npm - @saihm/mcp-server-pro - Versions diffs - 0.1.5 → 0.1.6 - Mend

@saihm/mcp-server-pro 0.1.5 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -11,6 +11,11 @@ Production thin-client for **SAIHM non-custodial memory**.
 > **Key loss is unrecoverable by design.** If you lose your master secret you lose your KEK, and no one — including SAIHM — can open your cells. Back it up securely.
+## See it run
+- **Live cross-model demos** — offline, ~1 min each, no account: <https://citw2.github.io/saihm-demos/>. Ground a memory you own in Claude, GPT, DeepSeek, Qwen, Kimi, or GLM, then prove you can erase it. `demo-claude-code` runs a stdio MCP server exactly like this one for Claude Code and Cursor.
+- **Token benchmark** — recalling a bounded set of memory cells instead of re-sending the transcript cut input tokens by **62.8%–85.9%** (up to ~86%) across a realistic multi-session task; open, offline, reproducible: <https://github.com/citw2/saihm-token-benchmark>.
 ## Install
 ```sh
@@ -32,10 +37,10 @@ Claude Code, …) at it — paste this **once**:
         "SAIHM_ENDPOINT_URL": "https://saihm.coti.global/mcp",
         "SAIHM_MASTER_SECRET_HEX": "<your 64+ hex master secret>",
         "SAIHM_TIER": "PRO",
-        "SAIHM_PAYMENT_METHOD": "stripe"
-      }
-    }
-  }
+        "SAIHM_PAYMENT_METHOD": "stripe",
+      },
+    },
+  },
 }
 ```
@@ -117,15 +122,15 @@ The derived `saihm.agentIdHash` is the `sub` the endpoint binds your tenant to
 ## Configuration
-| Env                       | Required | Meaning                                                                           |
-| ------------------------- | -------- | --------------------------------------------------------------------------------- |
-| `SAIHM_ENDPOINT_URL`      | yes      | `https://…/mcp` (or `http://` only for `127.0.0.1`/`localhost`).                  |
-| `SAIHM_AUTH_HEADER`       | no       | `Bearer <JWT>`, used verbatim. **Omit to self-onboard** (recommended): the client mints + auto-refreshes its own short-lived JWT from the master secret, so you paste one config once and never re-paste a token. |
-| `SAIHM_PAYMENT_METHOD`    | self-onboard only | Your entitlement rail (e.g. `stripe`). Required when `SAIHM_AUTH_HEADER` is unset; ignored otherwise. |
-| `SAIHM_MASTER_SECRET_HEX` | yes\*    | ≥ 64 hex chars (≥ 32 bytes), high-entropy, client-held; never sent. \*Provide this **or** `SAIHM_MASTER_SECRET_FILE`. |
-| `SAIHM_MASTER_SECRET_FILE`| yes\*    | Path to a **mode-600** file holding the hex master secret. Preferred for operators: keeps the root seed out of a synced/shared MCP config. Takes precedence over `SAIHM_MASTER_SECRET_HEX` when both are set. |
-| `SAIHM_TIER`              | self-onboard only | Tier label baked into sealed metadata. Required when self-onboarding; otherwise optional — resolved via `status()` if unset. |
-| `SAIHM_SEQ_STATE_PATH`    | no       | Persists per-cell sequence high-water marks (mode 600) for cross-restart updates. |
+| Env                        | Required          | Meaning                                                                                                                                                                                                           |
+| -------------------------- | ----------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `SAIHM_ENDPOINT_URL`       | yes               | `https://…/mcp` (or `http://` only for `127.0.0.1`/`localhost`).                                                                                                                                                  |
+| `SAIHM_AUTH_HEADER`        | no                | `Bearer <JWT>`, used verbatim. **Omit to self-onboard** (recommended): the client mints + auto-refreshes its own short-lived JWT from the master secret, so you paste one config once and never re-paste a token. |
+| `SAIHM_PAYMENT_METHOD`     | self-onboard only | Your entitlement rail (e.g. `stripe`). Required when `SAIHM_AUTH_HEADER` is unset; ignored otherwise.                                                                                                             |
+| `SAIHM_MASTER_SECRET_HEX`  | yes\*             | ≥ 64 hex chars (≥ 32 bytes), high-entropy, client-held; never sent. \*Provide this **or** `SAIHM_MASTER_SECRET_FILE`.                                                                                             |
+| `SAIHM_MASTER_SECRET_FILE` | yes\*             | Path to a **mode-600** file holding the hex master secret. Preferred for operators: keeps the root seed out of a synced/shared MCP config. Takes precedence over `SAIHM_MASTER_SECRET_HEX` when both are set.     |
+| `SAIHM_TIER`               | self-onboard only | Tier label baked into sealed metadata. Required when self-onboarding; otherwise optional — resolved via `status()` if unset.                                                                                      |
+| `SAIHM_SEQ_STATE_PATH`     | no                | Persists per-cell sequence high-water marks (mode 600) for cross-restart updates.                                                                                                                                 |
 > **Self-onboarding (paste once):** with `SAIHM_AUTH_HEADER` unset, the client proves
 > control of your identity via the endpoint's ML-DSA challenge/response and mints its own

