@otskit/mcp 0.7.1 → 0.7.3

package/README.md

@@ -7,9 +7,9 @@
 [![CI](https://github.com/OTSkit/OTSkit-MCP/actions/workflows/ci.yml/badge.svg)](https://github.com/OTSkit/OTSkit-MCP/actions/workflows/ci.yml)
 [![npm version](https://img.shields.io/npm/v/@otskit/mcp.svg)](https://www.npmjs.com/package/@otskit/mcp)
 [![npm downloads](https://img.shields.io/npm/dt/@otskit/mcp.svg)](https://www.npmjs.com/package/@otskit/mcp)
-[![TypeScript](https://img.shields.io/badge/TypeScript-6-blue.svg)](https://www.typescriptlang.org/)
-[![Node >=20](https://img.shields.io/badge/node-%3E%3D20-brightgreen)](https://nodejs.org)
-[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](LICENSE)
+[![TypeScript](https://img.shields.io/npm/dependency-version/@otskit/mcp/dev/typescript?label=TypeScript)](https://www.typescriptlang.org/)
+[![Node](https://img.shields.io/node/v/@otskit/mcp)](https://nodejs.org)
+[![License](https://img.shields.io/npm/l/@otskit/mcp)](LICENSE)
 [![Glama](https://glama.ai/mcp/servers/OTSkit/OTSkit-MCP/badges/score.svg)](https://glama.ai/mcp/servers/OTSkit/OTSkit-MCP)
 [![smithery badge](https://smithery.ai/badge/otskit/otskit-mcp)](https://smithery.ai/servers/otskit/otskit-mcp)
 
@@ -84,7 +84,6 @@ Create `~/.ots-mcp/config.json` to override defaults:
   "scheduler_interval_minutes": 30,
   "retry_max_attempts": 20,
   "calendar_timeout_ms": 10000,
-  "esplora_url": "https://blockstream.info/api",
   "calendars": [
     "https://alice.btc.calendar.opentimestamps.org",
     "https://bob.btc.calendar.opentimestamps.org",
@@ -104,7 +103,7 @@ npm test         # run tests
 
 ## Dependencies
 
-- [`@otskit/core`](https://github.com/AlexAlves87/otskit-core) - OpenTimestamps core logic
-- [`@otskit/client`](https://github.com/AlexAlves87/otskit-client) - OTS calendar client
+- [`@otskit/core`](https://github.com/OTSkit/otskit-core) - OpenTimestamps core logic
+- [`@otskit/client`](https://github.com/OTSkit/otskit-client) - OTS calendar client
 - [`@modelcontextprotocol/sdk`](https://github.com/modelcontextprotocol/typescript-sdk) - MCP SDK
 - `node-sqlite3-wasm` - local database (pure WASM, no native compilation)

package/dist/{chunk-4S4MSBQL.js → chunk-3FLOLQ5Z.js}

@@ -1,11 +1,38 @@
 import {
   writeAtomic
-} from "./chunk-YFSUDT24.js";
+} from "./chunk-IB2AYNP4.js";
 
