@nekzus/liop 1.2.0-alpha.10

package/dist/bridge/stream.js

@@ -0,0 +1,202 @@
+import { randomUUID } from "node:crypto";
+import { serve } from "@hono/node-server";
+import { WebStandardStreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/webStandardStreamableHttp.js";
+import { Hono } from "hono";
+import { cors } from "hono/cors";
+import { log } from "../utils/logger.js";
+import { LiopMcpBridge } from "./index.js";
+const DEFAULT_MAX_SESSIONS_PER_IP = 10;
+const DEFAULT_SESSION_TIMEOUT_MS = 30 * 60 * 1000; // 30 minutes
+const EVICTION_INTERVAL_MS = 60 * 1000; // Check every minute
+/**
+ * LiopStreamBridge
+ *
+ * Exposes a LiopServer over a remote HTTP network using the industry-standard
+ * MCP Streamable HTTP Transport + Hono JS.
+ *
+ * Supports concurrent multi-client connections via per-session transport instances (Map pattern).
+ * External agents connect using only a URL + Bearer Token (Zero-Trust).
+ *
+ * Security hardening:
+ * - Zero-Trust Bearer Token enforcement
+ * - Per-IP rate limiting on session creation
+ * - Automatic eviction of idle sessions (TTL)
+ */
+export class LiopStreamBridge {
+    options;
+    app;
+    httpServer = null;
+    bridgeLogic;
+    activeSessions;
+    evictionTimer = null;
+    maxSessionsPerIp;
+    sessionTimeoutMs;
+    constructor(internalServer, options = {}) {
+        this.options = options;
+        this.app = new Hono();
+        this.bridgeLogic = new LiopMcpBridge(internalServer);
+        this.activeSessions = new Map();
+        this.maxSessionsPerIp =
+            options.maxSessionsPerIp ?? DEFAULT_MAX_SESSIONS_PER_IP;
+        this.sessionTimeoutMs =
+            options.sessionTimeoutMs ?? DEFAULT_SESSION_TIMEOUT_MS;
+        this.setupRoutes();
+    }
+    /**
+     * Creates a new per-session transport instance and wires it to the LIOPMcpBridge logic.
+     */
+    createSessionTransport(clientIp) {
+        const transport = new WebStandardStreamableHTTPServerTransport({
+            sessionIdGenerator: () => randomUUID(),
+            onsessioninitialized: (sessionId) => {
+                this.activeSessions.set(sessionId, {
+                    transport,
+                    lastActivity: Date.now(),
+                    clientIp,
+                });
+                log.info(`[LIOP-StreamBridge] Session opened: ${sessionId} (IP: ${clientIp})`);
+            },
+        });
+        // Wire the transport's incoming messages to the LiopMcpBridge JSON-RPC router
+        transport.onmessage = async (message) => {
+            // Touch activity timestamp on every message
+            if (transport.sessionId) {
+                const entry = this.activeSessions.get(transport.sessionId);
+                if (entry)
+                    entry.lastActivity = Date.now();
+            }
+            try {
+                const result = await this.bridgeLogic.handleJsonRpcRequest(message);
+                // Notifications return undefined — no response needed
+                if (result !== undefined) {
+                    await transport.send(result);
+                }
+            }
+            catch (err) {
+                log.info("[LIOP-StreamBridge] JSON-RPC error:", err.message);
+            }
+        };
+        transport.onclose = () => {
+            if (transport.sessionId) {
+                this.activeSessions.delete(transport.sessionId);
+                log.info(`[LIOP-StreamBridge] Session closed: ${transport.sessionId}`);
+            }
+        };
+        return transport;
+    }
+    /**
+     * Returns the number of active sessions for a given IP.
+     */
+    countSessionsByIp(ip) {
+        let count = 0;
+        for (const entry of this.activeSessions.values()) {
+            if (entry.clientIp === ip)
+                count++;
+        }
+        return count;
+    }
+    /**
+     * Extracts client IP from the request (supports X-Forwarded-For for reverse proxies).
+     */
+    getClientIp(c) {
+        return (c.req.header("x-forwarded-for")?.split(",")[0]?.trim() ||
+            c.req.header("x-real-ip") ||
+            "unknown");
+    }
+    /**
+     * Evicts sessions that have been idle longer than the configured timeout.
+     */
