npm - @sanctuary-framework/mcp-server - Versions diffs - 0.5.12 → 0.5.14 - Mend

@sanctuary-framework/mcp-server 0.5.12 → 0.5.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/cli.cjs CHANGED Viewed

@@ -560,6 +560,18 @@ var init_hashing = __esm({
     init_encoding();
   }
 });
+// src/core/identity.ts
+var identity_exports = {};
+__export(identity_exports, {
+  createIdentity: () => createIdentity,
+  generateIdentityId: () => generateIdentityId,
+  generateKeypair: () => generateKeypair,
+  publicKeyToDid: () => publicKeyToDid,
+  rotateKeys: () => rotateKeys,
+  sign: () => sign,
+  verify: () => verify
+});
 function generateKeypair() {
   const privateKey = randomBytes(32);
   const publicKey = ed25519.ed25519.getPublicKey(privateKey);
@@ -1347,7 +1359,9 @@ var init_tools = __esm({
       "_bridge",
       "_federation",
       "_handshake",
-      "_shr"
+      "_shr",
+      "_sovereignty_profile",
+      "_context_gate_policies"
     ];
     IdentityManager = class {
       storage;
@@ -1626,6 +1640,8 @@ tier1_always_approve:
   - reputation_import
   - reputation_export
   - bootstrap_provide_guarantee
+  - reputation_publish
+  - sovereignty_profile_update
 # \u2500\u2500\u2500 Tier 2: Behavioral Anomaly Detection \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500
 # Triggers approval when agent behavior deviates from its baseline.
@@ -1688,6 +1704,9 @@ tier3_always_allow:
   - bridge_commit
   - bridge_verify
   - bridge_attest
+  - dashboard_open
+  - sovereignty_profile_get
+  - sovereignty_profile_generate_prompt
 # \u2500\u2500\u2500 Approval Channel \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500
 # How Sanctuary reaches you when approval is needed.
@@ -1740,7 +1759,11 @@ var init_loader = __esm({
         "reputation_import",
         "reputation_export",
         "bootstrap_provide_guarantee",
-        "decommission_certificate"
+        "decommission_certificate",
+        "reputation_publish",
+        // SEC-039: Explicit Tier 1 — sends data to external API
+        "sovereignty_profile_update"
+        // Changes enforcement behavior — always requires approval
       ],
       tier2_anomaly: DEFAULT_TIER2,
       tier3_always_allow: [
@@ -1792,7 +1815,11 @@ var init_loader = __esm({
         "shr_gateway_export",
         "bridge_commit",
         "bridge_verify",
-        "bridge_attest"
+        "bridge_attest",
+        "dashboard_open",
+        // SEC-039: Explicit Tier 3 — only generates a URL
+        "sovereignty_profile_get",
+        "sovereignty_profile_generate_prompt"
       ],
       approval_channel: DEFAULT_CHANNEL
     };
@@ -3009,6 +3036,133 @@ function generateDashboardHTML(options) {
       background-color: #e03c3c;
     }
+    /* Sovereignty Profile Panel */
+    .profile-panel {
+      background-color: var(--surface);
+      border: 1px solid var(--border);
+      border-radius: 8px;
+      padding: 20px;
+    }
+    .profile-panel .panel-header {
+      display: flex;
+      justify-content: space-between;
+      align-items: center;
+      margin-bottom: 16px;
+    }
+    .profile-panel .panel-title {
+      font-size: 14px;
+      font-weight: 600;
+      color: var(--text-primary);
+    }
+    .profile-cards {
+      display: grid;
+      grid-template-columns: repeat(5, 1fr);
+      gap: 12px;
+      margin-bottom: 16px;
+    }
+    .profile-card {
+      background-color: var(--bg);
+      border: 1px solid var(--border);
+      border-radius: 6px;
+      padding: 14px;
+      display: flex;
+      flex-direction: column;
+      gap: 8px;
+    }
+    .profile-card-name {
+      font-size: 12px;
+      font-weight: 600;
+      color: var(--text-primary);
+    }
+    .profile-card-desc {
+      font-size: 11px;
+      color: var(--text-secondary);
+      line-height: 1.4;
+    }
+    .profile-badge {
+      display: inline-flex;
+      align-items: center;
+      gap: 4px;
+      padding: 2px 8px;
+      border-radius: 4px;
+      font-size: 10px;
+      font-weight: 600;
+      width: fit-content;
+    }
+    .profile-badge.enabled {
+      background-color: rgba(63, 185, 80, 0.15);
+      color: var(--green);
+    }
+    .profile-badge.disabled {
+      background-color: rgba(139, 148, 158, 0.15);
+      color: var(--text-secondary);
+    }
+    .prompt-section {
+      margin-top: 12px;