 // src/config.ts
 import { readFileSync, existsSync, mkdirSync } from "fs";
 import { join } from "path";
 import { homedir } from "os";
+import { z } from "zod";
+var TRUSTED_CALENDAR_HOSTS = /* @__PURE__ */ new Set([
+  "alice.btc.calendar.opentimestamps.org",
+  "bob.btc.calendar.opentimestamps.org",
+  "finney.calendar.eternitywall.com",
+  "btc.calendar.catallaxy.com"
+]);
+var httpsAllowlisted = (hosts) => z.string().refine((v) => {
+  try {
+    const u = new URL(v);
+    return u.protocol === "https:" && hosts.has(u.hostname);
+  } catch {
+    return false;
+  }
+}, { message: "URL must be https and in the host allowlist" });
+var ConfigSchema = z.strictObject({
+  stamp_enabled: z.boolean(),
+  preserve_enabled: z.boolean(),
+  preserve_whitelist: z.array(z.string()),
+  preserve_max_bytes: z.number().int().positive().max(10 * 1024 ** 3),
+  preserve_max_files: z.number().int().positive().max(1e5),
+  scheduler_interval_minutes: z.number().int().min(1).max(1440),
+  calendar_timeout_ms: z.number().int().min(1e3).max(6e4),
+  retry_max_attempts: z.number().int().min(1).max(100),
+  log_file: z.string(),
+  calendars: z.array(httpsAllowlisted(TRUSTED_CALENDAR_HOSTS)).min(1).max(10)
+}).partial();
 function getDataDir() {
   return process.env.OTS_MCP_DATA_DIR ?? join(homedir(), ".ots-mcp");
 }
@@ -17,7 +44,6 @@ var DEFAULTS = {
   preserve_max_files: 1e4,
   scheduler_interval_minutes: 30,
   calendar_timeout_ms: 1e4,
-  calendar_max_response_bytes: 1048576,
   retry_max_attempts: 20,
   log_file: join(getDataDir(), "ots-mcp.log"),
   calendars: [
@@ -25,16 +51,28 @@ var DEFAULTS = {
     "https://bob.btc.calendar.opentimestamps.org",
     "https://finney.calendar.eternitywall.com",
     "https://btc.calendar.catallaxy.com"
-  ],
-  esplora_url: "https://blockstream.info/api"
+  ]
 };
 function loadConfig() {
   const dir = getDataDir();
   mkdirSync(dir, { recursive: true });
   const configPath = join(dir, "config.json");
   if (!existsSync(configPath)) return { ...DEFAULTS };
-  const raw = JSON.parse(readFileSync(configPath, "utf8"));
-  return { ...DEFAULTS, ...raw };
+  let raw;
+  try {
+    raw = JSON.parse(readFileSync(configPath, "utf8"));
+  } catch (e) {
+    process.stderr.write(`[ots-mcp] config parse error, using defaults: ${e}
+`);
+    return { ...DEFAULTS };
+  }
+  const parsed = ConfigSchema.safeParse(raw);
+  if (!parsed.success) {
+    process.stderr.write(`[ots-mcp] config validation failed, using defaults: ${parsed.error.issues[0]?.message}
+`);
+    return { ...DEFAULTS };
+  }
+  return { ...DEFAULTS, ...parsed.data };
 }
 