+    evictIdleSessions() {
+        const now = Date.now();
+        for (const [sessionId, entry] of this.activeSessions) {
+            if (now - entry.lastActivity > this.sessionTimeoutMs) {
+                log.info(`[LIOP-StreamBridge] Evicting idle session: ${sessionId}`);
+                entry.transport.close().catch(() => {
+                    /* Swallow close errors */
+                });
+                this.activeSessions.delete(sessionId);
+            }
+        }
+    }
+    setupRoutes() {
+        this.app.use("*", cors());
+        // ZTA (Zero-Trust Architecture) Security Middleware
+        this.app.use("/mcp", async (c, next) => {
+            const auth = c.req.header("Authorization");
+            const expectedToken = process.env.ZERO_TRUST_TOKEN;
+            if (expectedToken) {
+                if (!auth?.startsWith("Bearer ") ||
+                    auth.split(" ")[1] !== expectedToken) {
+                    log.info("[LIOP-StreamBridge] ALERT: Access denied - Invalid Zero-Trust token.");
+                    return c.json({ error: "Unauthorized: LIOP Zero-Trust Policy Enforced" }, 401);
+                }
+            }
+            await next();
+        });
+        // Multi-Session Streamable HTTP Handler
+        this.app.all("/mcp", async (c) => {
+            const sessionId = c.req.header("mcp-session-id");
+            // Route to existing session if session ID is present
+            if (sessionId) {
+                const existing = this.activeSessions.get(sessionId);
+                if (!existing) {
+                    return c.json({ error: "Session not found" }, 404);
+                }
+                // Touch activity on every routed request
+                existing.lastActivity = Date.now();
+                const response = await existing.transport.handleRequest(c.req.raw);
+                // If DELETE, the transport closes internally but onclose may not fire.
+                // Explicitly clean up the session from the Map.
+                if (c.req.method === "DELETE") {
+                    this.activeSessions.delete(sessionId);
+                    log.info(`[LIOP-StreamBridge] Session closed (DELETE): ${sessionId}`);
+                }
+                return response;
+            }
+            // No session ID → New client initializing.
+            // Rate-limit: enforce max sessions per IP
+            const clientIp = this.getClientIp(c);
+            const currentSessions = this.countSessionsByIp(clientIp);
+            if (currentSessions >= this.maxSessionsPerIp) {
+                log.info(`[LIOP-StreamBridge] Rate limit hit for IP: ${clientIp} (${currentSessions} sessions)`);
+                return c.json({ error: "Too Many Sessions: Rate limit exceeded" }, 429);
+            }
+            const transport = this.createSessionTransport(clientIp);
+            return transport.handleRequest(c.req.raw);
+        });
+    }
+    /**
+     * Starts the LiopStreamBridge HTTP server and session eviction timer.
+     */
+    async start(port) {
+        const listenPort = port ?? this.options.port ?? 3000;
+        // Start the idle session eviction timer
+        this.evictionTimer = setInterval(() => this.evictIdleSessions(), EVICTION_INTERVAL_MS);
+        return new Promise((resolve) => {
+            this.httpServer = serve({
+                fetch: this.app.fetch,
+                port: listenPort,
+            }, (info) => {
+                log.info(`[LIOP-StreamBridge] Streamable HTTP Gateway on http://localhost:${info.port}/mcp`);
+                resolve();
+            });
+        });
+    }
+    /**
+     * Graceful shutdown — closes all active sessions, stops timers, and releases port.
+     */
+    async stop() {
+        if (this.evictionTimer) {
+            clearInterval(this.evictionTimer);
+            this.evictionTimer = null;
+        }
+        for (const [id, entry] of this.activeSessions) {
+            await entry.transport.close();
+            this.activeSessions.delete(id);
+        }
+        if (this.httpServer) {
+            this.httpServer.close();
+            log.info("[LIOP-StreamBridge] HTTP ports released.");
+        }
+    }
+}