+    }
+    .prompt-textarea {
+      width: 100%;
+      min-height: 120px;
+      background-color: var(--bg);
+      border: 1px solid var(--border);
+      border-radius: 6px;
+      color: var(--text-primary);
+      font-family: 'JetBrains Mono', monospace;
+      font-size: 12px;
+      padding: 12px;
+      resize: vertical;
+      margin-top: 8px;
+    }
+    .prompt-actions {
+      display: flex;
+      gap: 8px;
+      margin-top: 8px;
+    }
+    .prompt-btn {
+      padding: 6px 12px;
+      border: 1px solid var(--border);
+      border-radius: 4px;
+      background-color: var(--surface);
+      color: var(--text-primary);
+      font-size: 12px;
+      cursor: pointer;
+    }
+    .prompt-btn:hover {
+      background-color: var(--muted);
+    }
+    .prompt-btn.primary {
+      background-color: var(--blue);
+      color: var(--bg);
+      border-color: var(--blue);
+    }
+    @media (max-width: 900px) {
+      .profile-cards {
+        grid-template-columns: repeat(2, 1fr);
+      }
+    }
+    @media (max-width: 500px) {
+      .profile-cards {
+        grid-template-columns: 1fr;
+      }
+    }
     /* Threat Panel */
     .threat-panel {
       background-color: var(--surface);
@@ -3347,6 +3501,48 @@ function generateDashboardHTML(options) {
         </div>
       </div>
+      <!-- Sovereignty Profile Panel -->
+      <div class="profile-panel" id="sovereignty-profile-panel">
+        <div class="panel-header">
+          <div class="panel-title">Sovereignty Profile</div>
+          <span class="card-value" id="profile-updated-at" style="font-size: 11px; color: var(--text-secondary);">\u2014</span>
+        </div>
+        <div class="profile-cards" id="profile-cards">
+          <div class="profile-card" data-feature="audit_logging">
+            <div class="profile-card-name">Audit Logging</div>
+            <div class="profile-badge disabled" id="badge-audit_logging">OFF</div>
+            <div class="profile-card-desc">Encrypted audit trail of all tool calls</div>
+          </div>
+          <div class="profile-card" data-feature="injection_detection">
+            <div class="profile-card-name">Injection Detection</div>
+            <div class="profile-badge disabled" id="badge-injection_detection">OFF</div>
+            <div class="profile-card-desc">Scans tool arguments for prompt injection</div>
+          </div>
+          <div class="profile-card" data-feature="context_gating">
+            <div class="profile-card-name">Context Gating</div>
+            <div class="profile-badge disabled" id="badge-context_gating">OFF</div>
+            <div class="profile-card-desc">Controls context flow to remote providers</div>
+          </div>
+          <div class="profile-card" data-feature="approval_gate">
+            <div class="profile-card-name">Approval Gates</div>
+            <div class="profile-badge disabled" id="badge-approval_gate">OFF</div>
+            <div class="profile-card-desc">Human approval for high-risk operations</div>
+          </div>
+          <div class="profile-card" data-feature="zk_proofs">
+            <div class="profile-card-name">ZK Proofs</div>
+            <div class="profile-badge disabled" id="badge-zk_proofs">OFF</div>
+            <div class="profile-card-desc">Prove claims without revealing data</div>
+          </div>
+        </div>
+        <div class="prompt-section">
+          <div class="prompt-actions">
+            <button class="prompt-btn primary" id="generate-prompt-btn">Generate System Prompt</button>
+            <button class="prompt-btn" id="copy-prompt-btn" style="display:none;">Copy</button>
+          </div>
+          <textarea class="prompt-textarea" id="system-prompt-output" readonly style="display:none;" placeholder="Click 'Generate System Prompt' to create an agent instruction snippet..."></textarea>
+        </div>
+      </div>
       <!-- Threat Panel -->
       <div class="threat-panel collapsed">
         <div class="threat-header">
@@ -3368,7 +3564,9 @@ function generateDashboardHTML(options) {
   <script>
     // Constants
-    const AUTH_TOKEN = '${options.authToken || ""}' || sessionStorage.getItem('authToken') || '';
+    // SEC-038: Do NOT embed the long-lived auth token in page source.
+    // Use only the session token stored in sessionStorage by the login flow.
