npm - @sanctuary-framework/mcp-server - Versions diffs - 0.5.12 → 0.5.14 - Mend

@sanctuary-framework/mcp-server 0.5.12 → 0.5.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/index.cjs CHANGED Viewed

@@ -1,14 +1,14 @@
 'use strict';
+var crypto = require('crypto');
+var aes_js = require('@noble/ciphers/aes.js');
 var sha256 = require('@noble/hashes/sha256');
 var hmac = require('@noble/hashes/hmac');
+var ed25519 = require('@noble/curves/ed25519');
 var promises = require('fs/promises');
 var path = require('path');
 var os = require('os');
 var module$1 = require('module');
-var crypto = require('crypto');
-var aes_js = require('@noble/ciphers/aes.js');
-var ed25519 = require('@noble/curves/ed25519');
 var hashWasm = require('hash-wasm');
 var hkdf = require('@noble/hashes/hkdf');
 var index_js = require('@modelcontextprotocol/sdk/server/index.js');
@@ -28,6 +28,26 @@ var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, { get: all[name], enumerable: true });
 };
+function randomBytes(length) {
+  if (length <= 0) {
+    throw new RangeError("Length must be positive");
+  }
+  const buf = crypto.randomBytes(length);
+  return new Uint8Array(buf.buffer, buf.byteOffset, buf.byteLength);
+}
+function generateIV() {
+  return randomBytes(12);
+}
+function generateSalt() {
+  return randomBytes(32);
+}
+function generateRandomKey() {
+  return randomBytes(32);
+}
+var init_random = __esm({
+  "src/core/random.ts"() {
+  }
+});
 // src/core/encoding.ts
 var encoding_exports = {};
@@ -79,6 +99,42 @@ var init_encoding = __esm({
   "src/core/encoding.ts"() {
   }
 });
+function encrypt(plaintext, key, aad) {
+  if (key.length !== 32) {
+    throw new Error("Key must be exactly 32 bytes (256 bits)");
+  }
+  const iv = generateIV();
+  const cipher = aes_js.gcm(key, iv, aad);
+  const ciphertext = cipher.encrypt(plaintext);
+  return {
+    v: 1,
+    alg: "aes-256-gcm",
+    iv: toBase64url(iv),
+    ct: toBase64url(ciphertext),
+    ts: (/* @__PURE__ */ new Date()).toISOString()
+  };
+}
+function decrypt(payload, key, aad) {
+  if (key.length !== 32) {
+    throw new Error("Key must be exactly 32 bytes (256 bits)");
+  }
+  if (payload.v !== 1) {
+    throw new Error(`Unsupported payload version: ${payload.v}`);
+  }
+  if (payload.alg !== "aes-256-gcm") {
+    throw new Error(`Unsupported algorithm: ${payload.alg}`);
+  }
+  const iv = fromBase64url(payload.iv);
+  const ciphertext = fromBase64url(payload.ct);
+  const cipher = aes_js.gcm(key, iv, aad);
+  return cipher.decrypt(ciphertext);
+}
+var init_encryption = __esm({
+  "src/core/encryption.ts"() {
+    init_random();
+    init_encoding();
+  }
+});
 // src/core/hashing.ts
 var hashing_exports = {};
@@ -207,6 +263,123 @@ var init_hashing = __esm({
     init_encoding();
   }
 });
+// src/core/identity.ts
+var identity_exports = {};
+__export(identity_exports, {
+  createIdentity: () => createIdentity,
+  generateIdentityId: () => generateIdentityId,
+  generateKeypair: () => generateKeypair,
+  publicKeyToDid: () => publicKeyToDid,
+  rotateKeys: () => rotateKeys,
+  sign: () => sign,
+  verify: () => verify
+});
+function generateKeypair() {
+  const privateKey = randomBytes(32);
+  const publicKey = ed25519.ed25519.getPublicKey(privateKey);
+  return { publicKey, privateKey };
+}
+function publicKeyToDid(publicKey) {
+  const multicodec = new Uint8Array([237, 1, ...publicKey]);
+  return `did:key:z${toBase64url(multicodec)}`;
+}
+function generateIdentityId(publicKey) {
+  const keyHash = hash(publicKey);
+  return Array.from(keyHash.slice(0, 16)).map((b) => b.toString(16).padStart(2, "0")).join("");
+}
+function createIdentity(label, encryptionKey, keyProtection) {
+  const { publicKey, privateKey } = generateKeypair();
+  const identityId = generateIdentityId(publicKey);
+  const did = publicKeyToDid(publicKey);
+  const now = (/* @__PURE__ */ new Date()).toISOString();
+  const encryptedPrivateKey = encrypt(privateKey, encryptionKey);
+  privateKey.fill(0);
+  const publicIdentity = {
+    identity_id: identityId,
+    label,
+    public_key: toBase64url(publicKey),
+    did,
+    created_at: now,
+    key_type: "ed25519",
+    key_protection: keyProtection
+  };
+  const storedIdentity = {
+    ...publicIdentity,
+    encrypted_private_key: encryptedPrivateKey,
+    rotation_history: []
+  };
+  return { publicIdentity, storedIdentity };
+}
+function sign(payload, encryptedPrivateKey, encryptionKey) {
+  const privateKey = decrypt(encryptedPrivateKey, encryptionKey);
+  try {
