@muhaven/mcp 0.1.0 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +136 -2
  2. package/README.md +125 -125
  3. package/bin/muhaven-broker.cjs +11 -11
  4. package/bin/muhaven-mcp.cjs +11 -11
  5. package/dist/broker.cjs +138 -22
  6. package/dist/broker.d.cts +21 -1
  7. package/dist/broker.d.ts +21 -1
  8. package/dist/broker.js +138 -23
  9. package/dist/index.cjs +124 -20
  10. package/dist/index.d.cts +143 -13
  11. package/dist/index.d.ts +143 -13
  12. package/dist/index.js +120 -21
  13. package/manifest.json +98 -98
  14. package/package.json +104 -104
package/manifest.json CHANGED
@@ -1,98 +1,98 @@
1
- {
2
- "$comment": "MCPB v0.2 manifest for @muhaven/mcp. Per ADR-3 the JWT is acquired via the device-code ceremony and stored in the broker's keystore — it is NOT a user_config entry. Sensitive items declared here are limited to the broker session-key + IPC endpoint overrides.",
3
- "manifest_version": "0.2",
4
- "name": "muhaven-mcp",
5
- "display_name": "MuHaven (RWA portfolio)",
6
- "version": "0.1.0",
7
- "description": "Confidential RWA portfolio management on Fhenix CoFHE. Read your encrypted balances, propose yield claims and policy changes — all signing happens in a sibling broker daemon, the LLM never sees your private key.",
8
- "long_description": "MuHaven MCP exposes 22 tools across read.* / position.* / policy.* / issuer.* / governance.* groups for managing real-world asset (RWA) tokens with FHE-encrypted balances. Authentication uses a one-time device-code ceremony (run `muhaven-broker login`); subsequent tool calls fetch the JWT from the broker over a Unix socket. Position / governance tools return unsigned UserOps + broker signatures — they NEVER auto-submit to a bundler. The companion `muhaven-broker` daemon must be running before tools can be invoked. See README for setup.",
9
- "author": {
10
- "name": "MuHaven",
11
- "email": "hello@muhaven.app",
12
- "url": "https://muhaven.app"
13
- },
14
- "homepage": "https://muhaven.app",
15
- "documentation": "https://github.com/hasToDev/muhaven/blob/master/packages/mcp/README.md",
16
- "support": "https://github.com/hasToDev/muhaven/issues",
17
- "license": "MIT",
18
- "keywords": ["fhe", "fhenix", "rwa", "claude", "mcp", "muhaven"],
19
- "compatibility": {
20
- "platforms": ["darwin", "win32", "linux"],
21
- "runtimes": {
22
- "node": ">=20.0.0"
23
- }
24
- },
25
- "server": {
26
- "type": "node",
27
- "entry_point": "dist/index.cjs",
28
- "mcp_config": {
29
- "command": "node",
30
- "args": ["${__dirname}/dist/index.cjs"],
31
- "env": {
32
- "MUHAVEN_BACKEND_URL": "${user_config.backend_url}",
33
- "MUHAVEN_DASHBOARD_URL": "${user_config.dashboard_url}",
34
- "MUHAVEN_BROKER_ENDPOINT": "${user_config.broker_endpoint}",
35
- "MUHAVEN_READ_ONLY": "${user_config.read_only}"
36
- }
37
- }
38
- },
39
- "tools": [
40
- { "name": "muhaven.read.portfolio", "description": "Encrypted-balance portfolio summary; aggregates only.", "sensitive": false },
41
- { "name": "muhaven.read.yields", "description": "Per-token yield history (cleartext aggregates).", "sensitive": false },
42
- { "name": "muhaven.read.distribution", "description": "Distribution status for a (token, epoch).", "sensitive": false },
43
- { "name": "muhaven.read.tokens", "description": "RWA tokens the user holds.", "sensitive": false },
44
- { "name": "muhaven.read.audit", "description": "User's tiered-autonomy audit log.", "sensitive": false },
45
- { "name": "muhaven.position.buy", "description": "Propose a Subscription buy. Returns unsigned UserOp.", "sensitive": true },
46
- { "name": "muhaven.position.sell", "description": "Propose a redemption-queue sell. Returns unsigned UserOp.", "sensitive": true },
47