+    const AUTH_TOKEN = sessionStorage.getItem('authToken') || '';
     const TIMEOUT_SECONDS = ${options.timeoutSeconds};
     const API_BASE = '';
@@ -3379,6 +3577,7 @@ function generateDashboardHTML(options) {
       handshakes: [],
       shr: null,
       status: null,
+      systemPrompt: null,
     };
     let pendingRequests = new Map();
@@ -3831,6 +4030,10 @@ function generateDashboardHTML(options) {
         removePendingRequest(data.requestId);
       });
+      eventSource.addEventListener('sovereignty-profile-update', () => {
+        updateSovereigntyProfile();
+      });
       eventSource.onerror = () => {
         console.error('SSE error');
         setTimeout(setupSSE, 5000);
@@ -3987,6 +4190,58 @@ function generateDashboardHTML(options) {
       document.getElementById('pending-overlay').classList.toggle('show');
     });
+    // Sovereignty Profile
+    async function updateSovereigntyProfile() {
+      try {
+        const data = await fetchAPI('/api/sovereignty-profile');
+        if (data && data.profile) {
+          const features = data.profile.features;
+          for (const [key, value] of Object.entries(features)) {
+            const badge = document.getElementById('badge-' + key);
+            if (badge) {
+              const enabled = value && value.enabled;
+              badge.textContent = enabled ? 'ON' : 'OFF';
+              badge.className = 'profile-badge ' + (enabled ? 'enabled' : 'disabled');
+            }
+          }
+          const updatedEl = document.getElementById('profile-updated-at');
+          if (updatedEl && data.profile.updated_at) {
+            updatedEl.textContent = 'Updated: ' + new Date(data.profile.updated_at).toLocaleString();
+          }
+          // Cache the prompt
+          if (data.system_prompt) {
+            apiState.systemPrompt = data.system_prompt;
+          }
+        }
+      } catch (e) {
+        // Profile not available
+      }
+    }
+    document.getElementById('generate-prompt-btn').addEventListener('click', async () => {
+      const data = await fetchAPI('/api/sovereignty-profile');
+      if (data && data.system_prompt) {
+        const textarea = document.getElementById('system-prompt-output');
+        const copyBtn = document.getElementById('copy-prompt-btn');
+        textarea.value = data.system_prompt;
+        textarea.style.display = 'block';
+        copyBtn.style.display = 'inline-flex';
+      }
+    });
+    document.getElementById('copy-prompt-btn').addEventListener('click', async () => {
+      const textarea = document.getElementById('system-prompt-output');
+      try {
+        await navigator.clipboard.writeText(textarea.value);
+        const btn = document.getElementById('copy-prompt-btn');
+        const original = btn.textContent;
+        btn.textContent = 'Copied!';
+        setTimeout(() => { btn.textContent = original; }, 2000);
+      } catch (err) {
+        console.error('Copy failed:', err);
+      }
+    });
     // Initialize
     async function initialize() {
       if (!AUTH_TOKEN) {
@@ -4001,6 +4256,7 @@ function generateDashboardHTML(options) {
         updateHandshakes(),
         updateSHR(),
         updateStatus(),
+        updateSovereigntyProfile(),
       ]);
       // Setup SSE for real-time updates
@@ -4020,12 +4276,92 @@ var init_dashboard_html = __esm({
   "src/principal-policy/dashboard-html.ts"() {
   }
 });
+// src/system-prompt-generator.ts
+function generateSystemPrompt(profile) {
+  const activeFeatures = [];
+  const inactiveFeatures = [];
+  const featureKeys = [
+    "audit_logging",
+    "injection_detection",
+    "context_gating",
+    "approval_gate",
+    "zk_proofs"
+  ];
+  for (const key of featureKeys) {
+    const featureConfig = profile.features[key];
+    const info = FEATURE_INFO[key];
+    if (featureConfig.enabled) {
+      let desc = `- ${info.name}: ${info.activeDescription}`;
+      if (key === "injection_detection" && "sensitivity" in featureConfig && featureConfig.sensitivity) {