+    return ed25519.ed25519.sign(payload, privateKey);
+  } finally {
+    privateKey.fill(0);
+  }
+}
+function verify(payload, signature, publicKey) {
+  try {
+    return ed25519.ed25519.verify(signature, payload, publicKey);
+  } catch {
+    return false;
+  }
+}
+function rotateKeys(storedIdentity, encryptionKey, reason) {
+  const { publicKey: newPublicKey, privateKey: newPrivateKey } = generateKeypair();
+  const newIdentityDid = publicKeyToDid(newPublicKey);
+  const now = (/* @__PURE__ */ new Date()).toISOString();
+  const eventData = JSON.stringify({
+    old_public_key: storedIdentity.public_key,
+    new_public_key: toBase64url(newPublicKey),
+    identity_id: storedIdentity.identity_id,
+    reason,
+    rotated_at: now
+  });
+  const eventBytes = new TextEncoder().encode(eventData);
+  const signature = sign(
+    eventBytes,
+    storedIdentity.encrypted_private_key,
+    encryptionKey
+  );
+  const rotationEvent = {
+    old_public_key: storedIdentity.public_key,
+    new_public_key: toBase64url(newPublicKey),
+    identity_id: storedIdentity.identity_id,
+    reason,
+    rotated_at: now,
+    signature: toBase64url(signature)
+  };
+  const encryptedNewPrivateKey = encrypt(newPrivateKey, encryptionKey);
+  newPrivateKey.fill(0);
+  const updatedIdentity = {
+    ...storedIdentity,
+    public_key: toBase64url(newPublicKey),
+    did: newIdentityDid,
+    encrypted_private_key: encryptedNewPrivateKey,
+    rotation_history: [
+      ...storedIdentity.rotation_history,
+      {
+        old_public_key: storedIdentity.public_key,
+        new_public_key: toBase64url(newPublicKey),
+        rotation_event: toBase64url(
+          new TextEncoder().encode(JSON.stringify(rotationEvent))
+        ),
+        rotated_at: now
+      }
+    ]
+  };
+  return { updatedIdentity, rotationEvent };
+}
+var init_identity = __esm({
+  "src/core/identity.ts"() {
+    init_encoding();
+    init_encryption();
+    init_hashing();
+    init_random();
+  }
+});
 var require2 = module$1.createRequire((typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('index.cjs', document.baseURI).href)));
 var { version: PKG_VERSION } = require2("../package.json");
 var SANCTUARY_VERSION = PKG_VERSION;
@@ -384,24 +557,9 @@ function deepMerge(base, override) {
   }
   return result;
 }
-function randomBytes(length) {
-  if (length <= 0) {
-    throw new RangeError("Length must be positive");
-  }
-  const buf = crypto.randomBytes(length);
-  return new Uint8Array(buf.buffer, buf.byteOffset, buf.byteLength);
-}
-function generateIV() {
-  return randomBytes(12);
-}
-function generateSalt() {
-  return randomBytes(32);
-}
-function generateRandomKey() {
-  return randomBytes(32);
-}
 // src/storage/filesystem.ts
+init_random();
 var FilesystemStorage = class {
   basePath;
   constructor(basePath) {
@@ -509,141 +667,14 @@ var FilesystemStorage = class {
     return total;
   }
 };
-init_encoding();
-function encrypt(plaintext, key, aad) {
-  if (key.length !== 32) {
-    throw new Error("Key must be exactly 32 bytes (256 bits)");
-  }
-  const iv = generateIV();
-  const cipher = aes_js.gcm(key, iv, aad);
-  const ciphertext = cipher.encrypt(plaintext);
-  return {
-    v: 1,
-    alg: "aes-256-gcm",
-    iv: toBase64url(iv),
-    ct: toBase64url(ciphertext),
-    ts: (/* @__PURE__ */ new Date()).toISOString()
-  };
-}
-function decrypt(payload, key, aad) {
-  if (key.length !== 32) {
-    throw new Error("Key must be exactly 32 bytes (256 bits)");
-  }
-  if (payload.v !== 1) {
-    throw new Error(`Unsupported payload version: ${payload.v}`);
-  }
-  if (payload.alg !== "aes-256-gcm") {
-    throw new Error(`Unsupported algorithm: ${payload.alg}`);
-  }
-  const iv = fromBase64url(payload.iv);
-  const ciphertext = fromBase64url(payload.ct);
-  const cipher = aes_js.gcm(key, iv, aad);
-  return cipher.decrypt(ciphertext);
-}
 // src/l1-cognitive/state-store.ts
+init_encryption();
 init_hashing();
+init_identity();
-// src/core/identity.ts
-init_encoding();
-init_hashing();
-function generateKeypair() {
-  const privateKey = randomBytes(32);
-  const publicKey = ed25519.ed25519.getPublicKey(privateKey);
-  return { publicKey, privateKey };
-}
-function publicKeyToDid(publicKey) {
-  const multicodec = new Uint8Array([237, 1, ...publicKey]);
-  return `did:key:z${toBase64url(multicodec)}`;
-}
-function generateIdentityId(publicKey) {
-  const keyHash = hash(publicKey);
-  return Array.from(keyHash.slice(0, 16)).map((b) => b.toString(16).padStart(2, "0")).join("");
-}