package/dist/client.js CHANGED Viewed

@@ -1,5 +1,5 @@
 import { randomBytes } from 'node:crypto';
-import { mkdirSync, readFileSync, renameSync, statSync, writeFileSync } from 'node:fs';
+import { mkdirSync, readFileSync, renameSync, statSync, writeFileSync, } from 'node:fs';
 import { dirname } from 'node:path';
 import { deriveIdentity, signChallenge, sealCell, openCell, shareCell, decodeShareEnvelope, unwrapSharedDek, verifyShareSig, openCellWithDek, verifyEnvelope, verifyIdentityRecord, encodeEnvelope, decodeEnvelope, encodeShareEnvelope, encodeIdentityRecord, decodeIdentityRecord, fromHex, toHex, utf8, fromUtf8, ctEqual, SeqHighWaterMark, } from '@saihm/client-pro';
 const REQUEST_TIMEOUT_MS = 30_000;
@@ -160,7 +160,9 @@ export class SaihmProClient {
                 ? opts.requestTimeoutMs
                 : REQUEST_TIMEOUT_MS;
         this.onboardBase = (opts.onboardBaseUrl ?? new URL(endpoint).origin).replace(/\/+$/, '');
-        const trimmedAuth = typeof authHeader === 'string' && authHeader.trim() ? authHeader : undefined;
+        const trimmedAuth = typeof authHeader === 'string' && authHeader.trim()
+            ? authHeader
+            : undefined;
         if (trimmedAuth) {
             this.staticAuthHeader = trimmedAuth;
         }
@@ -189,7 +191,8 @@ export class SaihmProClient {
                 throw new Error(`SAIHM_MASTER_SECRET_FILE could not be read: ${secretFile}`);
             }
             try {
-                if (process.platform !== 'win32' && (statSync(secretFile).mode & 0o077) !== 0) {
+                if (process.platform !== 'win32' &&
+                    (statSync(secretFile).mode & 0o077) !== 0) {
                     process.stderr.write(`warning: SAIHM_MASTER_SECRET_FILE ${secretFile} is group/world-accessible; chmod 600 it.\n`);
                 }
             }
@@ -317,7 +320,8 @@ export class SaihmProClient {
                 }
                 catch {
                 }
-                throw new SaihmEndpointError(res.status, code, `SAIHM onboard failed: ${res.status} ${res.statusText}` + (code ? ` (${code})` : ''));
+                throw new SaihmEndpointError(res.status, code, `SAIHM onboard failed: ${res.status} ${res.statusText}` +
+                    (code ? ` (${code})` : ''));
             }
             try {
                 return JSON.parse(text);
@@ -344,7 +348,9 @@ export class SaihmProClient {
             return await this.doCall(method, params, header);
         }
         catch (e) {
-            if (!this.staticAuthHeader && e instanceof SaihmEndpointError && e.status === 401) {
+            if (!this.staticAuthHeader &&
+                e instanceof SaihmEndpointError &&
+                e.status === 401) {
                 this.cachedJwt = undefined;
                 const fresh = await this.currentAuthHeader();
                 return await this.doCall(method, params, fresh);