+        desc += ` Sensitivity: ${featureConfig.sensitivity}.`;
+      }
+      if (key === "context_gating" && "policy_id" in featureConfig && featureConfig.policy_id) {
+        desc += ` Active policy: ${featureConfig.policy_id}.`;
+      }
+      activeFeatures.push(desc);
+    } else {
+      inactiveFeatures.push(info.disabledDescription);
+    }
+  }
+  const lines = [
+    "You are protected by Sanctuary sovereignty infrastructure. The following protections are active:",
+    ""
+  ];
+  if (activeFeatures.length > 0) {
+    lines.push(...activeFeatures);
+  } else {
+    lines.push("- No features are currently enabled. Contact your operator to configure protections.");
+  }
+  if (inactiveFeatures.length > 0) {
+    lines.push("");
+    lines.push(
+      `Optional tools available but not currently enabled: ${inactiveFeatures.join(", ")}.`
+    );
+  }
+  return lines.join("\n");
+}
+var FEATURE_INFO;
+var init_system_prompt_generator = __esm({
+  "src/system-prompt-generator.ts"() {
+    FEATURE_INFO = {
+      audit_logging: {
+        name: "Audit Logging",
+        activeDescription: "All your tool calls are logged to an encrypted audit trail. No action needed \u2014 this is automatic.",
+        disabledDescription: "audit logging (sanctuary/monitor_audit_log)"
+      },
+      injection_detection: {
+        name: "Injection Detection",
+        activeDescription: "Your tool call arguments are scanned for prompt injection attempts. No action needed \u2014 this is automatic.",
+        disabledDescription: "injection detection"
+      },
+      context_gating: {
+        name: "Context Gating",
+        activeDescription: "Before making outbound calls to remote providers, filter your context through sanctuary/context_gate_filter to ensure minimum-necessary disclosure.",
+        toolNames: ["sanctuary/context_gate_filter", "sanctuary/context_gate_set_policy"],
+        disabledDescription: "context gating (sanctuary/context_gate_filter)"
+      },
+      approval_gate: {
+        name: "Approval Gates",
+        activeDescription: "High-risk operations require human approval before execution. Tier 1 operations always require approval; Tier 2 operations trigger approval on anomaly detection.",
+        disabledDescription: "approval gates"
+      },
+      zk_proofs: {
+        name: "Zero-Knowledge Proofs",
+        activeDescription: "You can prove claims about your data without revealing the underlying values. Use sanctuary/zk_commit to create commitments, sanctuary/zk_prove for proofs of knowledge, and sanctuary/zk_range_prove for range proofs.",
+        toolNames: ["sanctuary/zk_commit", "sanctuary/zk_prove", "sanctuary/zk_range_prove"],
+        disabledDescription: "zero-knowledge proofs (sanctuary/zk_commit, sanctuary/zk_prove)"
+      }
+    };
+  }
+});
 var SESSION_TTL_REMOTE_MS, SESSION_TTL_LOCAL_MS, MAX_SESSIONS, RATE_LIMIT_WINDOW_MS, RATE_LIMIT_GENERAL, RATE_LIMIT_DECISIONS, MAX_RATE_LIMIT_ENTRIES, DashboardApprovalChannel;
 var init_dashboard = __esm({
   "src/principal-policy/dashboard.ts"() {
     init_config();
     init_generator();
     init_dashboard_html();
+    init_system_prompt_generator();
     SESSION_TTL_REMOTE_MS = 5 * 60 * 1e3;
     SESSION_TTL_LOCAL_MS = 24 * 60 * 60 * 1e3;
     MAX_SESSIONS = 1e3;
@@ -4045,6 +4381,7 @@ var init_dashboard = __esm({
       handshakeResults = null;
       shrOpts = null;
       _sanctuaryConfig = null;
+      profileStore = null;
       dashboardHTML;
       loginHTML;
       authToken;
@@ -4084,6 +4421,7 @@ var init_dashboard = __esm({
         if (deps.handshakeResults) this.handshakeResults = deps.handshakeResults;
         if (deps.shrOpts) this.shrOpts = deps.shrOpts;
         if (deps.sanctuaryConfig) this._sanctuaryConfig = deps.sanctuaryConfig;
+        if (deps.profileStore) this.profileStore = deps.profileStore;
       }
       /**
        * Mark this dashboard as running in standalone mode.