 // src/db/index.ts
@@ -122,8 +160,8 @@ function reconcileOrphans(db) {
       statSync(row.proof_path);
     } catch {
       db.run(
-        `UPDATE stamps SET status = 'failed', last_error = ? WHERE id = ?`,
-        ["proof file missing on disk", row.id]
+        `UPDATE stamps SET status = 'missing_proof', last_error = ? WHERE id = ?`,
+        ["proof file not found at startup", row.id]
       );
     }
   }
@@ -241,7 +279,11 @@ async function upgradeTimestamp(input, db, config) {
   const proofBefore = readFileSync2(record.proof_path);
   const client = new OpenTimestampsClient({
     calendars: config.calendars,
-    resilience: { timeout: config.calendar_timeout_ms }
+    resilience: {
+      totalTimeoutMs: config.calendar_timeout_ms,
+      connectTimeoutMs: Math.min(config.calendar_timeout_ms, 5e3),
+      retries: { enabled: true, maxAttempts: config.retry_max_attempts, backoff: { strategy: "exponential", initialDelayMs: 500, jitter: "full" } }
+    }
   });
   const now = (/* @__PURE__ */ new Date()).toISOString();
   const newAttemptCount = record.attempt_count + 1;
@@ -251,19 +293,22 @@ async function upgradeTimestamp(input, db, config) {
     upgraded = await client.upgrade(proofBefore);
   } catch (e) {
     if (e instanceof UpgradeError) {
-      const { confirmed: confirmed2, block: block2 } = checkBitcoinConfirmation(proofBefore);
-      if (confirmed2 && block2 !== void 0) {
-        const bitcoinTime = now;
-        updateStampStatus(db, input.id, {
-          status: "confirmed",
-          bitcoin_block: block2,
-          bitcoin_time: bitcoinTime,
-          confirmed_at: now,
-          last_attempt_at: now,
-          attempt_count: newAttemptCount
-        });
-        logOperation(db, { stamp_id: input.id, action: "upgrade", result: "success" });
-        return { id: input.id, status: "confirmed", bitcoin_block: block2, bitcoin_time: bitcoinTime, proof_path: record.proof_path };
+      try {
+        const v = await client.verify(proofBefore, record.hash);
+        if (v.valid && v.blockHeight != null && v.timestamp != null) {
+          const bitcoinTime = new Date(v.timestamp * 1e3).toISOString();
+          updateStampStatus(db, input.id, {
+            status: "confirmed",
+            bitcoin_block: v.blockHeight,
+            bitcoin_time: bitcoinTime,
+            confirmed_at: now,
+            last_attempt_at: now,
+            attempt_count: newAttemptCount
+          });
+          logOperation(db, { stamp_id: input.id, action: "upgrade", result: "success" });
+          return { id: input.id, status: "confirmed", bitcoin_block: v.blockHeight, bitcoin_time: bitcoinTime };
+        }
+      } catch {
       }
       updateStampStatus(db, input.id, { last_attempt_at: now, attempt_count: newAttemptCount, next_retry_at: next });
       logOperation(db, { stamp_id: input.id, action: "upgrade", result: "pending" });
@@ -286,7 +331,7 @@ async function upgradeTimestamp(input, db, config) {
       attempt_count: newAttemptCount
     });
     logOperation(db, { stamp_id: input.id, action: "upgrade", result: "success" });
-    return { id: input.id, status: "confirmed", bitcoin_block: block, bitcoin_time: bitcoinTime, proof_path: record.proof_path };
+    return { id: input.id, status: "confirmed", bitcoin_block: block, bitcoin_time: bitcoinTime };
   }
   updateStampStatus(db, input.id, { last_attempt_at: now, attempt_count: newAttemptCount, next_retry_at: next });
   logOperation(db, { stamp_id: input.id, action: "upgrade", result: "pending" });
@@ -300,6 +345,7 @@ export {
   backupDb,
   insertStamp,
   getStamp,
+  updateStampStatus,
   listStamps,
   logOperation,
   upgradeTimestamp

package/dist/{chunk-KVHJHTFL.js → chunk-AEADWLTM.js}

@@ -3,14 +3,15 @@ import {
   getStamp,
   insertStamp,
   listStamps,
-  logOperation
-} from "./chunk-4S4MSBQL.js";
+  logOperation,
+  updateStampStatus
+} from "./chunk-3FLOLQ5Z.js";
 import {
   writeAtomic
-} from "./chunk-YFSUDT24.js";
+} from "./chunk-IB2AYNP4.js";
 