- { "name": "muhaven.position.claim", "description": "Propose a yield claim. Returns unsigned UserOp.", "sensitive": true },
48
- { "name": "muhaven.position.rebalance", "description": "Propose a multi-leg atomic rebalance.", "sensitive": true },
49
- { "name": "muhaven.policy.set_tier", "description": "Request / commit a tiered-autonomy transition.", "sensitive": true },
50
- { "name": "muhaven.policy.pause", "description": "Activate /pause kill-switch.", "sensitive": true },
51
- { "name": "muhaven.policy.audit_export", "description": "Drain the audit log to JSON.", "sensitive": false },
52
- { "name": "muhaven.policy.session_key_status", "description": "Inspect ZeroDev session-key state.", "sensitive": false },
53
- { "name": "muhaven.issuer.distribute_yield", "description": "Propose a yield distribution. Issuer-only.", "sensitive": true },
54
- { "name": "muhaven.issuer.kyc_add", "description": "Propose adding an investor to the ERC-3643 whitelist. Issuer-only.", "sensitive": true },
55
- { "name": "muhaven.issuer.kyc_remove", "description": "Propose removing an investor from the ERC-3643 whitelist. Issuer-only.", "sensitive": true },
56
- { "name": "muhaven.issuer.unpause_token", "description": "Propose set-NAV-and-unpause for a freshly-deployed token. Issuer-only.", "sensitive": true },
57
- { "name": "muhaven.issuer.audit_query", "description": "Read your own tiered-autonomy audit log (issuer-self).", "sensitive": false },
58
- { "name": "muhaven.read.protection_coverage", "description": "Read the on-chain DefaultProtection coverage state for a token (P11).", "sensitive": false },
59
- { "name": "muhaven.read.kyc_attestation", "description": "Read the KYC attestation registry status for an investor (P11).", "sensitive": false },
60
- { "name": "muhaven.governance.propose", "description": "Propose an EncryptedGovernance vote. Returns unsigned UserOp (P11).", "sensitive": true },
61
- { "name": "muhaven.governance.cast_vote", "description": "Cast an encrypted vote on an open proposal. Returns unsigned UserOp (P11; runner deferred to Wave 5).", "sensitive": true }
62
- ],
63
- "user_config": [
64
- {
65
- "key": "backend_url",
66
- "type": "string",
67
- "title": "MuHaven backend URL",
68
- "description": "Backend host. Default: https://api.muhaven.app (production). Use https://api-stage.muhaven.app for staging.",
69
- "default": "https://api.muhaven.app",
70
- "sensitive": false
71
- },
72
- {
73
- "key": "dashboard_url",
74
- "type": "string",
75
- "title": "MuHaven dashboard URL",
76
- "description": "Dashboard origin used by the device-code authorization page (/link). Default: https://muhaven.app. Hardcoded for phishing resistance — do not change unless you know what you are doing.",
77
- "default": "https://muhaven.app",
78
- "sensitive": false
79
- },
80
- {
81
- "key": "broker_endpoint",
82
- "type": "string",
83
- "title": "muhaven-broker IPC endpoint",
84
- "description": "Path to the broker's Unix socket (POSIX) or named pipe (Windows). Leave blank to use the per-user default.",
85
- "default": "",
86
- "sensitive": false
87
- },
88
- {
89
- "key": "read_only",
90
- "type": "boolean",
91
- "title": "Read-only mode",
92
- "description": "When enabled, only the muhaven.read.* toolset is exposed; position.* and policy.* tools are not registered.",
93
- "default": false,
94
- "sensitive": false
95
- }
96
- ],
97
- "$comment_setup": "First-run instructions: (1) install this package via your MCPB host (Claude Desktop / Cursor / Claude Code). (2) Start the broker daemon: `muhaven-broker` (running in the background; see README for systemd / launchd / Windows-Service recipes). (3) Authenticate: `muhaven-broker login` — opens browser to https://muhaven.app/link?code=XXXX-XXXX, complete passkey ceremony. (4) Use any tool in this MCP package."
