@obelyzk/sdk 1.3.0 → 1.5.0

package/README.md

@@ -38,7 +38,7 @@ Create a prover client instance.
 
 ```typescript
 const client = createProverClient({
-  url: "https://api.obelysk.com",  // default; or your own GPU prover
+  url: "https://api.bitsage.network",  // default; or your own GPU prover
   apiKey: "your-api-key",           // optional, for rate limiting
   timeout: 300_000,                 // request timeout in ms (default: 5 min)
 });
@@ -133,7 +133,7 @@ console.log("Result:", job.result);
 
 When `onChain: true`, the SDK submits the proof to the ObelyZK Recursive Verifier contract on Starknet Sepolia. Verification uses full OODS + Merkle + FRI + PoW (trustless).
 
-- **Contract:** `0x707819dea6210ab58b358151419a604ffdb16809b568bf6f8933067c2a28715`
+- **Contract:** `0x1c208a5fe731c0d03b098b524f274c537587ea1d43d903838cc4a2bf90c40c7`
 - **Method:** `verify_recursive(model_id, io_commitment, stark_proof_data)`
 - **Verification:** Full OODS + Merkle + FRI + PoW (trustless)
 - **Felts:** ~942 per proof (49x compression)
@@ -149,7 +149,7 @@ const provider = new RpcProvider({
 });
 
 const result = await provider.callContract({
-  contractAddress: "0x707819dea6210ab58b358151419a604ffdb16809b568bf6f8933067c2a28715",
+  contractAddress: "0x1c208a5fe731c0d03b098b524f274c537587ea1d43d903838cc4a2bf90c40c7",
   entrypoint: "get_recursive_verification_count",
   calldata: [modelId],
 });

package/dist/chunk-ASKP7TIW.mjs

@@ -0,0 +1,153 @@
+import {
+  AgentFirewallSDK
+} from "./chunk-NQ4E7ULF.mjs";
+
+// src/firewall/middleware.ts
+function createPolicyEnforcer(config) {
+  return new PolicyEnforcer(config);
+}
+var PolicyEnforcer = class {
+  sdk;
+  config;
+  blockThreshold;
+  escalateThreshold;
+  constructor(config) {
+    this.config = config;
+    this.blockThreshold = config.blockThreshold ?? 7e4;
+    this.escalateThreshold = config.escalateThreshold ?? 4e4;
+    this.sdk = new AgentFirewallSDK({
+      proverUrl: config.proverUrl,
+      firewallContract: config.firewallContract ?? "",
+      verifierContract: config.verifierContract ?? "",
+      rpcUrl: config.rpcUrl ?? "https://starknet-sepolia.public.blastapi.io",
+      apiKey: config.apiKey
+    });
+  }
+  /**
+   * Check whether an action should be allowed.
+   * Calls the ZKML classifier and returns a structured decision.
+   */
+  async checkAction(tx) {
+    const result = await this.sdk.classify(tx);
+    const allowed = result.decision === "approve";
+    let reason;
+    switch (result.decision) {
+      case "approve":
+        reason = `Approved: threat_score=${result.threatScore}`;
+        break;
+      case "escalate":
+        reason = `Escalated: threat_score=${result.threatScore}. Requires human approval.`;
+        break;
+      case "block":
+        reason = `Blocked: threat_score=${result.threatScore}. Action rejected by ZKML classifier.`;
+        break;
+    }
+    return {
+      allowed,
+      decision: result.decision,
+      threatScore: result.threatScore,
+      reason,
+      ioCommitment: result.ioCommitment,
+      policyCommitment: result.policyCommitment,
+      proveTimeMs: result.proveTimeMs
+    };
+  }
+  /**
+   * Check if a Bash command contains an on-chain transaction pattern.
+   * Returns the target address if found, null otherwise.
+   */
+  extractTarget(command) {
+    if (!/(?:starkli|sncast)\s+(?:invoke|deploy)/.test(command) && !/(?:cast\s+send|transfer|approve)/.test(command)) {
+      return null;
+    }
+    const match = command.match(/0x[0-9a-fA-F]{10,66}/);
+    return match ? match[0] : null;
+  }
+  /**
+   * Build a canUseTool callback for the Claude Agent SDK.