 // src/tools/create-timestamp.ts
-import { mkdirSync } from "fs";
+import { mkdirSync, unlinkSync } from "fs";
 import { join } from "path";
 import { randomUUID } from "crypto";
 import { OpenTimestampsClient } from "@otskit/client";
@@ -22,7 +23,11 @@ async function createTimestamp(input, db, config) {
   const normalizedHash = input.hash.toLowerCase();
   const client = new OpenTimestampsClient({
     calendars: config.calendars,
-    resilience: { timeout: config.calendar_timeout_ms }
+    resilience: {
+      totalTimeoutMs: config.calendar_timeout_ms,
+      connectTimeoutMs: Math.min(config.calendar_timeout_ms, 5e3),
+      retries: { enabled: true, maxAttempts: config.retry_max_attempts, backoff: { strategy: "exponential", initialDelayMs: 500, jitter: "full" } }
+    }
   });
   const t0 = Date.now();
   let proofBuffer;
@@ -41,15 +46,26 @@ async function createTimestamp(input, db, config) {
   } catch (e) {
     return { error: "storage_error", details: String(e) };
   }
-  const record = insertStamp(db, { id, hash: normalizedHash, proof_path: proofPath });
-  logOperation(db, { stamp_id: id, action: "stamp", result: "success", response_time_ms: responseTimeMs });
+  let record;
+  db.exec("BEGIN");
+  try {
+    record = insertStamp(db, { id, hash: normalizedHash, proof_path: proofPath });
+    logOperation(db, { stamp_id: id, action: "stamp", result: "success", response_time_ms: responseTimeMs });
+    db.exec("COMMIT");
+  } catch (e) {
+    db.exec("ROLLBACK");
+    try {
+      unlinkSync(proofPath);
+    } catch {
+    }
+    return { error: "storage_error", details: String(e) };
+  }
   return {
     id: record.id,
     hash: record.hash,
     status: "pending",
     calendars: config.calendars,
-    created_at: record.created_at,
-    proof_path: proofPath
+    created_at: record.created_at
   };
 }
 
@@ -68,7 +84,11 @@ async function verifyTimestamp(input, db, config) {
   }
   const client = new OpenTimestampsClient2({
     calendars: config.calendars,
-    resilience: { timeout: config.calendar_timeout_ms }
+    resilience: {
+      totalTimeoutMs: config.calendar_timeout_ms,
+      connectTimeoutMs: Math.min(config.calendar_timeout_ms, 5e3),
+      retries: { enabled: true, maxAttempts: config.retry_max_attempts, backoff: { strategy: "exponential", initialDelayMs: 500, jitter: "full" } }
+    }
   });
   let result;
   try {
@@ -89,17 +109,29 @@ async function verifyTimestamp(input, db, config) {
     logOperation(db, { stamp_id: input.id, action: "verify", result: "failed", error_msg: result.error });
     return { status: "unknown", hash: record.hash };
   }
+  if (result.blockHeight == null || result.timestamp == null) {
+    logOperation(db, { stamp_id: input.id, action: "verify", result: "failed", error_msg: "valid:true without blockHeight/timestamp" });
+    return { status: "unknown", hash: record.hash };
+  }
+  const bitcoinTime = new Date(result.timestamp * 1e3).toISOString();
+  const now = (/* @__PURE__ */ new Date()).toISOString();
+  updateStampStatus(db, input.id, {
+    status: "confirmed",
+    bitcoin_block: result.blockHeight,
+    bitcoin_time: bitcoinTime,
+    confirmed_at: now
+  });
   logOperation(db, { stamp_id: input.id, action: "verify", result: "success" });
   return {
     status: "confirmed",
     hash: record.hash,
     bitcoin_block: result.blockHeight,
-    bitcoin_time: new Date(result.timestamp * 1e3).toISOString()
+    bitcoin_time: bitcoinTime
   };
 }
 
 // src/tools/list-pending.ts
-function toPublic({ attempt_count: _, last_attempt_at: __, next_retry_at: ___, ...rest }) {
+function toPublic({ attempt_count: _a, last_attempt_at: _b, next_retry_at: _c, proof_path: _d, archive_path: _e, ...rest }) {
   return rest;
 }
 function listPending(input, db, _config) {

