MCPIdentity.init(options);
-    // Try to patch MCP Server if available
     try {
         patchMCPServer(identity);
     }
     catch (error) {
-        console.log('[MCP-I] MCP Server not found, identity initialized for manual use');
+        const logger = (0, logger_1.getLogger)();
+        logger.debug('MCP Server not found, identity initialized for manual use');
     }
     return identity;
 }
-/**
- * Patch the MCP Server to automatically add identity
- */
-function patchMCPServer(identity) {
-    try {
-        // Try to import the MCP SDK
-        const MCPModule = require('@modelcontextprotocol/sdk/server/index.js');
-        const OriginalServer = MCPModule.Server;
-        if (!OriginalServer) {
-            return;
-        }
-        // Store original methods
-        const originalSetRequestHandler = OriginalServer.prototype.setRequestHandler;
-        const originalConnect = OriginalServer.prototype.connect;
-        // Patch setRequestHandler to wrap all responses
-        OriginalServer.prototype.setRequestHandler = function (method, handler) {
+function createMCPMiddleware(identity) {
+    return (server) => {
+        const originalSetRequestHandler = server.setRequestHandler.bind(server);
+        const originalConnect = server.connect.bind(server);
+        server.setRequestHandler = function (method, handler) {
             const wrappedHandler = async (...args) => {
                 const result = await handler(...args);
-                // If result has content, sign it
                 if (result && typeof result === 'object' && 'content' in result) {
-                    const signed = await identity.signResponse(result);
-                    return signed;
+                    return await identity.signResponse(result);
                 }
                 return result;
             };
-            return originalSetRequestHandler.call(this, method, wrappedHandler);
+            return originalSetRequestHandler(method, wrappedHandler);
         };
-        // Patch connect to advertise MCP-I capabilities
-        OriginalServer.prototype.connect = async function (transport) {
-            // Add MCP-I capabilities to server info
+        server.connect = async function (transport) {
             if (this.serverInfo && this.serverInfo.capabilities) {
                 this.serverInfo.capabilities['mcp-i'] = identity.getCapabilities();
             }
-            // Set up MCP-I handshake handler
             this.setRequestHandler('mcp-i/challenge', async (request) => {
                 return identity.respondToChallenge(request.params);
             });
-            // Call original connect
-            return originalConnect.call(this, transport);
+            return originalConnect(transport);
         };
-        console.log('[MCP-I] ✨ MCP Server patched - all responses will be automatically signed');
-    }
-    catch (error) {
-        // MCP SDK not available, that's okay
-    }
+    };
 }
-// Helper functions (inline to keep package standalone)
-async function loadIdentity(customPath) {
-    // Check environment variables first (already loaded by process)
-    if (process.env.AGENT_DID && process.env.AGENT_PUBLIC_KEY && process.env.AGENT_PRIVATE_KEY) {
-        const identity = {
-            did: process.env.AGENT_DID,
-            publicKey: process.env.AGENT_PUBLIC_KEY,
-            privateKey: process.env.AGENT_PRIVATE_KEY,
-            agentId: process.env.AGENT_ID || '',
-            agentSlug: process.env.AGENT_SLUG || '',
-            registeredAt: new Date().toISOString(),
-            didHost: process.env.AGENT_DID_HOST || 'knowthat'
-        };
-        // Try to load registry status from file
-        try {
-            const filePath = customPath || path.join(process.cwd(), '.mcp-identity.json');
-            if (fs.existsSync(filePath)) {
-                const fileContent = JSON.parse(fs.readFileSync(filePath, 'utf-8'));
-                if (fileContent.registries) {
-                    identity.registries = fileContent.registries;
-                }
-            }
-        }
-        catch {
-            // Ignore errors
-        }
-        return identity;
-    }
-    // Check JSON file (most reliable for programmatic access)
-    const filePath = customPath || path.join(process.cwd(), '.mcp-identity.json');
+function patchMCPServer(identity) {
     try {
-        if (fs.existsSync(filePath)) {
-            const content = fs.readFileSync(filePath, 'utf-8');
-            return JSON.parse(content);
+        const MCPModule = require('@modelcontextprotocol/sdk/server/index.js');
+        const OriginalServer = MCPModule.Server;
+        if (!OriginalServer) {
+            return;
         }
+        const middleware = createMCPMiddleware(identity);
+        const OriginalConstructor = OriginalServer;
+        MCPModule.Server = function (...args) {
+            const instance = new OriginalConstructor(...args);
+            middleware(instance, identity);
+            return instance;
+        };
+        Object.setPrototypeOf(MCPModule.Server, OriginalConstructor);
+        Object.setPrototypeOf(MCPModule.Server.prototype, OriginalConstructor.prototype);
+        const logger = (0, logger_1.getLogger)();
+        logger.info('✨ MCP Server patched - all responses will be automatically signed');
     }
-    catch {
-        // Ignore errors
+    catch (error) {
     }
-    return null;
-}
-async function saveIdentity(identity, customPath) {
-    // Save as JSON for programmatic access
-    const filePath = customPath || path.join(process.cwd(), '.mcp-identity.json');
-    fs.writeFileSync(filePath, JSON.stringify(identity, null, 2));
-    console.log('[MCP-I] Identity saved to .mcp-identity.json');
 }
-async function autoRegister(options) {
+async function autoRegister(transport, options) {
     try {
-        const response = await axios_1.default.post(`${options.apiEndpoint}/api/agents/auto-register`, {
+        const response = await transport.post(`${options.apiEndpoint}/api/agents/auto-register`, {
             metadata: {
                 name: options.name,
                 description: options.description,
                 repository: options.repository,
-                version: '1.0.0'
+                version: '1.0.0',
+                isDraft: options.isDraft,
+                directories: options.directories || 'verified'
             },
             clientInfo: {
-                sdkVersion: '0.2.0',
+                sdkVersion: '0.3.0',
                 language: 'typescript',
-                platform: 'node' // Always node for MCP servers
+                platform: 'node'
             }
         }, {
             timeout: 30000,
             headers: {
                 'Content-Type': 'application/json',
-                'User-Agent': '@kya-os/mcp-i/0.2.0'
+                'User-Agent': '@kya-os/mcp-i/0.3.0'
             }
         });
         return response.data;
     }
     catch (error) {
-        if (error.response?.status === 429) {
+        if (error.message?.includes('429')) {
             throw new Error('Rate limit exceeded. Please try again later.');
         }
-        throw new Error(error.response?.data?.message ||
-            error.message ||
-            'Failed to auto-register agent');
+        throw new Error(error.message || 'Failed to auto-register agent');
     }
 }
-//# sourceMappingURL=index.js.map