+   *
+   * Returns an async function that:
+   * - Auto-allows ObelyZK policy tools
+   * - Auto-allows safe read-only tools (Read, Glob, Grep)
+   * - Classifies Bash commands containing on-chain transactions
+   * - Blocks everything else
+   */
+  buildCanUseTool() {
+    return async (tool, input) => {
+      if (tool.startsWith("mcp__obelyzk-policy__")) {
+        return { approved: true };
+      }
+      const safeTools = ["Read", "Glob", "Grep", "Bash"];
+      if (!safeTools.includes(tool)) {
+        return {
+          approved: false,
+          reason: `Tool '${tool}' not in allowlist. Only safe tools and ObelyZK policy tools are allowed.`
+        };
+      }
+      if (tool === "Bash") {
+        const command = input.command || "";
+        const target = this.extractTarget(command);
+        if (target) {
+          const check = await this.checkAction({ target });
+          if (!check.allowed) {
+            return { approved: false, reason: check.reason };
+          }
+        }
+      }
+      return { approved: true };
+    };
+  }
+  /**
+   * Get the MCP server configuration for .claude/settings.json
+   * or Claude Agent SDK's mcpServers option.
+   */
+  getMcpServerConfig() {
+    const mcpPath = this.config.mcpServerPath ?? "./node_modules/@obelyzk/sdk/src/mcp-policy/index.ts";
+    return {
+      "obelyzk-policy": {
+        command: "npx",
+        args: ["ts-node", mcpPath],
+        env: {
+          PROVER_URL: this.config.proverUrl,
+          STARKNET_RPC: this.config.rpcUrl ?? "",
+          FIREWALL_CONTRACT: this.config.firewallContract ?? "",
+          VERIFIER_CONTRACT: this.config.verifierContract ?? "",
+          PROVER_API_KEY: this.config.apiKey ?? ""
+        }
+      }
+    };
+  }
+  /**
+   * Get the list of allowed tools for Claude Agent SDK.
+   * Includes safe read-only tools and all ObelyZK policy tools.
+   */
+  getAllowedTools() {
+    return [
+      "Read",
+      "Glob",
+      "Grep",
+      "Bash",
+      "mcp__obelyzk-policy__obelyzk_classify",
+      "mcp__obelyzk-policy__obelyzk_agent_status",
+      "mcp__obelyzk-policy__obelyzk_check_action",
+      "mcp__obelyzk-policy__obelyzk_health",
+      "mcp__obelyzk-policy__obelyzk_get_policy",
+      "mcp__obelyzk-policy__obelyzk_list_models",
+      "mcp__obelyzk-policy__obelyzk_verify_proof",
+      "mcp__obelyzk-policy__obelyzk_register_agent",
+      "mcp__obelyzk-policy__obelyzk_submit_action",
+      "mcp__obelyzk-policy__obelyzk_resolve_action",
+      "mcp__obelyzk-policy__obelyzk_approve_escalated",
+      "mcp__obelyzk-policy__obelyzk_reject_escalated"
+    ];
+  }
+  /** Get the underlying AgentFirewallSDK for advanced use. */
+  getSDK() {
+    return this.sdk;
+  }
+};
+
+export {
+  createPolicyEnforcer,
+  PolicyEnforcer
+};

package/dist/chunk-DGYMDV5X.mjs

@@ -0,0 +1,153 @@
+import {
+  AgentFirewallSDK
+} from "./chunk-Y4PBMUWM.mjs";
+
+// src/firewall/middleware.ts
+function createPolicyEnforcer(config) {
+  return new PolicyEnforcer(config);
+}
+var PolicyEnforcer = class {
+  sdk;
+  config;
+  blockThreshold;
+  escalateThreshold;
+  constructor(config) {
+    this.config = config;
+    this.blockThreshold = config.blockThreshold ?? 7e4;
+    this.escalateThreshold = config.escalateThreshold ?? 4e4;
+    this.sdk = new AgentFirewallSDK({
+      proverUrl: config.proverUrl,
+      firewallContract: config.firewallContract ?? "",
+      verifierContract: config.verifierContract ?? "",
+      rpcUrl: config.rpcUrl ?? "https://starknet-sepolia.public.blastapi.io",
+      apiKey: config.apiKey
+    });
+  }
+  /**
+   * Check whether an action should be allowed.
+   * Calls the ZKML classifier and returns a structured decision.