@@ -4431,6 +4769,10 @@ var init_dashboard = __esm({
             this.handleHandshakes(res);
           } else if (method === "GET" && url.pathname === "/api/shr") {
             this.handleSHR(res);
+          } else if (method === "GET" && url.pathname === "/api/sovereignty-profile") {
+            this.handleSovereigntyProfileGet(res);
+          } else if (method === "POST" && url.pathname === "/api/sovereignty-profile") {
+            this.handleSovereigntyProfileUpdate(req, res);
           } else if (method === "POST" && url.pathname.startsWith("/api/approve/")) {
             if (!this.checkRateLimit(req, res, "decisions")) return;
             const id = url.pathname.slice("/api/approve/".length);
@@ -4722,6 +5064,61 @@ data: ${JSON.stringify(initData)}
         res.writeHead(200, { "Content-Type": "application/json" });
         res.end(JSON.stringify(shr));
       }
+      // ── Sovereignty Profile API ─────────────────────────────────────────
+      handleSovereigntyProfileGet(res) {
+        if (!this.profileStore) {
+          res.writeHead(200, { "Content-Type": "application/json" });
+          res.end(JSON.stringify({ error: "Sovereignty Profile not available" }));
+          return;
+        }
+        try {
+          const profile = this.profileStore.get();
+          const prompt = generateSystemPrompt(profile);
+          res.writeHead(200, { "Content-Type": "application/json" });
+          res.end(JSON.stringify({ profile, system_prompt: prompt }));
+        } catch {
+          res.writeHead(500, { "Content-Type": "application/json" });
+          res.end(JSON.stringify({ error: "Failed to read sovereignty profile" }));
+        }
+      }
+      handleSovereigntyProfileUpdate(req, res) {
+        if (!this.profileStore) {
+          res.writeHead(400, { "Content-Type": "application/json" });
+          res.end(JSON.stringify({ error: "Sovereignty Profile not available" }));
+          return;
+        }
+        let body = "";
+        let destroyed = false;
+        req.on("data", (chunk) => {
+          body += chunk.toString();
+          if (body.length > 16384) {
+            destroyed = true;
+            res.writeHead(413, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "Request body too large" }));
+            req.destroy();
+          }
+        });
+        req.on("end", async () => {
+          if (destroyed) return;
+          try {
+            const updates = JSON.parse(body);
+            const updated = await this.profileStore.update(updates);
+            const prompt = generateSystemPrompt(updated);
+            if (this.auditLog) {
+              this.auditLog.append("l2", "sovereignty_profile_update_dashboard", "dashboard", {
+                changes: updates,
+                features_enabled: Object.entries(updated.features).filter(([, v]) => v.enabled).map(([k]) => k)
+              });
+            }
+            this.broadcastSSE("sovereignty-profile-update", { profile: updated, system_prompt: prompt });
+            res.writeHead(200, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ profile: updated, system_prompt: prompt }));
+          } catch {
+            res.writeHead(400, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "Invalid JSON body" }));
+          }
+        });
+      }
       // ── SSE Broadcasting ────────────────────────────────────────────────
       broadcastSSE(event, data) {
         const message = `event: ${event}
@@ -4824,6 +5221,148 @@ data: ${JSON.stringify(data)}
   }
 });
+// src/sovereignty-profile.ts
+function createDefaultProfile() {
+  return {
+    version: 1,
+    features: {
+      audit_logging: { enabled: true },
+      injection_detection: { enabled: true },
+      context_gating: { enabled: false },
+      approval_gate: { enabled: false },
+      zk_proofs: { enabled: false }
+    },
+    updated_at: (/* @__PURE__ */ new Date()).toISOString()
+  };
+}
+var NAMESPACE, PROFILE_KEY, HKDF_DOMAIN, SovereigntyProfileStore;
+var init_sovereignty_profile = __esm({
+  "src/sovereignty-profile.ts"() {
+    init_encryption();
+    init_key_derivation();
+    init_encoding();
+    NAMESPACE = "_sovereignty_profile";
+    PROFILE_KEY = "active";
+    HKDF_DOMAIN = "sovereignty-profile";
+    SovereigntyProfileStore = class {
+      storage;
+      encryptionKey;
+      profile = null;
+      constructor(storage, masterKey) {
+        this.storage = storage;
+        this.encryptionKey = derivePurposeKey(masterKey, HKDF_DOMAIN);
+      }
+      /**
+       * Load the active sovereignty profile from encrypted storage.
+       * Creates the default profile on first run.
+       */
+      async load() {
+        if (this.profile) return this.profile;
+        const raw = await this.storage.read(NAMESPACE, PROFILE_KEY);
+        if (raw) {
+          try {
+            const encrypted = JSON.parse(bytesToString(raw));
+            const decrypted = decrypt(encrypted, this.encryptionKey);
+            this.profile = JSON.parse(bytesToString(decrypted));
+            return this.profile;
+          } catch {
+          }
+        }
+        this.profile = createDefaultProfile();
+        await this.persist();
+        return this.profile;
+      }
+      /**
+       * Get the current profile. Must call load() first.
+       */
+      get() {
+        if (!this.profile) {
+          throw new Error("SovereigntyProfileStore: call load() before get()");
+        }
+        return this.profile;
+      }
+      /**
+       * Apply a partial update to the profile.
+       * Returns the updated profile.