package/dist/client/index.d.ts

@@ -0,0 +1,60 @@
+import { LiopVerifier } from "../crypto/verifier.js";
+import { type MeshNodeConfig } from "../mesh/node.js";
+import type { LiopTlsOptions } from "../rpc/tls.js";
+import type { CallToolRequest, CallToolResult } from "../types.js";
+/**
+ * LIOP Client
+ * High-level orchestration for discovery and execution in the Logic-Injection-on-Origin mesh.
+ */
+export declare class LiopClient {
+    private meshNode;
+    private rpcClients;
+    private manifests;
+    private tlsOptions?;
+    private serverInfo?;
+    verifier: LiopVerifier;
+    constructor(tls?: LiopTlsOptions);
+    /**
+     * Discovers and connects to the target server or mesh capability.
+     * If address is omitted, it sets up the MeshNode to act purely dynamically.
+     */
+    connect(address?: string, options?: {
+        meshConfig?: MeshNodeConfig;
+    }): Promise<void>;
+    /**
+     * Dynamically queries Kademlia DHT to find the optimal PeerID providing the Capability
+     * and returns the physical gRPC target (host:port) resolved from the provider's manifest.
+     */
+    resolveCapability(toolName: string): Promise<string>;
+    /**
+     * Discovers remote capabilities via the LIOP Manifest Protocol.
+     */
+    discoverTools(): Promise<{
+        name: string;
+        description?: string;
+    }[]>;
+    /**
+     * Invokes a tool.
+     */
+    callTool(request: CallToolRequest, _wasmPayload?: Buffer): Promise<CallToolResult>;
+    private getOrCreateRpcClient;
+    /**
+     * Reads a specific resource by URI.
+     * In LIOP, resources can be static definitions or dynamic streams.
+     */
+    readResource(uri: string): Promise<{
+        contents: Array<{
+            uri: string;
+            mimeType?: string;
+            text: string;
+        }>;
+    }>;
+    getServerInfo(): {
+        name: string;
+        version: string;
+    } | undefined;
+    /**
+     * Destroys the active Mesh Node resources.
+     */
+    close(): Promise<void>;
+}