+   */
+  async checkAction(tx) {
+    const result = await this.sdk.classify(tx);
+    const allowed = result.decision === "approve";
+    let reason;
+    switch (result.decision) {
+      case "approve":
+        reason = `Approved: threat_score=${result.threatScore}`;
+        break;
+      case "escalate":
+        reason = `Escalated: threat_score=${result.threatScore}. Requires human approval.`;
+        break;
+      case "block":
+        reason = `Blocked: threat_score=${result.threatScore}. Action rejected by ZKML classifier.`;
+        break;
+    }
+    return {
+      allowed,
+      decision: result.decision,
+      threatScore: result.threatScore,
+      reason,
+      ioCommitment: result.ioCommitment,
+      policyCommitment: result.policyCommitment,
+      proveTimeMs: result.proveTimeMs
+    };
+  }
+  /**
+   * Check if a Bash command contains an on-chain transaction pattern.
+   * Returns the target address if found, null otherwise.
+   */
+  extractTarget(command) {
+    if (!/(?:starkli|sncast)\s+(?:invoke|deploy)/.test(command) && !/(?:cast\s+send|transfer|approve)/.test(command)) {
+      return null;
+    }
+    const match = command.match(/0x[0-9a-fA-F]{10,66}/);
+    return match ? match[0] : null;
+  }
+  /**
+   * Build a canUseTool callback for the Claude Agent SDK.
+   *
+   * Returns an async function that:
+   * - Auto-allows ObelyZK policy tools
+   * - Auto-allows safe read-only tools (Read, Glob, Grep)
+   * - Classifies Bash commands containing on-chain transactions
+   * - Blocks everything else
+   */
+  buildCanUseTool() {
+    return async (tool, input) => {
+      if (tool.startsWith("mcp__obelyzk-policy__")) {
+        return { approved: true };
+      }
+      const safeTools = ["Read", "Glob", "Grep", "Bash"];
+      if (!safeTools.includes(tool)) {
+        return {
+          approved: false,
+          reason: `Tool '${tool}' not in allowlist. Only safe tools and ObelyZK policy tools are allowed.`
+        };
+      }
+      if (tool === "Bash") {
+        const command = input.command || "";
+        const target = this.extractTarget(command);
+        if (target) {
+          const check = await this.checkAction({ target });
+          if (!check.allowed) {
+            return { approved: false, reason: check.reason };
+          }
+        }
+      }
+      return { approved: true };
+    };
+  }
+  /**
+   * Get the MCP server configuration for .claude/settings.json
+   * or Claude Agent SDK's mcpServers option.
+   */
+  getMcpServerConfig() {
+    const mcpPath = this.config.mcpServerPath ?? "./node_modules/@obelyzk/sdk/src/mcp-policy/index.ts";
+    return {
+      "obelyzk-policy": {
+        command: "npx",
+        args: ["ts-node", mcpPath],
+        env: {
+          PROVER_URL: this.config.proverUrl,
+          STARKNET_RPC: this.config.rpcUrl ?? "",
+          FIREWALL_CONTRACT: this.config.firewallContract ?? "",
+          VERIFIER_CONTRACT: this.config.verifierContract ?? "",
+          PROVER_API_KEY: this.config.apiKey ?? ""
+        }
+      }
+    };
+  }
+  /**
+   * Get the list of allowed tools for Claude Agent SDK.
+   * Includes safe read-only tools and all ObelyZK policy tools.
+   */
+  getAllowedTools() {
+    return [
+      "Read",
+      "Glob",
+      "Grep",
+      "Bash",
+      "mcp__obelyzk-policy__obelyzk_classify",
+      "mcp__obelyzk-policy__obelyzk_agent_status",
+      "mcp__obelyzk-policy__obelyzk_check_action",
+      "mcp__obelyzk-policy__obelyzk_health",
+      "mcp__obelyzk-policy__obelyzk_get_policy",
+      "mcp__obelyzk-policy__obelyzk_list_models",
+      "mcp__obelyzk-policy__obelyzk_verify_proof",
+      "mcp__obelyzk-policy__obelyzk_register_agent",
+      "mcp__obelyzk-policy__obelyzk_submit_action",
+      "mcp__obelyzk-policy__obelyzk_resolve_action",
+      "mcp__obelyzk-policy__obelyzk_approve_escalated",
+      "mcp__obelyzk-policy__obelyzk_reject_escalated"
+    ];
+  }
+  /** Get the underlying AgentFirewallSDK for advanced use. */
+  getSDK() {
+    return this.sdk;
+  }
+};
+
+export {
+  createPolicyEnforcer,
+  PolicyEnforcer
+};