98
- }
1
+ {
2
+ "$comment": "MCPB v0.2 manifest for @muhaven/mcp. Per ADR-3 the JWT is acquired via the device-code ceremony and stored in the broker's keystore — it is NOT a user_config entry. Sensitive items declared here are limited to the broker session-key + IPC endpoint overrides.",
3
+ "manifest_version": "0.2",
4
+ "name": "muhaven-mcp",
5
+ "display_name": "MuHaven (RWA portfolio)",
6
+ "version": "0.1.3",
7
+ "description": "Confidential RWA portfolio management on Fhenix CoFHE. Read your encrypted balances, propose yield claims and policy changes — all signing happens in a sibling broker daemon, the LLM never sees your private key.",
8
+ "long_description": "MuHaven MCP exposes 22 tools across read.* / position.* / policy.* / issuer.* / governance.* groups for managing real-world asset (RWA) tokens with FHE-encrypted balances. Authentication uses a one-time device-code ceremony (run `muhaven-broker login`); subsequent tool calls fetch the JWT from the broker over a Unix socket. Position / governance tools return unsigned UserOps + broker signatures — they NEVER auto-submit to a bundler. The companion `muhaven-broker` daemon must be running before tools can be invoked. See README for setup.",
9
+ "author": {
10
+ "name": "MuHaven",
11
+ "email": "hello@muhaven.app",
12
+ "url": "https://muhaven.app"
13
+ },
14
+ "homepage": "https://muhaven.app",
15
+ "documentation": "https://github.com/hasToDev/muhaven/blob/master/packages/mcp/README.md",
16
+ "support": "https://github.com/hasToDev/muhaven/issues",
17
+ "license": "MIT",
18
+ "keywords": ["fhe", "fhenix", "rwa", "claude", "mcp", "muhaven"],
19
+ "compatibility": {
20
+ "platforms": ["darwin", "win32", "linux"],
21
+ "runtimes": {
22
+ "node": ">=20.0.0"
23
+ }
24
+ },
25
+ "server": {
26
+ "type": "node",
27
+ "entry_point": "dist/index.cjs",
28
+ "mcp_config": {
29
+ "command": "node",
30
+ "args": ["${__dirname}/dist/index.cjs"],
31
+ "env": {
32
+ "MUHAVEN_BACKEND_URL": "${user_config.backend_url}",
33
+ "MUHAVEN_DASHBOARD_URL": "${user_config.dashboard_url}",
34
+ "MUHAVEN_BROKER_ENDPOINT": "${user_config.broker_endpoint}",
35
+ "MUHAVEN_READ_ONLY": "${user_config.read_only}"
36
+ }
37
+ }
38
+ },
39
+ "tools": [
40
+ { "name": "muhaven.read.portfolio", "description": "Encrypted-balance portfolio summary; aggregates only.", "sensitive": false },
41
+ { "name": "muhaven.read.yields", "description": "Per-token yield history (cleartext aggregates).", "sensitive": false },
42
+ { "name": "muhaven.read.distribution", "description": "Distribution status for a (token, epoch).", "sensitive": false },
43
+ { "name": "muhaven.read.tokens", "description": "RWA tokens the user holds.", "sensitive": false },
44
+ { "name": "muhaven.read.audit", "description": "User's tiered-autonomy audit log.", "sensitive": false },
45
+ { "name": "muhaven.position.buy", "description": "Propose a Subscription buy. Returns unsigned UserOp.", "sensitive": true },
46
+ { "name": "muhaven.position.sell", "description": "Propose a redemption-queue sell. Returns unsigned UserOp.", "sensitive": true },
47
+ { "name": "muhaven.position.claim", "description": "Propose a yield claim. Returns unsigned UserOp.", "sensitive": true },
48
+ { "name": "muhaven.position.rebalance", "description": "Propose a multi-leg atomic rebalance.", "sensitive": true },
49
+ { "name": "muhaven.policy.set_tier", "description": "Request / commit a tiered-autonomy transition.", "sensitive": true },