+       */
+      async update(updates) {
+        if (!this.profile) {
+          await this.load();
+        }
+        const features = this.profile.features;
+        if (updates.audit_logging !== void 0) {
+          if (updates.audit_logging.enabled !== void 0) {
+            if (typeof updates.audit_logging.enabled !== "boolean") {
+              throw new Error("audit_logging.enabled must be a boolean");
+            }
+            features.audit_logging.enabled = updates.audit_logging.enabled;
+          }
+        }
+        if (updates.injection_detection !== void 0) {
+          if (updates.injection_detection.enabled !== void 0) {
+            if (typeof updates.injection_detection.enabled !== "boolean") {
+              throw new Error("injection_detection.enabled must be a boolean");
+            }
+            features.injection_detection.enabled = updates.injection_detection.enabled;
+          }
+          if (updates.injection_detection.sensitivity !== void 0) {
+            const valid = ["low", "medium", "high"];
+            if (!valid.includes(updates.injection_detection.sensitivity)) {
+              throw new Error("injection_detection.sensitivity must be low, medium, or high");
+            }
+            features.injection_detection.sensitivity = updates.injection_detection.sensitivity;
+          }
+        }
+        if (updates.context_gating !== void 0) {
+          if (updates.context_gating.enabled !== void 0) {
+            if (typeof updates.context_gating.enabled !== "boolean") {
+              throw new Error("context_gating.enabled must be a boolean");
+            }
+            features.context_gating.enabled = updates.context_gating.enabled;
+          }
+          if (updates.context_gating.policy_id !== void 0) {
+            if (typeof updates.context_gating.policy_id !== "string" || updates.context_gating.policy_id.length > 256) {
+              throw new Error("context_gating.policy_id must be a string of 256 characters or fewer");
+            }
+            features.context_gating.policy_id = updates.context_gating.policy_id;
+          }
+        }
+        if (updates.approval_gate !== void 0) {
+          if (updates.approval_gate.enabled !== void 0) {
+            if (typeof updates.approval_gate.enabled !== "boolean") {
+              throw new Error("approval_gate.enabled must be a boolean");
+            }
+            features.approval_gate.enabled = updates.approval_gate.enabled;
+          }
+        }
+        if (updates.zk_proofs !== void 0) {
+          if (updates.zk_proofs.enabled !== void 0) {
+            if (typeof updates.zk_proofs.enabled !== "boolean") {
+              throw new Error("zk_proofs.enabled must be a boolean");
+            }
+            features.zk_proofs.enabled = updates.zk_proofs.enabled;
+          }
+        }
+        this.profile.updated_at = (/* @__PURE__ */ new Date()).toISOString();
+        await this.persist();
+        return this.profile;
+      }
+      /**
+       * Persist the current profile to encrypted storage.
+       */
+      async persist() {
+        const serialized = stringToBytes(JSON.stringify(this.profile));
+        const encrypted = encrypt(serialized, this.encryptionKey);
+        await this.storage.write(
+          NAMESPACE,
+          PROFILE_KEY,
+          stringToBytes(JSON.stringify(encrypted))
+        );
+      }
+    };
+  }
+});
 // src/dashboard-standalone.ts
 var dashboard_standalone_exports = {};
 __export(dashboard_standalone_exports, {
@@ -4933,6 +5472,8 @@ async function startStandaloneDashboard(options = {}) {
   const loadResult = await identityManager.load();
   const shrOpts = { config, identityManager, masterKey };
   const handshakeResults = /* @__PURE__ */ new Map();
+  const profileStore = new SovereigntyProfileStore(storage, masterKey);
+  await profileStore.load();
   dashboard.setDependencies({
     policy,
     baseline,
@@ -4940,7 +5481,8 @@ async function startStandaloneDashboard(options = {}) {
     identityManager,
     handshakeResults,
     shrOpts,
-    sanctuaryConfig: config
+    sanctuaryConfig: config,
+    profileStore
   });
   dashboard.setStandaloneMode(true);
   await dashboard.start();
@@ -4991,6 +5533,7 @@ var init_dashboard_standalone = __esm({
     init_random();
     init_encoding();