-function createIdentity(label, encryptionKey, keyProtection) {
-  const { publicKey, privateKey } = generateKeypair();
-  const identityId = generateIdentityId(publicKey);
-  const did = publicKeyToDid(publicKey);
-  const now = (/* @__PURE__ */ new Date()).toISOString();
-  const encryptedPrivateKey = encrypt(privateKey, encryptionKey);
-  privateKey.fill(0);
-  const publicIdentity = {
-    identity_id: identityId,
-    label,
-    public_key: toBase64url(publicKey),
-    did,
-    created_at: now,
-    key_type: "ed25519",
-    key_protection: keyProtection
-  };
-  const storedIdentity = {
-    ...publicIdentity,
-    encrypted_private_key: encryptedPrivateKey,
-    rotation_history: []
-  };
-  return { publicIdentity, storedIdentity };
-}
-function sign(payload, encryptedPrivateKey, encryptionKey) {
-  const privateKey = decrypt(encryptedPrivateKey, encryptionKey);
-  try {
-    return ed25519.ed25519.sign(payload, privateKey);
-  } finally {
-    privateKey.fill(0);
-  }
-}
-function verify(payload, signature, publicKey) {
-  try {
-    return ed25519.ed25519.verify(signature, payload, publicKey);
-  } catch {
-    return false;
-  }
-}
-function rotateKeys(storedIdentity, encryptionKey, reason) {
-  const { publicKey: newPublicKey, privateKey: newPrivateKey } = generateKeypair();
-  const newIdentityDid = publicKeyToDid(newPublicKey);
-  const now = (/* @__PURE__ */ new Date()).toISOString();
-  const eventData = JSON.stringify({
-    old_public_key: storedIdentity.public_key,
-    new_public_key: toBase64url(newPublicKey),
-    identity_id: storedIdentity.identity_id,
-    reason,
-    rotated_at: now
-  });
-  const eventBytes = new TextEncoder().encode(eventData);
-  const signature = sign(
-    eventBytes,
-    storedIdentity.encrypted_private_key,
-    encryptionKey
-  );
-  const rotationEvent = {
-    old_public_key: storedIdentity.public_key,
-    new_public_key: toBase64url(newPublicKey),
-    identity_id: storedIdentity.identity_id,
-    reason,
-    rotated_at: now,
-    signature: toBase64url(signature)
-  };
-  const encryptedNewPrivateKey = encrypt(newPrivateKey, encryptionKey);
-  newPrivateKey.fill(0);
-  const updatedIdentity = {
-    ...storedIdentity,
-    public_key: toBase64url(newPublicKey),
-    did: newIdentityDid,
-    encrypted_private_key: encryptedNewPrivateKey,
-    rotation_history: [
-      ...storedIdentity.rotation_history,
-      {
-        old_public_key: storedIdentity.public_key,
-        new_public_key: toBase64url(newPublicKey),
-        rotation_event: toBase64url(
-          new TextEncoder().encode(JSON.stringify(rotationEvent))
-        ),
-        rotated_at: now
-      }
-    ]
-  };
-  return { updatedIdentity, rotationEvent };
-}
+// src/core/key-derivation.ts
+init_random();
 init_encoding();
 var ARGON2_MEMORY_COST = 65536;
 var ARGON2_TIME_COST = 3;
@@ -717,7 +748,9 @@ var RESERVED_NAMESPACE_PREFIXES = [
   "_bridge",
   "_federation",
   "_handshake",
-  "_shr"
+  "_shr",
+  "_sovereignty_profile",
+  "_context_gate_policies"
 ];
 var StateStore = class {
   storage;
@@ -1241,7 +1274,9 @@ function toolResult(data) {
 }
 // src/l1-cognitive/tools.ts
+init_identity();
 init_encoding();
+init_encryption();
 init_encoding();
 var RESERVED_NAMESPACE_PREFIXES2 = [
   "_identities",
@@ -1256,7 +1291,9 @@ var RESERVED_NAMESPACE_PREFIXES2 = [
   "_bridge",
   "_federation",
   "_handshake",
-  "_shr"
+  "_shr",
+  "_sovereignty_profile",
+  "_context_gate_policies"
 ];
 function getReservedNamespaceViolation(namespace) {
   for (const prefix of RESERVED_NAMESPACE_PREFIXES2) {
@@ -1748,6 +1785,7 @@ function createL1Tools(stateStore, storage, masterKey, keyProtection, auditLog)
 }
 // src/l2-operational/audit-log.ts
+init_encryption();
 init_encoding();
 var AuditLog = class {
   storage;
@@ -1845,6 +1883,8 @@ var AuditLog = class {
 // src/l3-disclosure/commitments.ts
 init_hashing();
 init_encoding();
+init_random();
+init_encryption();
 init_encoding();
 function createCommitment(value, blindingFactor) {
   const blindingBytes = blindingFactor ? fromBase64url(blindingFactor) : randomBytes(32);
@@ -1925,7 +1965,9 @@ var CommitmentStore = class {
 };
 // src/l3-disclosure/policies.ts
+init_encryption();
 init_encoding();
+init_random();
 function evaluateDisclosure(policy, context, requestedFields) {
   return requestedFields.map((field) => {
     const exactRule = policy.rules.find((r) => r.context === context);
@@ -2056,6 +2098,9 @@ var PolicyStore = class {
     );
   }
 };
+// src/l3-disclosure/zk-proofs.ts