50
+ { "name": "muhaven.policy.pause", "description": "Activate /pause kill-switch.", "sensitive": true },
51
+ { "name": "muhaven.policy.audit_export", "description": "Drain the audit log to JSON.", "sensitive": false },
52
+ { "name": "muhaven.policy.session_key_status", "description": "Inspect ZeroDev session-key state.", "sensitive": false },
53
+ { "name": "muhaven.issuer.distribute_yield", "description": "Propose a yield distribution. Issuer-only.", "sensitive": true },
54
+ { "name": "muhaven.issuer.kyc_add", "description": "Propose adding an investor to the ERC-3643 whitelist. Issuer-only.", "sensitive": true },
55
+ { "name": "muhaven.issuer.kyc_remove", "description": "Propose removing an investor from the ERC-3643 whitelist. Issuer-only.", "sensitive": true },
56
+ { "name": "muhaven.issuer.unpause_token", "description": "Propose set-NAV-and-unpause for a freshly-deployed token. Issuer-only.", "sensitive": true },
57
+ { "name": "muhaven.issuer.audit_query", "description": "Read your own tiered-autonomy audit log (issuer-self).", "sensitive": false },
58
+ { "name": "muhaven.read.protection_coverage", "description": "Read the on-chain DefaultProtection coverage state for a token (P11).", "sensitive": false },
59
+ { "name": "muhaven.read.kyc_attestation", "description": "Read the KYC attestation registry status for an investor (P11).", "sensitive": false },
60
+ { "name": "muhaven.governance.propose", "description": "Propose an EncryptedGovernance vote. Returns unsigned UserOp (P11).", "sensitive": true },
61
+ { "name": "muhaven.governance.cast_vote", "description": "Cast an encrypted vote on an open proposal. Returns unsigned UserOp (P11; runner deferred to Wave 5).", "sensitive": true }
62
+ ],
63
+ "user_config": [
64
+ {
65
+ "key": "backend_url",
66
+ "type": "string",
67
+ "title": "MuHaven backend URL",
68
+ "description": "Backend host. Default: https://api.muhaven.app (production). Use https://api-stage.muhaven.app for staging.",
69
+ "default": "https://api.muhaven.app",
70
+ "sensitive": false
71
+ },
72
+ {
73
+ "key": "dashboard_url",
74
+ "type": "string",
75
+ "title": "MuHaven dashboard URL",
76
+ "description": "Dashboard origin used by the device-code authorization page (/link). Default: https://muhaven.app. Hardcoded for phishing resistance — do not change unless you know what you are doing.",
77
+ "default": "https://muhaven.app",
78
+ "sensitive": false
79
+ },
80
+ {
81
+ "key": "broker_endpoint",
82
+ "type": "string",
83
+ "title": "muhaven-broker IPC endpoint",
84
+ "description": "Path to the broker's Unix socket (POSIX) or named pipe (Windows). Leave blank to use the per-user default.",
85
+ "default": "",
86
+ "sensitive": false
87
+ },
88
+ {
89
+ "key": "read_only",
90
+ "type": "boolean",
91
+ "title": "Read-only mode",
92
+ "description": "When enabled, only the muhaven.read.* toolset is exposed; position.* and policy.* tools are not registered.",
93
+ "default": false,
94
+ "sensitive": false
95
+ }
96
+ ],
97
+ "$comment_setup": "First-run instructions: (1) install this package via your MCPB host (Claude Desktop / Cursor / Claude Code). (2) Start the broker daemon: `muhaven-broker` (running in the background; see README for systemd / launchd / Windows-Service recipes). (3) Authenticate: `muhaven-broker login` — opens browser to https://muhaven.app/link?code=XXXX-XXXX, complete passkey ceremony. (4) Use any tool in this MCP package."