     init_tools();
+    init_sovereignty_profile();
   }
 });
@@ -5017,7 +5560,9 @@ var RESERVED_NAMESPACE_PREFIXES = [
   "_bridge",
   "_federation",
   "_handshake",
-  "_shr"
+  "_shr",
+  "_sovereignty_profile",
+  "_context_gate_policies"
 ];
 var StateStore = class {
   storage;
@@ -7179,6 +7724,24 @@ function createL4Tools(storage, masterKey, identityManager, auditLog, handshakeR
         }
         const publishType = args.type;
         const veracoreUrl = args.verascore_url || "https://verascore.ai";
+        const ALLOWED_VERASCORE_HOSTS = ["verascore.ai", "www.verascore.ai", "api.verascore.ai"];
+        try {
+          const parsed = new URL(veracoreUrl);
+          if (parsed.protocol !== "https:") {
+            return toolResult({
+              error: `verascore_url must use HTTPS. Got: ${parsed.protocol}`
+            });
+          }
+          if (!ALLOWED_VERASCORE_HOSTS.includes(parsed.hostname)) {
+            return toolResult({
+              error: `verascore_url must point to a known Verascore domain (${ALLOWED_VERASCORE_HOSTS.join(", ")}). Got: ${parsed.hostname}`
+            });
+          }
+        } catch {
+          return toolResult({
+            error: `verascore_url is not a valid URL: ${veracoreUrl}`
+          });
+        }
         const agentId = args.verascore_agent_id || identity.did.replace(/[^a-zA-Z0-9-]/g, "-").toLowerCase();
         let publishData;
         if (args.data) {
@@ -7208,24 +7771,21 @@ function createL4Tools(storage, masterKey, identityManager, auditLog, handshakeR
               return toolResult({ error: `Unknown publish type: ${publishType}` });
           }
         }
-        const { sign: sign2, createPrivateKey } = await import('crypto');
-        const payloadBytes = Buffer.from(JSON.stringify(publishData), "utf-8");
+        const { sign: identitySign } = await Promise.resolve().then(() => (init_identity(), identity_exports));
+        const payloadBytes = new TextEncoder().encode(JSON.stringify(publishData));
         let signatureB64;
         try {
-          const signingKey = derivePurposeKey(masterKey, "verascore-publish");
-          const privateKey = createPrivateKey({
-            key: Buffer.concat([
-              Buffer.from("302e020100300506032b657004220420", "hex"),
-              // Ed25519 DER PKCS8 prefix
-              Buffer.from(signingKey.slice(0, 32))
-            ]),
-            format: "der",
-            type: "pkcs8"
-          });
-          const sig = sign2(null, payloadBytes, privateKey);
-          signatureB64 = sig.toString("base64url");
+          const signingBytes = identitySign(
+            payloadBytes,
+            identity.encrypted_private_key,
+            identityEncryptionKey
+          );
+          signatureB64 = toBase64url(signingBytes);
         } catch (signError) {
-          signatureB64 = toBase64url(new Uint8Array(64));
+          return toolResult({
+            error: "Failed to sign publish payload. Identity key may be corrupted.",
+            details: signError instanceof Error ? signError.message : String(signError)
+          });
         }
         const requestBody = {
           agentId,
@@ -12941,12 +13501,147 @@ function createL2HardeningTools(storagePath, auditLog) {
   ];
 }
+// src/index.ts
+init_sovereignty_profile();
+// src/sovereignty-profile-tools.ts
+init_router();
+init_system_prompt_generator();
+function createSovereigntyProfileTools(profileStore, auditLog) {
+  const tools = [
+    // ── Get Profile ──────────────────────────────────────────────────
+    {
+      name: "sanctuary/sovereignty_profile_get",
+      description: "Get the current Sovereignty Profile \u2014 shows which Sanctuary features are active (audit logging, injection detection, context gating, approval gates, ZK proofs) and their configuration.",
+      inputSchema: {
+        type: "object",
+        properties: {}
+      },
+      handler: async () => {
+        const profile = profileStore.get();
+        auditLog.append("l2", "sovereignty_profile_get", "system", {
+          features_enabled: Object.entries(profile.features).filter(([, v]) => v.enabled).map(([k]) => k)
+        });
+        return toolResult({
+          profile,
+          message: "Current Sovereignty Profile. Use sovereignty_profile_update to change settings."