+init_random();
 init_encoding();
 var G = ed25519.RistrettoPoint.BASE;
 var H_INPUT = concatBytes(
@@ -2733,7 +2778,10 @@ function createL3Tools(storage, masterKey, auditLog) {
 }
 // src/l4-reputation/reputation-store.ts
+init_encryption();
 init_encoding();
+init_random();
+init_identity();
 function computeMedian(values) {
   if (values.length === 0) return 0;
   const sorted = [...values].sort((a, b) => a - b);
@@ -3628,6 +3676,24 @@ function createL4Tools(storage, masterKey, identityManager, auditLog, handshakeR
         }
         const publishType = args.type;
         const veracoreUrl = args.verascore_url || "https://verascore.ai";
+        const ALLOWED_VERASCORE_HOSTS = ["verascore.ai", "www.verascore.ai", "api.verascore.ai"];
+        try {
+          const parsed = new URL(veracoreUrl);
+          if (parsed.protocol !== "https:") {
+            return toolResult({
+              error: `verascore_url must use HTTPS. Got: ${parsed.protocol}`
+            });
+          }
+          if (!ALLOWED_VERASCORE_HOSTS.includes(parsed.hostname)) {
+            return toolResult({
+              error: `verascore_url must point to a known Verascore domain (${ALLOWED_VERASCORE_HOSTS.join(", ")}). Got: ${parsed.hostname}`
+            });
+          }
+        } catch {
+          return toolResult({
+            error: `verascore_url is not a valid URL: ${veracoreUrl}`
+          });
+        }
         const agentId = args.verascore_agent_id || identity.did.replace(/[^a-zA-Z0-9-]/g, "-").toLowerCase();
         let publishData;
         if (args.data) {
@@ -3657,24 +3723,21 @@ function createL4Tools(storage, masterKey, identityManager, auditLog, handshakeR
               return toolResult({ error: `Unknown publish type: ${publishType}` });
           }
         }
-        const { sign: sign2, createPrivateKey } = await import('crypto');
-        const payloadBytes = Buffer.from(JSON.stringify(publishData), "utf-8");
+        const { sign: identitySign } = await Promise.resolve().then(() => (init_identity(), identity_exports));
+        const payloadBytes = new TextEncoder().encode(JSON.stringify(publishData));
         let signatureB64;
         try {
-          const signingKey = derivePurposeKey(masterKey, "verascore-publish");
-          const privateKey = createPrivateKey({
-            key: Buffer.concat([
-              Buffer.from("302e020100300506032b657004220420", "hex"),
-              // Ed25519 DER PKCS8 prefix
-              Buffer.from(signingKey.slice(0, 32))
-            ]),
-            format: "der",
-            type: "pkcs8"
-          });
-          const sig = sign2(null, payloadBytes, privateKey);
-          signatureB64 = sig.toString("base64url");
+          const signingBytes = identitySign(
+            payloadBytes,
+            identity.encrypted_private_key,
+            identityEncryptionKey
+          );
+          signatureB64 = toBase64url(signingBytes);
         } catch (signError) {
-          signatureB64 = toBase64url(new Uint8Array(64));
+          return toolResult({
+            error: "Failed to sign publish payload. Identity key may be corrupted.",
+            details: signError instanceof Error ? signError.message : String(signError)
+          });
         }
         const requestBody = {
           agentId,
@@ -3753,7 +3816,11 @@ var DEFAULT_POLICY = {
     "reputation_import",
     "reputation_export",
     "bootstrap_provide_guarantee",
-    "decommission_certificate"
+    "decommission_certificate",
+    "reputation_publish",
+    // SEC-039: Explicit Tier 1 — sends data to external API
+    "sovereignty_profile_update"
+    // Changes enforcement behavior — always requires approval
   ],
   tier2_anomaly: DEFAULT_TIER2,
   tier3_always_allow: [
@@ -3805,7 +3872,11 @@ var DEFAULT_POLICY = {
     "shr_gateway_export",
     "bridge_commit",
     "bridge_verify",
-    "bridge_attest"
+    "bridge_attest",
+    "dashboard_open",
+    // SEC-039: Explicit Tier 3 — only generates a URL
+    "sovereignty_profile_get",
+    "sovereignty_profile_generate_prompt"
   ],
   approval_channel: DEFAULT_CHANNEL
 };
@@ -3913,6 +3984,8 @@ tier1_always_approve:
   - reputation_import
   - reputation_export
   - bootstrap_provide_guarantee
+  - reputation_publish
+  - sovereignty_profile_update
 # \u2500\u2500\u2500 Tier 2: Behavioral Anomaly Detection \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500
 # Triggers approval when agent behavior deviates from its baseline.
@@ -3975,6 +4048,9 @@ tier3_always_allow:
   - bridge_commit
   - bridge_verify
   - bridge_attest
+  - dashboard_open
+  - sovereignty_profile_get
+  - sovereignty_profile_generate_prompt
 # \u2500\u2500\u2500 Approval Channel \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500
 # How Sanctuary reaches you when approval is needed.
@@ -4002,6 +4078,7 @@ async function loadPrincipalPolicy(storagePath) {
 }
 // src/principal-policy/baseline.ts
+init_encryption();
 init_encoding();
 var BASELINE_NAMESPACE = "_principal";
 var BASELINE_KEY = "session-baseline";
@@ -4227,6 +4304,7 @@ function canonicalizeForSigning(body) {
 }
 // src/shr/generator.ts
+init_identity();
 init_encoding();
 var DEFAULT_VALIDITY_MS = 60 * 60 * 1e3;
 function generateSHR(identityId, opts) {
@@ -5179,73 +5257,200 @@ function generateDashboardHTML(options) {
       right: 0;
     }
-    .pending-header {
-      padding: 16px 20px;
-      border-bottom: 1px solid var(--border);
-      font-weight: 600;
-      color: var(--text-primary);
+    .pending-header {
+      padding: 16px 20px;
+      border-bottom: 1px solid var(--border);
+      font-weight: 600;
+      color: var(--text-primary);
+    }
+    .pending-items {
+      flex: 1;
+      overflow-y: auto;
+      padding: 16px;
+    }
+    .pending-item {
+      background-color: var(--bg);
+      border: 1px solid var(--border);
+      border-radius: 6px;
+      padding: 16px;
+      margin-bottom: 12px;
+    }
+    .pending-title {
+      font-weight: 600;
+      color: var(--text-primary);
+      margin-bottom: 8px;
+      word-break: break-word;
+    }
+    .pending-countdown {
+      font-size: 12px;
+      color: var(--amber);
+      margin-bottom: 12px;
+      font-weight: 500;
+    }
+    .pending-actions {
+      display: flex;
+      gap: 8px;
+    }
+    .pending-btn {
+      flex: 1;
+      padding: 8px 12px;
+      border: none;
+      border-radius: 4px;
+      font-size: 12px;
+      font-weight: 600;
+      cursor: pointer;
+      transition: background-color 0.2s;
+    }
+    .pending-approve {
+      background-color: var(--green);
+      color: var(--bg);
+    }
+    .pending-approve:hover {
+      background-color: #3fa040;
+    }
+    .pending-deny {
+      background-color: var(--red);
+      color: var(--bg);
+    }
+    .pending-deny:hover {
+      background-color: #e03c3c;
+    }
+    /* Sovereignty Profile Panel */
+    .profile-panel {
+      background-color: var(--surface);
+      border: 1px solid var(--border);
+      border-radius: 8px;
+      padding: 20px;
+    }
+    .profile-panel .panel-header {
+      display: flex;
+      justify-content: space-between;
+      align-items: center;
+      margin-bottom: 16px;
+    }
+    .profile-panel .panel-title {
+      font-size: 14px;
+      font-weight: 600;
+      color: var(--text-primary);
+    }
+    .profile-cards {
+      display: grid;
+      grid-template-columns: repeat(5, 1fr);
+      gap: 12px;
+      margin-bottom: 16px;
+    }
+    .profile-card {
+      background-color: var(--bg);
+      border: 1px solid var(--border);
+      border-radius: 6px;
+      padding: 14px;
+      display: flex;
+      flex-direction: column;
+      gap: 8px;
+    }
+    .profile-card-name {
+      font-size: 12px;
+      font-weight: 600;
+      color: var(--text-primary);
+    }
+    .profile-card-desc {
+      font-size: 11px;
+      color: var(--text-secondary);
+      line-height: 1.4;
+    }
+    .profile-badge {
+      display: inline-flex;
+      align-items: center;
+      gap: 4px;
+      padding: 2px 8px;
+      border-radius: 4px;
+      font-size: 10px;
+      font-weight: 600;
+      width: fit-content;
+    }
+    .profile-badge.enabled {
+      background-color: rgba(63, 185, 80, 0.15);
+      color: var(--green);
+    }
+    .profile-badge.disabled {
+      background-color: rgba(139, 148, 158, 0.15);
+      color: var(--text-secondary);
     }
-    .pending-items {
-      flex: 1;
-      overflow-y: auto;
-      padding: 16px;
+    .prompt-section {
+      margin-top: 12px;
     }
-    .pending-item {
+    .prompt-textarea {
+      width: 100%;
+      min-height: 120px;
       background-color: var(--bg);
       border: 1px solid var(--border);
       border-radius: 6px;
-      padding: 16px;
-      margin-bottom: 12px;
-    }
-    .pending-title {
-      font-weight: 600;
       color: var(--text-primary);
-      margin-bottom: 8px;
-      word-break: break-word;
-    }
-    .pending-countdown {
+      font-family: 'JetBrains Mono', monospace;
       font-size: 12px;
-      color: var(--amber);
-      margin-bottom: 12px;
-      font-weight: 500;
+      padding: 12px;
+      resize: vertical;
+      margin-top: 8px;
     }
-    .pending-actions {
+    .prompt-actions {
       display: flex;
       gap: 8px;
+      margin-top: 8px;
     }
-    .pending-btn {
-      flex: 1;
-      padding: 8px 12px;
-      border: none;
+    .prompt-btn {
+      padding: 6px 12px;
+      border: 1px solid var(--border);
       border-radius: 4px;
+      background-color: var(--surface);
+      color: var(--text-primary);
       font-size: 12px;
-      font-weight: 600;
       cursor: pointer;
-      transition: background-color 0.2s;
     }
-    .pending-approve {
-      background-color: var(--green);
-      color: var(--bg);
+    .prompt-btn:hover {
+      background-color: var(--muted);
     }
-    .pending-approve:hover {
-      background-color: #3fa040;
+    .prompt-btn.primary {
+      background-color: var(--blue);