package/dist/server.js CHANGED Viewed

@@ -82,13 +82,16 @@ server.tool('saihm_share', "Share a cell with another agent, end-to-end authenti
     recipientPinnedAgentIdHashHex: z
         .string()
         .describe("The grantee's agentIdHash (hex), pinned out-of-band"),
-    scope: z.enum(['read', 'write', 'readwrite']).optional().describe('Access scope (default read)'),
+    scope: z
+        .enum(['read', 'write', 'readwrite'])
+        .optional()
+        .describe('Access scope (default read)'),
     expiryEpoch: z
         .string()
         .regex(/^[0-9]+$/, 'expiryEpoch must be a decimal UNIX-epoch count')
         .optional()
         .describe('Optional expiry as a UNIX-epoch count (decimal string)'),
-}, async ({ cellId, recipientRecord, recipientPinnedAgentIdHashHex, scope, expiryEpoch }) => {
+}, async ({ cellId, recipientRecord, recipientPinnedAgentIdHashHex, scope, expiryEpoch, }) => {
     try {
         const r = await getClient().share({
             cellId,
@@ -105,7 +108,9 @@ server.tool('saihm_share', "Share a cell with another agent, end-to-end authenti
 });
 server.tool('saihm_revoke_share', 'Revoke a prior share grant to a recipient for a cell.', {
     cellId: z.string().describe('The shared cell id'),
-    recipientHex: z.string().describe("The grantee's agentIdHash (hex) to revoke"),
+    recipientHex: z
+        .string()
+        .describe("The grantee's agentIdHash (hex) to revoke"),
 }, async ({ cellId, recipientHex }) => {
     try {
         const r = await getClient().revokeShare(cellId, recipientHex);
@@ -116,8 +121,13 @@ server.tool('saihm_revoke_share', 'Revoke a prior share grant to a recipient for
     }
 });
 server.tool('saihm_governance_propose', "Submit a gSAIHM governance proposal. Scope MUST be 'emission_param' or 'protocol_upgrade'.", {
-    scope: z.enum(['emission_param', 'protocol_upgrade']).describe('Governable scope'),
-    paramKey: z.string().optional().describe('Parameter key (when scope=emission_param)'),
+    scope: z
+        .enum(['emission_param', 'protocol_upgrade'])
+        .describe('Governable scope'),
+    paramKey: z
+        .string()
+        .optional()
+        .describe('Parameter key (when scope=emission_param)'),
     proposedValue: z.string().optional().describe('Proposed value as string'),
 }, async ({ scope, paramKey, proposedValue }) => {
     try {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@saihm/mcp-server-pro",
-  "version": "0.1.5",
+  "version": "0.1.6",
   "description": "SAIHM production thin-client. Seals client-side via @saihm/client-pro (ML-DSA-65 identity, per-cell AES-256-GCM DEK wrapped under a client KEK, ML-KEM-768 authenticated sharing) and POSTs opaque ciphertext to the blind, non-custodial SAIHM /mcp endpoint. The master secret, KEK, and plaintext never leave this process. Apache-2.0.",
   "type": "module",
   "main": "dist/index.js",
@@ -18,7 +18,7 @@
     "clean": "rm -rf dist coverage",
     "build": "npm run clean && tsc -p . && chmod +x dist/server.js",
     "typecheck": "tsc -p tsconfig.test.json",
-    "test": "tsx --test tests/client_pro.test.ts tests/server.test.ts",
+    "test": "tsx --test tests/smoke.test.ts tests/server.test.ts",
     "prepublishOnly": "npm run build && npm run typecheck && npm test"
   },
   "files": [