package/dist/client/index.js

@@ -0,0 +1,275 @@
+import { LiopVerifier } from "../crypto/verifier.js";
+import { MeshNode, } from "../mesh/node.js";
+import { LiopRpcClient } from "../rpc/client.js";
+import { AesGcmWrapper } from "../rpc/crypto/aes.js";
+import { Kyber768Wrapper } from "../rpc/crypto/kyber.js";
+import { log } from "../utils/logger.js";
+/**
+ * LIOP Client
+ * High-level orchestration for discovery and execution in the Logic-Injection-on-Origin mesh.
+ */
+export class LiopClient {
+    meshNode = null;
+    rpcClients = new Map();
+    manifests = new Map();
+    tlsOptions;
+    serverInfo;
+    verifier = new LiopVerifier();
+    constructor(tls) {
+        this.tlsOptions = tls;
+    }
+    /**
+     * Discovers and connects to the target server or mesh capability.
+     * If address is omitted, it sets up the MeshNode to act purely dynamically.
+     */
+    async connect(address, options) {
+        this.meshNode = new MeshNode(options?.meshConfig);
+        await this.meshNode.start();
+        log.info(`[LiopClient] Mesh Node synchronized. PeerID: ${this.meshNode.getPeerId()}`);
+        if (address) {
+            this.rpcClients.set("static", new LiopRpcClient(address, this.tlsOptions));
+            this.serverInfo = { name: `LiopServer (${address})`, version: "1.0.0" };
+            log.info(`[LiopClient] Static gRPC configured for: ${address}`);
+        }
+        else {
+            this.serverInfo = { name: "LiopServer (Mesh Alpha)", version: "1.0.0" };
+        }
+    }
+    /**
+     * Dynamically queries Kademlia DHT to find the optimal PeerID providing the Capability
+     * and returns the physical gRPC target (host:port) resolved from the provider's manifest.
+     */
+    async resolveCapability(toolName) {
+        if (!this.meshNode)
+            throw new Error("Client must be connected to Mesh to resolve capabilities.");
+        log.info(`[LiopClient] Querying Mesh DHT for Provider: ${toolName}...`);
+        const providers = await this.meshNode.findProviders(toolName);
+        if (providers.length === 0) {
+            throw new Error(`Kademlia DHT found zero providers for capability: ${toolName}`);
+        }
+        const providerId = providers[0];
+        log.info(`[LiopClient] Identified Alpha Provider PeerID: ${providerId}`);
+        let grpcPort = 50051;
+        const manifest = await this.meshNode.queryManifest(providerId);
+        if (manifest) {
+            grpcPort = manifest.grpcPort;
+            log.info(`[LiopClient] Manifest resolved: gRPC port ${grpcPort}`);
+        }
+        const addrs = await this.meshNode.resolvePeer(providerId);
+        for (const maddr of addrs) {
+            const parts = maddr.split("/");
+            if (parts[1] === "ip4") {
+                const grpcHost = `${parts[2]}:${grpcPort}`;
+                log.info(`[LiopClient] Translated Multiaddr to gRPC Target: ${grpcHost}`);
+                return grpcHost;
+            }
+        }
+        return `127.0.0.1:${grpcPort}`;
+    }
+    /**
+     * Discovers remote capabilities via the LIOP Manifest Protocol.
+     */
+    async discoverTools() {
+        if (!this.meshNode) {
+            throw new Error("Client must be connected before discovering tools.");
+        }
+        log.info(`[LiopClient] Discovery started...`);
+        const providerIds = await this.meshNode.discoverManifestProviders();
+        const tools = [];
+        const seenNames = new Set();
+        for (const peerId of providerIds) {
+            try {
+                log.info(`[LiopClient] Querying manifest from: ${peerId}`);
+                const manifest = await this.meshNode.queryManifest(peerId);
+                if (manifest) {
+                    this.manifests.set(peerId, manifest);
+                    for (const tool of manifest.tools) {
+                        if (!seenNames.has(tool.name)) {
+                            tools.push({ name: tool.name, description: tool.description });
+                            seenNames.add(tool.name);
+                        }
+                    }
+                }
+            }
+            catch (err) {
+                log.info(`[LiopClient] Error querying manifest from ${peerId}:`, err instanceof Error ? err.message : String(err));
+            }
+        }
+        log.info(`[LiopClient] Discovery finished. Found ${tools.length} unique tools.`);
+        return tools;
+    }
+    /**
+     * Invokes a tool.
+     */
+    async callTool(request, _wasmPayload) {
+        if (!this.meshNode) {
+            throw new Error("Client must be connected before calling tools.");
+        }
+        const toolName = request.name;
+        log.info(`[LiopClient] Resolving Tool: ${toolName}`);
+        // [ALPHA-FIX] Bypass DHT discovery if we are already statically connected to a provider (Enterprise/Test mode)
+        let rpcClient = this.rpcClients.get("static");
+        if (!rpcClient) {
+            const dynamicAddress = await this.resolveCapability(toolName);
+            rpcClient = this.getOrCreateRpcClient(toolName, dynamicAddress);
+        }
+        else {
+            log.info(`[LiopClient] Using existing static gRPC connection for ${toolName}.`);
+        }
+        log.info(`[LiopClient] Negotiating intent for ${toolName}...`);
+        const agentDid = this.meshNode
+            ? `did:liop:${this.meshNode.getPeerId()}`
+            : "did:liop:ephemeral";
+        const intentPayload = Buffer.from(`${toolName}:${Date.now()}`);
+        const proofOfIntent = this.meshNode
+            ? await this.meshNode.sign(intentPayload)
+            : intentPayload;
+        const intentResponse = (await rpcClient.negotiateIntent({
+            agent_did: agentDid,
+            capability_hash: toolName,
+            proof_of_intent: proofOfIntent,
+        }));
+        if (!intentResponse.accepted) {
+            throw new Error(`Intent denied by host: ${intentResponse.error_message}`);
+        }
+        // LIOP Robust Field Extraction (Supports both snake_case and camelCase via gRPC-JS)
+        const publicKey = intentResponse.kyber_public_key || intentResponse.kyberPublicKey;
+        const sessionToken = intentResponse.session_token || intentResponse.sessionToken;