+      color: var(--bg);
+      border-color: var(--blue);
     }
-    .pending-deny {
-      background-color: var(--red);
-      color: var(--bg);
+    @media (max-width: 900px) {
+      .profile-cards {
+        grid-template-columns: repeat(2, 1fr);
+      }
     }
-    .pending-deny:hover {
-      background-color: #e03c3c;
+    @media (max-width: 500px) {
+      .profile-cards {
+        grid-template-columns: 1fr;
+      }
     }
     /* Threat Panel */
@@ -5586,6 +5791,48 @@ function generateDashboardHTML(options) {
         </div>
       </div>
+      <!-- Sovereignty Profile Panel -->
+      <div class="profile-panel" id="sovereignty-profile-panel">
+        <div class="panel-header">
+          <div class="panel-title">Sovereignty Profile</div>
+          <span class="card-value" id="profile-updated-at" style="font-size: 11px; color: var(--text-secondary);">\u2014</span>
+        </div>
+        <div class="profile-cards" id="profile-cards">
+          <div class="profile-card" data-feature="audit_logging">
+            <div class="profile-card-name">Audit Logging</div>
+            <div class="profile-badge disabled" id="badge-audit_logging">OFF</div>
+            <div class="profile-card-desc">Encrypted audit trail of all tool calls</div>
+          </div>
+          <div class="profile-card" data-feature="injection_detection">
+            <div class="profile-card-name">Injection Detection</div>
+            <div class="profile-badge disabled" id="badge-injection_detection">OFF</div>
+            <div class="profile-card-desc">Scans tool arguments for prompt injection</div>
+          </div>
+          <div class="profile-card" data-feature="context_gating">
+            <div class="profile-card-name">Context Gating</div>
+            <div class="profile-badge disabled" id="badge-context_gating">OFF</div>
+            <div class="profile-card-desc">Controls context flow to remote providers</div>
+          </div>
+          <div class="profile-card" data-feature="approval_gate">
+            <div class="profile-card-name">Approval Gates</div>
+            <div class="profile-badge disabled" id="badge-approval_gate">OFF</div>
+            <div class="profile-card-desc">Human approval for high-risk operations</div>
+          </div>
+          <div class="profile-card" data-feature="zk_proofs">
+            <div class="profile-card-name">ZK Proofs</div>
+            <div class="profile-badge disabled" id="badge-zk_proofs">OFF</div>
+            <div class="profile-card-desc">Prove claims without revealing data</div>
+          </div>
+        </div>
+        <div class="prompt-section">
+          <div class="prompt-actions">
+            <button class="prompt-btn primary" id="generate-prompt-btn">Generate System Prompt</button>
+            <button class="prompt-btn" id="copy-prompt-btn" style="display:none;">Copy</button>
+          </div>
+          <textarea class="prompt-textarea" id="system-prompt-output" readonly style="display:none;" placeholder="Click 'Generate System Prompt' to create an agent instruction snippet..."></textarea>
+        </div>
+      </div>
       <!-- Threat Panel -->
       <div class="threat-panel collapsed">
         <div class="threat-header">
@@ -5607,7 +5854,9 @@ function generateDashboardHTML(options) {
   <script>
     // Constants
-    const AUTH_TOKEN = '${options.authToken || ""}' || sessionStorage.getItem('authToken') || '';
+    // SEC-038: Do NOT embed the long-lived auth token in page source.
+    // Use only the session token stored in sessionStorage by the login flow.
+    const AUTH_TOKEN = sessionStorage.getItem('authToken') || '';
     const TIMEOUT_SECONDS = ${options.timeoutSeconds};
     const API_BASE = '';
@@ -5618,6 +5867,7 @@ function generateDashboardHTML(options) {
       handshakes: [],
       shr: null,
       status: null,
+      systemPrompt: null,
     };
     let pendingRequests = new Map();
@@ -6070,6 +6320,10 @@ function generateDashboardHTML(options) {
         removePendingRequest(data.requestId);
       });
+      eventSource.addEventListener('sovereignty-profile-update', () => {
+        updateSovereigntyProfile();
+      });
       eventSource.onerror = () => {
         console.error('SSE error');
         setTimeout(setupSSE, 5000);
@@ -6226,6 +6480,58 @@ function generateDashboardHTML(options) {
       document.getElementById('pending-overlay').classList.toggle('show');
     });
+    // Sovereignty Profile
+    async function updateSovereigntyProfile() {
+      try {
+        const data = await fetchAPI('/api/sovereignty-profile');
+        if (data && data.profile) {
+          const features = data.profile.features;
+          for (const [key, value] of Object.entries(features)) {
+            const badge = document.getElementById('badge-' + key);
+            if (badge) {
+              const enabled = value && value.enabled;
+              badge.textContent = enabled ? 'ON' : 'OFF';
+              badge.className = 'profile-badge ' + (enabled ? 'enabled' : 'disabled');
+            }
+          }
+          const updatedEl = document.getElementById('profile-updated-at');
+          if (updatedEl && data.profile.updated_at) {
+            updatedEl.textContent = 'Updated: ' + new Date(data.profile.updated_at).toLocaleString();
+          }
+          // Cache the prompt
+          if (data.system_prompt) {
+            apiState.systemPrompt = data.system_prompt;