package/dist/chunk-IB2AYNP4.js

@@ -0,0 +1,70 @@
+// src/utils.ts
+import { execFileSync } from "child_process";
+import { writeFileSync, renameSync, realpathSync, statSync, createReadStream } from "fs";
+import { resolve, sep } from "path";
+import { createHash } from "crypto";
+import { pipeline } from "stream/promises";
+import { Transform } from "stream";
+function which(cmd) {
+  try {
+    const out = execFileSync(
+      process.platform === "win32" ? "where" : "which",
+      [cmd]
+    ).toString().trim();
+    return out.split("\n")[0] ?? null;
+  } catch {
+    return null;
+  }
+}
+function writeAtomic(dest, data) {
+  const tmp = dest + ".tmp";
+  writeFileSync(tmp, data);
+  renameSync(tmp, dest);
+}
+function escapeXml(raw) {
+  return raw.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&apos;");
+}
+function validateFilePath(rawPath, whitelist) {
+  let canonical;
+  try {
+    canonical = realpathSync(rawPath);
+  } catch (e) {
+    return { error: "invalid_path", details: String(e?.message ?? e) };
+  }
+  if (whitelist.length > 0) {
+    const allowed = whitelist.some((dir) => {
+      const root = resolve(dir);
+      return canonical === root || canonical.startsWith(root + sep);
+    });
+    if (!allowed) return { error: "path_not_allowed", details: `${canonical} is outside allowed directories` };
+  }
+  let st;
+  try {
+    st = statSync(canonical);
+  } catch (e) {
+    return { error: "invalid_path", details: String(e?.message ?? e) };
+  }
+  if (!st.isFile()) return { error: "not_a_regular_file", details: `${canonical} is not a regular file` };
+  return { path: canonical };
+}
+async function hashFileStreaming(filePath, maxBytes) {
+  const hash = createHash("sha256");
+  let bytesRead = 0;
+  const limiter = new Transform({
+    transform(chunk, _enc, cb) {
+      bytesRead += chunk.length;
+      if (bytesRead > maxBytes) cb(new Error(`file_too_large: exceeds ${maxBytes} bytes`));
+      else cb(null, chunk);
+    }
+  });
+  await pipeline(createReadStream(filePath), limiter, hash);
+  return hash.digest("hex");
+}
+
+export {
+  which,
+  writeAtomic,
+  escapeXml,
+  validateFilePath,
+  hashFileStreaming
+};

package/dist/{chunk-XG7NDZR3.js → chunk-SBGYVIJL.js}

@@ -2,7 +2,7 @@ import {
   getDb,
   loadConfig,
   upgradeTimestamp
-} from "./chunk-4S4MSBQL.js";
+} from "./chunk-3FLOLQ5Z.js";
 
 // src/tools/watch.ts
 var DEFAULT_WATCH_INTERVAL_MINUTES = 30;

package/dist/{cli-WOUUWARK.js → cli-PHRXQY3H.js}

@@ -2,14 +2,14 @@ import {
   createTimestamp,
   listPending,
   verifyTimestamp
-} from "./chunk-KVHJHTFL.js";
+} from "./chunk-AEADWLTM.js";
 import {
   backupDb,
   getDb,
   loadConfig,
   upgradeTimestamp
-} from "./chunk-4S4MSBQL.js";
-import "./chunk-YFSUDT24.js";
+} from "./chunk-3FLOLQ5Z.js";
+import "./chunk-IB2AYNP4.js";
 
 // src/cli.ts
 async function runCli(command, args) {
@@ -87,7 +87,7 @@ async function runCli(command, args) {
       break;
     }
     case "scheduler": {
-      const { runScheduler } = await import("./scheduler-MTE6OUSV.js");
+      const { runScheduler } = await import("./scheduler-5IMMUANG.js");
       await runScheduler(args);
       break;
     }

package/dist/index.js

@@ -20,7 +20,7 @@ Commands:
 }
 switch (command) {
   case "serve": {
-    const { runServer } = await import("./server-NDG4QZ56.js");
+    const { runServer } = await import("./server-LC7ZJTGO.js");
     await runServer();
     break;
   }
@@ -49,7 +49,7 @@ switch (command) {
     break;
   }
   case "watch": {
-    const { normalizeWatchInterval, watchPending } = await import("./watch-TQR2L42L.js");
+    const { normalizeWatchInterval, watchPending } = await import("./watch-EFIJDI2L.js");
     const parsed = args[0] ? parseInt(args[0], 10) : NaN;
     const interval = normalizeWatchInterval(isNaN(parsed) ? void 0 : parsed);
     if (args[0] && (isNaN(parsed) || parsed < 15))
@@ -65,7 +65,7 @@ switch (command) {
   case "check-pending":
   case "backup":
   case "scheduler": {
-    const { runCli } = await import("./cli-WOUUWARK.js");
+    const { runCli } = await import("./cli-PHRXQY3H.js");
     await runCli(command, args);
     break;
   }