+        });
+      }
+    },
+    // ── Update Profile ───────────────────────────────────────────────
+    {
+      name: "sanctuary/sovereignty_profile_update",
+      description: "Update the Sovereignty Profile feature toggles. This changes which Sanctuary protections are active. Requires human approval (Tier 1) because it modifies enforcement behavior. Pass only the features you want to change \u2014 unspecified features remain unchanged.",
+      inputSchema: {
+        type: "object",
+        properties: {
+          audit_logging: {
+            type: "object",
+            properties: {
+              enabled: { type: "boolean" }
+            },
+            description: "Toggle audit logging on/off"
+          },
+          injection_detection: {
+            type: "object",
+            properties: {
+              enabled: { type: "boolean" },
+              sensitivity: {
+                type: "string",
+                enum: ["low", "medium", "high"],
+                description: "Detection sensitivity threshold"
+              }
+            },
+            description: "Toggle injection detection and set sensitivity"
+          },
+          context_gating: {
+            type: "object",
+            properties: {
+              enabled: { type: "boolean" },
+              policy_id: {
+                type: "string",
+                description: "ID of the context-gating policy to use"
+              }
+            },
+            description: "Toggle context gating and set active policy"
+          },
+          approval_gate: {
+            type: "object",
+            properties: {
+              enabled: { type: "boolean" }
+            },
+            description: "Toggle approval gates on/off"
+          },
+          zk_proofs: {
+            type: "object",
+            properties: {
+              enabled: { type: "boolean" }
+            },
+            description: "Toggle zero-knowledge proofs on/off"
+          }
+        }
+      },
+      handler: async (args) => {
+        const updates = {};
+        if (args.audit_logging !== void 0) {
+          updates.audit_logging = args.audit_logging;
+        }
+        if (args.injection_detection !== void 0) {
+          updates.injection_detection = args.injection_detection;
+        }
+        if (args.context_gating !== void 0) {
+          updates.context_gating = args.context_gating;
+        }
+        if (args.approval_gate !== void 0) {
+          updates.approval_gate = args.approval_gate;
+        }
+        if (args.zk_proofs !== void 0) {
+          updates.zk_proofs = args.zk_proofs;
+        }
+        const updated = await profileStore.update(updates);
+        auditLog.append("l2", "sovereignty_profile_update", "system", {
+          changes: updates,
+          features_enabled: Object.entries(updated.features).filter(([, v]) => v.enabled).map(([k]) => k)
+        });
+        return toolResult({
+          profile: updated,
+          message: "Sovereignty Profile updated. Changes take effect immediately."
+        });
+      }
+    },
+    // ── Generate System Prompt ───────────────────────────────────────
+    {
+      name: "sanctuary/sovereignty_profile_generate_prompt",
+      description: "Generate a system prompt snippet based on the active Sovereignty Profile. The snippet instructs an agent on which Sanctuary features are active and how to use them. Copy and paste this into your agent's system configuration.",
+      inputSchema: {
+        type: "object",
+        properties: {}
+      },
+      handler: async () => {
+        const profile = profileStore.get();
+        const prompt = generateSystemPrompt(profile);
+        auditLog.append("l2", "sovereignty_profile_generate_prompt", "system", {
+          features_enabled: Object.entries(profile.features).filter(([, v]) => v.enabled).map(([k]) => k)
+        });
+        return toolResult({
+          system_prompt: prompt,
+          token_estimate: Math.ceil(prompt.length / 4),
+          message: "Copy the system_prompt text above and paste it into your agent's system configuration. It will update dynamically as you toggle features."
+        });
+      }
+    }
+  ];
+  return { tools };
+}
 // src/index.ts
 init_key_derivation();
 init_random();
 init_encoding();
 init_config();
 init_audit_log();
+init_sovereignty_profile();
+init_system_prompt_generator();
 init_filesystem();
 init_baseline();
 init_loader();
@@ -13307,6 +14002,9 @@ async function createSanctuaryServer(options) {
   const { tools: auditTools } = createAuditTools(config);
   const { tools: contextGateTools, enforcer: contextGateEnforcer } = createContextGateTools(storage, masterKey, auditLog);
   const hardeningTools = createL2HardeningTools(config.storage_path, auditLog);
+  const profileStore = new SovereigntyProfileStore(storage, masterKey);
+  await profileStore.load();
+  const { tools: profileTools } = createSovereigntyProfileTools(profileStore, auditLog);
   const policy = await loadPrincipalPolicy(config.storage_path);
   const baseline = new BaselineTracker(storage, masterKey);
   await baseline.load();
@@ -13334,7 +14032,8 @@ async function createSanctuaryServer(options) {
       identityManager,
       handshakeResults,
       shrOpts: { config, identityManager, masterKey },
-      sanctuaryConfig: config
+      sanctuaryConfig: config,
+      profileStore
     });
     await dashboard.start();
     approvalChannel = dashboard;
@@ -13411,6 +14110,7 @@ async function createSanctuaryServer(options) {
     ...auditTools,
     ...contextGateTools,
     ...hardeningTools,
+    ...profileTools,
     ...dashboardTools,
     manifestTool
   ];