+          }
+        }
+      } catch (e) {
+        // Profile not available
+      }
+    }
+    document.getElementById('generate-prompt-btn').addEventListener('click', async () => {
+      const data = await fetchAPI('/api/sovereignty-profile');
+      if (data && data.system_prompt) {
+        const textarea = document.getElementById('system-prompt-output');
+        const copyBtn = document.getElementById('copy-prompt-btn');
+        textarea.value = data.system_prompt;
+        textarea.style.display = 'block';
+        copyBtn.style.display = 'inline-flex';
+      }
+    });
+    document.getElementById('copy-prompt-btn').addEventListener('click', async () => {
+      const textarea = document.getElementById('system-prompt-output');
+      try {
+        await navigator.clipboard.writeText(textarea.value);
+        const btn = document.getElementById('copy-prompt-btn');
+        const original = btn.textContent;
+        btn.textContent = 'Copied!';
+        setTimeout(() => { btn.textContent = original; }, 2000);
+      } catch (err) {
+        console.error('Copy failed:', err);
+      }
+    });
     // Initialize
     async function initialize() {
       if (!AUTH_TOKEN) {
@@ -6240,6 +6546,7 @@ function generateDashboardHTML(options) {
         updateHandshakes(),
         updateSHR(),
         updateStatus(),
+        updateSovereigntyProfile(),
       ]);
       // Setup SSE for real-time updates
@@ -6256,6 +6563,80 @@ function generateDashboardHTML(options) {
 </html>`;
 }
+// src/system-prompt-generator.ts
+var FEATURE_INFO = {
+  audit_logging: {
+    name: "Audit Logging",
+    activeDescription: "All your tool calls are logged to an encrypted audit trail. No action needed \u2014 this is automatic.",
+    disabledDescription: "audit logging (sanctuary/monitor_audit_log)"
+  },
+  injection_detection: {
+    name: "Injection Detection",
+    activeDescription: "Your tool call arguments are scanned for prompt injection attempts. No action needed \u2014 this is automatic.",
+    disabledDescription: "injection detection"
+  },
+  context_gating: {
+    name: "Context Gating",
+    activeDescription: "Before making outbound calls to remote providers, filter your context through sanctuary/context_gate_filter to ensure minimum-necessary disclosure.",
+    toolNames: ["sanctuary/context_gate_filter", "sanctuary/context_gate_set_policy"],
+    disabledDescription: "context gating (sanctuary/context_gate_filter)"
+  },
+  approval_gate: {
+    name: "Approval Gates",
+    activeDescription: "High-risk operations require human approval before execution. Tier 1 operations always require approval; Tier 2 operations trigger approval on anomaly detection.",
+    disabledDescription: "approval gates"
+  },
+  zk_proofs: {
+    name: "Zero-Knowledge Proofs",
+    activeDescription: "You can prove claims about your data without revealing the underlying values. Use sanctuary/zk_commit to create commitments, sanctuary/zk_prove for proofs of knowledge, and sanctuary/zk_range_prove for range proofs.",
+    toolNames: ["sanctuary/zk_commit", "sanctuary/zk_prove", "sanctuary/zk_range_prove"],
+    disabledDescription: "zero-knowledge proofs (sanctuary/zk_commit, sanctuary/zk_prove)"
+  }
+};
+function generateSystemPrompt(profile) {
+  const activeFeatures = [];
+  const inactiveFeatures = [];
+  const featureKeys = [
+    "audit_logging",
+    "injection_detection",
+    "context_gating",
+    "approval_gate",
+    "zk_proofs"
+  ];
+  for (const key of featureKeys) {
+    const featureConfig = profile.features[key];
+    const info = FEATURE_INFO[key];
+    if (featureConfig.enabled) {
+      let desc = `- ${info.name}: ${info.activeDescription}`;
+      if (key === "injection_detection" && "sensitivity" in featureConfig && featureConfig.sensitivity) {
+        desc += ` Sensitivity: ${featureConfig.sensitivity}.`;
+      }
+      if (key === "context_gating" && "policy_id" in featureConfig && featureConfig.policy_id) {
+        desc += ` Active policy: ${featureConfig.policy_id}.`;
+      }
+      activeFeatures.push(desc);
+    } else {
+      inactiveFeatures.push(info.disabledDescription);
+    }
+  }
+  const lines = [
+    "You are protected by Sanctuary sovereignty infrastructure. The following protections are active:",
+    ""
+  ];
+  if (activeFeatures.length > 0) {
+    lines.push(...activeFeatures);
+  } else {
+    lines.push("- No features are currently enabled. Contact your operator to configure protections.");
+  }
+  if (inactiveFeatures.length > 0) {
+    lines.push("");
+    lines.push(
+      `Optional tools available but not currently enabled: ${inactiveFeatures.join(", ")}.`
+    );
+  }
+  return lines.join("\n");
+}
 // src/principal-policy/dashboard.ts
 var SESSION_TTL_REMOTE_MS = 5 * 60 * 1e3;
 var SESSION_TTL_LOCAL_MS = 24 * 60 * 60 * 1e3;
@@ -6276,6 +6657,7 @@ var DashboardApprovalChannel = class {
   handshakeResults = null;
   shrOpts = null;
   _sanctuaryConfig = null;
+  profileStore = null;
   dashboardHTML;
   loginHTML;
   authToken;
@@ -6315,6 +6697,7 @@ var DashboardApprovalChannel = class {
     if (deps.handshakeResults) this.handshakeResults = deps.handshakeResults;
     if (deps.shrOpts) this.shrOpts = deps.shrOpts;
     if (deps.sanctuaryConfig) this._sanctuaryConfig = deps.sanctuaryConfig;
+    if (deps.profileStore) this.profileStore = deps.profileStore;
   }
   /**
    * Mark this dashboard as running in standalone mode.