package/dist/{install-BUSOMBB2.js → install-5QJYMFKV.js}

@@ -1,13 +1,15 @@
 import {
+  escapeXml,
   which
-} from "./chunk-YFSUDT24.js";
+} from "./chunk-IB2AYNP4.js";
 
 // src/scheduler/install.ts
 import { execFileSync } from "child_process";
 import { writeFileSync } from "fs";
 async function installScheduler(args) {
   const intervalIdx = args.indexOf("--interval");
-  const interval = intervalIdx !== -1 ? parseInt(args[intervalIdx + 1] ?? "30") : 30;
+  const parsedInterval = intervalIdx !== -1 ? parseInt(args[intervalIdx + 1] ?? "30") : 30;
+  const interval = Math.max(1, Math.min(1440, Number.isFinite(parsedInterval) ? parsedInterval : 30));
   const bin = which("ots-mcp") ?? process.argv[1];
   if (process.platform === "win32") {
     const xmlPath = `${process.env.TEMP}\\ots-mcp-task.xml`;
@@ -18,7 +20,7 @@ async function installScheduler(args) {
     <StartBoundary>2020-01-01T00:00:00</StartBoundary><Enabled>true</Enabled>
   </TimeTrigger></Triggers>
   <Actions><Exec>
-    <Command>${bin}</Command>
+    <Command>${escapeXml(bin)}</Command>
     <Arguments>check-pending</Arguments>
   </Exec></Actions>
 </Task>`);

package/dist/{scheduler-MTE6OUSV.js → scheduler-5IMMUANG.js}

@@ -3,7 +3,7 @@ async function runScheduler(args) {
   const [sub, ...rest] = args;
   switch (sub) {
     case "install": {
-      const { installScheduler } = await import("./install-BUSOMBB2.js");
+      const { installScheduler } = await import("./install-5QJYMFKV.js");
       await installScheduler(rest);
       break;
     }

package/dist/{server-NDG4QZ56.js → server-LC7ZJTGO.js}

@@ -2,17 +2,20 @@ import {
   createTimestamp,
   listPending,
   verifyTimestamp
-} from "./chunk-KVHJHTFL.js";
+} from "./chunk-AEADWLTM.js";
 import {
   normalizeWatchInterval
-} from "./chunk-XG7NDZR3.js";
+} from "./chunk-SBGYVIJL.js";
 import {
   getDb,
   getStamp,
   loadConfig,
   upgradeTimestamp
-} from "./chunk-4S4MSBQL.js";
-import "./chunk-YFSUDT24.js";
+} from "./chunk-3FLOLQ5Z.js";
+import {
+  hashFileStreaming,
+  validateFilePath
+} from "./chunk-IB2AYNP4.js";
 
 // src/server.ts
 import { Server } from "@modelcontextprotocol/sdk/server/index.js";
@@ -53,7 +56,7 @@ function inspectTimestamp(input, db, _config) {
     hash: record.hash,
     status: record.status,
     created_at: record.created_at,
-    proof_path: record.proof_path,
+    proof_exists: true,
     proof_size_bytes: proofSize,
     calendar_attestations: calendarAttestations,
     bitcoin_attestations: bitcoinAttestations,
@@ -75,24 +78,28 @@ function openWatchWindow(intervalMinutes) {
 }
 