98
+ }
package/package.json CHANGED
@@ -1,104 +1,104 @@
1
- {
2
- "name": "@muhaven/mcp",
3
- "version": "0.1.0",
4
- "description": "MuHaven MCP server — read/position/policy toolsets bridging Claude Desktop / Cursor / Claude Code to the MuHaven backend, with a sibling muhaven-broker daemon holding the session-key private half over a local IPC socket",
5
- "type": "module",
6
- "repository": {
7
- "type": "git",
8
- "url": "git+https://github.com/hasToDev/muhaven.git",
9
- "directory": "packages/mcp"
10
- },
11
- "bugs": {
12
- "url": "https://github.com/hasToDev/muhaven/issues"
13
- },
14
- "homepage": "https://github.com/hasToDev/muhaven/tree/master/packages/mcp",
15
- "publishConfig": {
16
- "access": "public",
17
- "registry": "https://registry.npmjs.org/",
18
- "provenance": true
19
- },
20
- "sideEffects": false,
21
- "main": "./dist/index.cjs",
22
- "module": "./dist/index.js",
23
- "types": "./dist/index.d.ts",
24
- "exports": {
25
- ".": {
26
- "import": {
27
- "types": "./dist/index.d.ts",
28
- "default": "./dist/index.js"
29
- },
30
- "require": {
31
- "types": "./dist/index.d.cts",
32
- "default": "./dist/index.cjs"
33
- }
34
- },
35
- "./broker": {
36
- "import": {
37
- "types": "./dist/broker.d.ts",
38
- "default": "./dist/broker.js"
39
- },
40
- "require": {
41
- "types": "./dist/broker.d.cts",
42
- "default": "./dist/broker.cjs"
43
- }
44
- },
45
- "./package.json": "./package.json"
46
- },
47
- "bin": {
48
- "muhaven-mcp": "./bin/muhaven-mcp.cjs",
49
- "muhaven-broker": "./bin/muhaven-broker.cjs"
50
- },
51
- "files": [
52
- "dist",
53
- "bin",
54
- "manifest.json",
55
- "tool-hashes.json",
56
- "README.md",
57
- "CHANGELOG.md",
58
- "LICENSE"
59
- ],
60
- "scripts": {
61
- "build": "tsup",
62
- "dev": "MUHAVEN_DEV_BUILD=1 tsup --watch",
63
- "clean": "rimraf dist",
64
- "typecheck": "tsc --noEmit",
65
- "test": "vitest run",
66
- "test:watch": "vitest",
67
- "verify-tool-hashes": "tsx scripts/verify-tool-hashes.ts",
68
- "prepublishOnly": "pnpm clean && pnpm build && pnpm typecheck && pnpm test && pnpm verify-tool-hashes -- --check"
69
- },
70
- "dependencies": {
71
- "@modelcontextprotocol/sdk": "^1.0.4",
72
- "viem": "^2.47.0",
73
- "zod": "^3.24.0"
74
- },
75
- "optionalDependencies": {
76
- "@napi-rs/keyring": "^1.1.0"
77
- },
78
- "devDependencies": {
79
- "@types/node": "^22.0.0",
80
- "rimraf": "^5.0.0",
81
- "tsup": "^8.5.1",
82
- "tsx": "^4.21.0",
83
- "typescript": "^5.7.0",
84
- "vitest": "^3.0.0"
85
- },
86
- "engines": {
87
- "node": ">=20.0.0",
88
- "pnpm": ">=9.0.0"
89
- },
90
- "keywords": [
91
- "mcp",
92
- "model-context-protocol",
93
- "mcpb",
94
- "fhe",
95
- "fhenix",
96
- "muhaven",
97
- "rwa",
98
- "claude",
99
- "agentic",
100
- "web3",
101
- "erc-3643"
102
- ],
103