+        if (!publicKey) {
+            log.info("[LiopClient] Critical Error: Kyber Public Key not found in IntentResponse.", intentResponse);
+            throw new Error("Handshake failed: Remote host did not provide a valid Kyber Public Key.");
+        }
+        // 2. Post-Quantum Encapsulation (ML-KEM-768)
+        log.info(`[LiopClient] Encapsulating Post-Quantum Shared Secret for ${request.name}...`);
+        const { ciphertext: kyberCiphertext, sharedSecret } = await Kyber768Wrapper.encapsulateAsymmetric(publicKey);
+        // 3. Symmetric Sealing (AES-256-GCM)
+        log.info(`[LiopClient] Sealing WASM Payload and Inputs...`);
+        const _safePayload = _wasmPayload || Buffer.from("");
+        // Encrypt WASM binary
+        const { ciphertext: encryptedWasm, nonce: aesNonce } = AesGcmWrapper.encryptPayload(_safePayload, sharedSecret);
+        // Encrypt inputs using the SAME session nonce for the multi-payload request (Standard LIOP V1)
+        const encryptedInputs = {};
+        for (const [key, value] of Object.entries(request.arguments || {})) {
+            // We manually encrypt with the same nonce/key to match the Proto structure
+            // ideally we'd have per-field nonces, but for Alpha we follow the liop_core.proto v1.
+            const crypto = await import("node:crypto");
+            const cipher = crypto.createCipheriv("aes-256-gcm", sharedSecret, aesNonce);
+            const encrypted = Buffer.concat([
+                cipher.update(JSON.stringify(value)),
+                cipher.final(),
+            ]);
+            const authTag = cipher.getAuthTag();
+            encryptedInputs[key] = Buffer.concat([encrypted, authTag]);
+        }
+        // 4. Assemble and Execute gRPC LogicRequest
+        const logicRequest = {
+            session_token: sessionToken,
+            wasm_binary: encryptedWasm,
+            inputs: encryptedInputs,
+            pqc_ciphertext: kyberCiphertext,
+            aes_nonce: aesNonce,
+        };
+        return new Promise((resolve, reject) => {
+            const stream = rpcClient.executeLogic(logicRequest);
+            if (!stream) {
+                reject(new Error("RPC Client unavailable or failed to create stream."));
+                return;
+            }
+            let resultFulfilled = false;
+            let hasReceivedData = false;
+            stream.on("data", async (response) => {
+                if (resultFulfilled)
+                    return;
+                hasReceivedData = true;
+                log.info("[LiopClient] Logic Executed. Verification in progress...");
+                try {
+                    const isValid = await this.verifier.verifyZkReceipt(_safePayload, Buffer.from(response.cryptographic_proof).toString("hex"), Buffer.from(response.zk_receipt));
+                    if (!isValid) {
+                        reject(new Error("PROTOCOL INTEGRITY VIOLATION: ZK-Receipt verification failed."));
+                        return;
+                    }
+                    resultFulfilled = true;
+                    resolve({
+                        content: [
+                            {
+                                type: "text",
+                                text: response.semantic_evidence,
+                            },
+                        ],
+                        isError: response.is_error,
+                    });
+                }
+                catch (err) {
+                    reject(err);
+                }
+            });
+            stream.on("error", (err) => {
+                if (resultFulfilled)
+                    return;
+                log.error("[LiopClient] Stream Error:", err);
+                reject(err);
+            });
+            stream.on("end", () => {
+                // We don't throw here if we already received a response block that is currently
+                // undergoing ZK Verification in the Piscina worker pool.
+                if (!hasReceivedData && !resultFulfilled) {
+                    reject(new Error("Logic-on-Origin stream closed without results."));
+                }
+            });
+        });
+    }
+    getOrCreateRpcClient(peerId, address) {
+        let client = this.rpcClients.get(peerId);
+        if (!client) {
+            client = new LiopRpcClient(address, this.tlsOptions);
+            this.rpcClients.set(peerId, client);
+        }
+        return client;
+    }
+    /**
+     * Reads a specific resource by URI.
+     * In LIOP, resources can be static definitions or dynamic streams.
+     */
+    async readResource(uri) {
+        if (!this.meshNode) {
+            throw new Error("Client must be connected before reading resources.");
+        }
+        log.info(`[LiopClient] Querying Mesh for Resource: ${uri}...`);
+        // We search for the peer hosting the resource in the P2P Mesh
+        const providers = await this.meshNode.findProviders(uri);
+        if (providers.length === 0) {
+            throw new Error(`No mesh providers found for resource: ${uri}`);
+        }
+        // Query the remote peer's manifest
+        const manifest = await this.meshNode.queryManifest(providers[0]);
+        if (!manifest) {
+            throw new Error("Target peer did not return a valid LIOP Manifest.");
+        }
+        // Locate the exact resource metadata
+        const resourceDef = manifest.resources?.find((r) => r.uri === uri);
+        if (!resourceDef) {
+            throw new Error(`Resource ${uri} not listed in remote manifest.`);
+        }
+        // Return the declarative metadata (Logic-Injection is required for actual data extraction)
+        return {
+            contents: [
+                {
+                    uri,
+                    mimeType: resourceDef.mimeType || "application/json",
+                    text: JSON.stringify(resourceDef, null, 2),
+                },
+            ],
+        };
+    }
+    getServerInfo() {
+        return this.serverInfo;
+    }
+    /**
+     * Destroys the active Mesh Node resources.
+     */
+    async close() {
+        if (this.meshNode) {
+            await this.meshNode.stop();
+        }
+    }
+}