 // src/tools/stamp-file.ts
-import { readFileSync as readFileSync2 } from "fs";
-import { OpSHA256 } from "@otskit/core";
 async function stampFile(input, db, config) {
-  const data = new Uint8Array(readFileSync2(input.path));
-  const hash = Buffer.from(new OpSHA256().hash(data)).toString("hex");
+  const v = validateFilePath(input.path, config.preserve_whitelist);
+  if ("error" in v) return v;
+  let hash;
+  try {
+    hash = await hashFileStreaming(v.path, config.preserve_max_bytes);
+  } catch (e) {
+    if (String(e?.message).startsWith("file_too_large")) return { error: "file_too_large", details: e.message };
+    throw e;
+  }
   return createTimestamp({ hash }, db, config);
 }
 
 // src/tools/hash-file.ts
-import { hashFile } from "@otskit/client";
-async function hashFileTool(input) {
+async function hashFileTool(input, config) {
+  const v = validateFilePath(input.path, config.preserve_whitelist);
+  if ("error" in v) return v;
   try {
-    const buf = await hashFile(input.path);
-    return { hash: buf.toString("hex") };
+    const hash = await hashFileStreaming(v.path, config.preserve_max_bytes);
+    return { hash };
   } catch (e) {
-    if (e?.code === "ENOENT") {
-      return { error: "file_not_found", details: `File not found: ${input.path}` };
-    }
+    if (String(e?.message).startsWith("file_too_large")) return { error: "file_too_large", details: e.message };
     throw e;
   }
 }
@@ -226,6 +233,48 @@ var TOOL_DEFINITIONS = [
   }
 ];
 
+// src/schemas.ts
+import { z } from "zod";
+function parse(schema, args) {
+  const r = schema.safeParse(args ?? {});
+  if (!r.success) {
+    const msg = r.error.issues[0]?.message ?? "invalid input";
+    throw new Error(`invalid_params: ${msg}`);
+  }
+  return r.data;
+}
+var HashInput = z.strictObject({ hash: z.string() });
+var IdInput = z.strictObject({ id: z.string().min(1) });
+var PathInput = z.strictObject({ path: z.string().min(1).max(4096) });
+var ListInput = z.strictObject({
+  status: z.enum(["pending", "confirmed", "failed", "timeout", "missing_proof"]).optional(),
+  limit: z.number().int().min(1).max(200).optional(),
+  offset: z.number().int().min(0).optional(),
+  older_than_hours: z.number().positive().optional(),
+  due_now: z.boolean().optional()
+});
+var WatchInput = z.strictObject({
+  interval_minutes: z.number().int().min(15).max(1440).optional()
+});
+
+// src/feature-gate.ts
+var STAMP_TOOLS = /* @__PURE__ */ new Set([
+  "create_timestamp",
+  "upgrade_timestamp",
+  "verify_timestamp",
+  "inspect_timestamp",
+  "list_pending",
+  "stamp_file",
+  "hash_file",
+  "watch"
+]);
+var PRESERVE_TOOLS = /* @__PURE__ */ new Set(["stamp_file"]);
+function featureDisabledError(name, config) {
+  if (STAMP_TOOLS.has(name) && !config.stamp_enabled) return { error: "feature_disabled", feature: "stamp" };
+  if (PRESERVE_TOOLS.has(name) && !config.preserve_enabled) return { error: "feature_disabled", feature: "preserve" };
+  return null;
+}
+
 // src/server.ts
 async function runServer() {
   let config = null;
@@ -244,32 +293,34 @@ async function runServer() {
     const { name, arguments: args } = request.params;
     const db = getDb();
     const config2 = getConfig();
+    const gate = featureDisabledError(name, config2);
+    if (gate) return { content: [{ type: "text", text: JSON.stringify(gate) }], isError: true };
     try {
       let result;
       switch (name) {
         case "create_timestamp":
-          result = await createTimestamp(args, db, config2);
+          result = await createTimestamp(parse(HashInput, args), db, config2);
           break;
         case "upgrade_timestamp":
-          result = await upgradeTimestamp(args, db, config2);
+          result = await upgradeTimestamp(parse(IdInput, args), db, config2);
           break;
         case "verify_timestamp":
-          result = await verifyTimestamp(args, db, config2);
+          result = await verifyTimestamp(parse(IdInput, args), db, config2);
           break;
         case "inspect_timestamp":
-          result = inspectTimestamp(args, db, config2);
+          result = inspectTimestamp(parse(IdInput, args), db, config2);
           break;
         case "list_pending":
-          result = listPending(args, db, config2);
+          result = listPending(parse(ListInput, args), db, config2);
           break;
         case "hash_file":
-          result = await hashFileTool(args);
+          result = await hashFileTool(parse(PathInput, args), config2);
           break;
         case "stamp_file":
-          result = await stampFile(args, db, config2);
+          result = await stampFile(parse(PathInput, args), db, config2);
           break;
         case "watch":
-          result = openWatchWindow(args?.interval_minutes);
+          result = openWatchWindow(parse(WatchInput, args).interval_minutes);
           break;
         default:
           return { content: [{ type: "text", text: JSON.stringify({ error: "unknown_tool", tool: name }) }], isError: true };
@@ -277,7 +328,9 @@ async function runServer() {
       const isError = Boolean(result && typeof result === "object" && "error" in result);
       return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }], isError };
     } catch (e) {
-      return { content: [{ type: "text", text: JSON.stringify({ error: "internal_error", details: String(e) }) }], isError: true };
+      const details = String(e);
+      const code = details.includes("invalid_params") ? "invalid_params" : "internal_error";
+      return { content: [{ type: "text", text: JSON.stringify({ error: code, details }) }], isError: true };
     }
   });
   const exit = () => {