- "license": "MIT"
104
- }
1
+ {
2
+ "name": "@muhaven/mcp",
3
+ "version": "0.1.3",
4
+ "description": "MuHaven MCP server — read/position/policy toolsets bridging Claude Desktop / Cursor / Claude Code to the MuHaven backend, with a sibling muhaven-broker daemon holding the session-key private half over a local IPC socket",
5
+ "type": "module",
6
+ "repository": {
7
+ "type": "git",
8
+ "url": "git+https://github.com/hasToDev/muhaven.git",
9
+ "directory": "packages/mcp"
10
+ },
11
+ "bugs": {
12
+ "url": "https://github.com/hasToDev/muhaven/issues"
13
+ },
14
+ "homepage": "https://github.com/hasToDev/muhaven/tree/master/packages/mcp",
15
+ "publishConfig": {
16
+ "access": "public",
17
+ "registry": "https://registry.npmjs.org/",
18
+ "provenance": true
19
+ },
20
+ "sideEffects": false,
21
+ "main": "./dist/index.cjs",
22
+ "module": "./dist/index.js",
23
+ "types": "./dist/index.d.ts",
24
+ "exports": {
25
+ ".": {
26
+ "import": {
27
+ "types": "./dist/index.d.ts",
28
+ "default": "./dist/index.js"
29
+ },
30
+ "require": {
31
+ "types": "./dist/index.d.cts",
32
+ "default": "./dist/index.cjs"
33
+ }
34
+ },
35
+ "./broker": {
36
+ "import": {
37
+ "types": "./dist/broker.d.ts",
38
+ "default": "./dist/broker.js"
39
+ },
40
+ "require": {
41
+ "types": "./dist/broker.d.cts",
42
+ "default": "./dist/broker.cjs"
43
+ }
44
+ },
45
+ "./package.json": "./package.json"
46
+ },
47
+ "bin": {
48
+ "muhaven-mcp": "./bin/muhaven-mcp.cjs",
49
+ "muhaven-broker": "./bin/muhaven-broker.cjs"
50
+ },
51
+ "files": [
52
+ "dist",
53
+ "bin",
54
+ "manifest.json",
55
+ "tool-hashes.json",
56
+ "README.md",
57
+ "CHANGELOG.md",
58
+ "LICENSE"
59
+ ],
60
+ "scripts": {
61
+ "build": "tsup",
62
+ "dev": "MUHAVEN_DEV_BUILD=1 tsup --watch",
63
+ "clean": "rimraf dist",
64
+ "typecheck": "tsc --noEmit",
65
+ "test": "vitest run",
66
+ "test:watch": "vitest",
67
+ "verify-tool-hashes": "tsx scripts/verify-tool-hashes.ts",
68
+ "prepublishOnly": "pnpm clean && pnpm build && pnpm typecheck && pnpm test && pnpm verify-tool-hashes -- --check"
69
+ },
70
+ "dependencies": {
71
+ "@modelcontextprotocol/sdk": "^1.0.4",
72
+ "viem": "^2.47.0",
73
+ "zod": "^3.24.0"
74
+ },
75
+ "optionalDependencies": {
76
+ "@napi-rs/keyring": "^1.1.0"
77
+ },
78
+ "devDependencies": {
79
+ "@types/node": "^22.0.0",
80
+ "rimraf": "^5.0.0",
81
+ "tsup": "^8.5.1",
82
+ "tsx": "^4.21.0",
83
+ "typescript": "^5.7.0",
84
+ "vitest": "^3.0.0"
85
+ },
86
+ "engines": {
87
+ "node": ">=20.0.0",
88
+ "pnpm": ">=9.0.0"
89
+ },
90
+ "keywords": [
91
+ "mcp",
92
+ "model-context-protocol",
93
+ "mcpb",
94
+ "fhe",
95
+ "fhenix",
96
+ "muhaven",
97
+ "rwa",
98
+ "claude",
99
+ "agentic",
100
+ "web3",
101
+ "erc-3643"
102
+ ],
103
+ "license": "MIT"
104
+ }