package/dist/crypto/logic-image-id.d.ts

@@ -0,0 +1,3 @@
+export declare function normalizeLogicSource(logicUtf8: string): string;
+/** SHA-256 digest of logic bytes (WASM raw; JS UTF-8 after top-level envelope strip). */
+export declare function deriveLogicImageDigest(logicPayload: Uint8Array): Buffer;

package/dist/crypto/logic-image-id.js

@@ -0,0 +1,27 @@
+import crypto from "node:crypto";
+/**
+ * Top-level LIOP v1 envelope only. Must NOT use multiline (^/$) mode:
+ * proxy logic embeds a full envelope inside JSON strings; `^` per line would
+ * incorrectly treat that as the document root and desync ImageID vs the worker.
+ */
+const TOP_LEVEL_ENVELOPE = /^\s*LIOP_MAGIC:0x00FF\s*\n?\s*MANIFEST:\{[\s\S]*?\}\s*\n?\s*---BEGIN_LOGIC---\n?([\s\S]*?)\n?---END_LOGIC---\s*$/;
+export function normalizeLogicSource(logicUtf8) {
+    const match = logicUtf8.match(TOP_LEVEL_ENVELOPE);
+    if (match?.[1] !== undefined) {
+        return match[1].trim();
+    }
+    return logicUtf8.trim();
+}
+/** SHA-256 digest of logic bytes (WASM raw; JS UTF-8 after top-level envelope strip). */
+export function deriveLogicImageDigest(logicPayload) {
+    const isWasm = logicPayload[0] === 0x00 && logicPayload[1] === 0x61;
+    if (isWasm) {
+        return crypto.createHash("sha256").update(logicPayload).digest();
+    }
+    const text = Buffer.from(logicPayload).toString("utf-8");
+    const normalized = normalizeLogicSource(text);
+    return crypto
+        .createHash("sha256")
+        .update(Buffer.from(normalized, "utf-8"))
+        .digest();
+}

package/dist/crypto/verifier.d.ts

@@ -0,0 +1,29 @@
+/**
+ * LIOP Tier-0 Industrial Verifier
+ *
+ * This engine is responsible for the trustless verification of remote logic execution.
+ * It validates both the integrity of the code (ZkImageID) and the mathematical proof
+ * of its execution (ZkSeal), as well as hardware-level attestation (TEE).
+ */
+export declare class LiopVerifier {
+    private static zkWorkerPool;
+    private getZkPool;
+    /**
+     * Verifies a Zero-Knowledge Receipt from a remote LIOP node via Worker Pool.
+     *
+     * @param logicPayload The raw WASM or JS logic that was sent to the provider.
+     * @param remoteImageIdHex The ImageID reported by the provider (must match our local calculation).
+     * @param zkReceipt The mathematical proof (Seal + Journal) from the zkVM.
+     */
+    verifyZkReceipt(logicPayload: Buffer, remoteImageIdHex: string, zkReceipt: Buffer): Promise<boolean>;
+    /**
+     * Verifies if a node is running inside an authenticated TEE (e.g. AWS Nitro).
+     *
+     * @param attestationReport The COSE-signed attestation document from the hardware.
+     */
+    verifyTeeAttestation(attestationReport: Buffer): Promise<boolean>;
+    /**
+     * Derives the ImageID of a logic payload following the LIOP v1 Standard.
+     */
+    deriveImageId(logicPayload: Buffer): Buffer;
+}