package/dist/{watch-TQR2L42L.js → watch-EFIJDI2L.js}

@@ -1,9 +1,9 @@
 import {
   normalizeWatchInterval,
   watchPending
-} from "./chunk-XG7NDZR3.js";
-import "./chunk-4S4MSBQL.js";
-import "./chunk-YFSUDT24.js";
+} from "./chunk-SBGYVIJL.js";
+import "./chunk-3FLOLQ5Z.js";
+import "./chunk-IB2AYNP4.js";
 export {
   normalizeWatchInterval,
   watchPending

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@otskit/mcp",
   "mcpName": "io.github.AlexAlves87/otskit-mcp",
-  "version": "0.7.1",
+  "version": "0.7.3",
   "license": "MIT",
   "description": "OpenTimestamps MCP server — stamp, upgrade, verify via AI agents",
   "repository": {
@@ -25,6 +25,7 @@
   "scripts": {
     "build": "tsup src/index.ts --format esm --clean --external node-sqlite3-wasm",
     "dev": "tsup src/index.ts --format esm --watch",
+    "typecheck": "tsc --noEmit",
     "test": "vitest run",
     "test:watch": "vitest"
   },
@@ -32,7 +33,8 @@
     "@modelcontextprotocol/sdk": "^1.29.0",
     "@otskit/client": "^0.2.0",
     "@otskit/core": "^0.1.0",
-    "node-sqlite3-wasm": "0.8.57"
+    "node-sqlite3-wasm": "0.8.57",
+    "zod": "^4.4.3"
   },
   "pnpm": {
     "onlyBuiltDependencies": [

package/dist/chunk-YFSUDT24.js

@@ -1,24 +0,0 @@
-// src/utils.ts
-import { execFileSync } from "child_process";
-import { writeFileSync, renameSync } from "fs";
-function which(cmd) {
-  try {
-    const out = execFileSync(
-      process.platform === "win32" ? "where" : "which",
-      [cmd]
-    ).toString().trim();
-    return out.split("\n")[0] ?? null;
-  } catch {
-    return null;
-  }
-}
-function writeAtomic(dest, data) {
-  const tmp = dest + ".tmp";
-  writeFileSync(tmp, data);
-  renameSync(tmp, dest);
-}
-
-export {
-  which,
-  writeAtomic
-};