@@ -6662,6 +7045,10 @@ var DashboardApprovalChannel = class {
         this.handleHandshakes(res);
       } else if (method === "GET" && url.pathname === "/api/shr") {
         this.handleSHR(res);
+      } else if (method === "GET" && url.pathname === "/api/sovereignty-profile") {
+        this.handleSovereigntyProfileGet(res);
+      } else if (method === "POST" && url.pathname === "/api/sovereignty-profile") {
+        this.handleSovereigntyProfileUpdate(req, res);
       } else if (method === "POST" && url.pathname.startsWith("/api/approve/")) {
         if (!this.checkRateLimit(req, res, "decisions")) return;
         const id = url.pathname.slice("/api/approve/".length);
@@ -6953,6 +7340,61 @@ data: ${JSON.stringify(initData)}
     res.writeHead(200, { "Content-Type": "application/json" });
     res.end(JSON.stringify(shr));
   }
+  // ── Sovereignty Profile API ─────────────────────────────────────────
+  handleSovereigntyProfileGet(res) {
+    if (!this.profileStore) {
+      res.writeHead(200, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ error: "Sovereignty Profile not available" }));
+      return;
+    }
+    try {
+      const profile = this.profileStore.get();
+      const prompt = generateSystemPrompt(profile);
+      res.writeHead(200, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ profile, system_prompt: prompt }));
+    } catch {
+      res.writeHead(500, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ error: "Failed to read sovereignty profile" }));
+    }
+  }
+  handleSovereigntyProfileUpdate(req, res) {
+    if (!this.profileStore) {
+      res.writeHead(400, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ error: "Sovereignty Profile not available" }));
+      return;
+    }
+    let body = "";
+    let destroyed = false;
+    req.on("data", (chunk) => {
+      body += chunk.toString();
+      if (body.length > 16384) {
+        destroyed = true;
+        res.writeHead(413, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "Request body too large" }));
+        req.destroy();
+      }
+    });
+    req.on("end", async () => {
+      if (destroyed) return;
+      try {
+        const updates = JSON.parse(body);
+        const updated = await this.profileStore.update(updates);
+        const prompt = generateSystemPrompt(updated);
+        if (this.auditLog) {
+          this.auditLog.append("l2", "sovereignty_profile_update_dashboard", "dashboard", {
+            changes: updates,
+            features_enabled: Object.entries(updated.features).filter(([, v]) => v.enabled).map(([k]) => k)
+          });
+        }
+        this.broadcastSSE("sovereignty-profile-update", { profile: updated, system_prompt: prompt });
+        res.writeHead(200, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ profile: updated, system_prompt: prompt }));
+      } catch {
+        res.writeHead(400, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "Invalid JSON body" }));
+      }
+    });
+  }
   // ── SSE Broadcasting ────────────────────────────────────────────────
   broadcastSSE(event, data) {
     const message = `event: ${event}
@@ -8120,6 +8562,7 @@ function createPrincipalPolicyTools(policy, baseline, auditLog) {
 }
 // src/shr/verifier.ts
+init_identity();
 init_encoding();
 function verifySHR(shr, now) {
   const errors = [];
@@ -8542,7 +8985,9 @@ function createSHRTools(config, identityManager, masterKey, auditLog) {
 }
 // src/handshake/protocol.ts
+init_identity();
 init_encoding();
+init_random();
 function generateNonce() {
   return toBase64url(randomBytes(32));
 }
@@ -8709,7 +9154,9 @@ function deriveTrustTier(level) {
 }
 // src/handshake/attestation.ts
+init_identity();
 init_encoding();
+init_identity();
 init_encoding();
 var ATTESTATION_VERSION = "1.0";
 function deriveTrustTier2(level) {
@@ -9502,10 +9949,13 @@ function createFederationTools(auditLog, handshakeResults) {
 // src/bridge/tools.ts
 init_encoding();
+init_encryption();
 init_encoding();
 // src/bridge/bridge.ts
+init_identity();
 init_encoding();
+init_random();
 init_hashing();
 function canonicalize(outcome) {
   return stringToBytes(stableStringify(outcome));
@@ -10656,7 +11106,9 @@ function createAuditTools(config) {
 }
 // src/l2-operational/context-gate.ts
+init_encryption();
 init_encoding();
+init_random();
 init_hashing();
 var MAX_CONTEXT_FIELDS = 1e3;
 var MAX_POLICY_RULES = 50;
@@ -12625,7 +13077,272 @@ function createL2HardeningTools(storagePath, auditLog) {
   ];
 }
+// src/sovereignty-profile.ts
+init_encryption();
+init_encoding();
+var NAMESPACE = "_sovereignty_profile";
+var PROFILE_KEY = "active";
+var HKDF_DOMAIN = "sovereignty-profile";
+function createDefaultProfile() {
+  return {
+    version: 1,
+    features: {
+      audit_logging: { enabled: true },
+      injection_detection: { enabled: true },
+      context_gating: { enabled: false },
+      approval_gate: { enabled: false },
+      zk_proofs: { enabled: false }
+    },
+    updated_at: (/* @__PURE__ */ new Date()).toISOString()
+  };
+}
+var SovereigntyProfileStore = class {
+  storage;
+  encryptionKey;
+  profile = null;
+  constructor(storage, masterKey) {
+    this.storage = storage;
+    this.encryptionKey = derivePurposeKey(masterKey, HKDF_DOMAIN);
+  }
+  /**
+   * Load the active sovereignty profile from encrypted storage.
+   * Creates the default profile on first run.
+   */
+  async load() {
+    if (this.profile) return this.profile;
+    const raw = await this.storage.read(NAMESPACE, PROFILE_KEY);
+    if (raw) {
+      try {
+        const encrypted = JSON.parse(bytesToString(raw));
+        const decrypted = decrypt(encrypted, this.encryptionKey);
+        this.profile = JSON.parse(bytesToString(decrypted));
+        return this.profile;
+      } catch {
+      }
+    }
+    this.profile = createDefaultProfile();
+    await this.persist();
+    return this.profile;
+  }
+  /**
+   * Get the current profile. Must call load() first.
+   */
+  get() {
+    if (!this.profile) {
+      throw new Error("SovereigntyProfileStore: call load() before get()");
+    }
+    return this.profile;
+  }
+  /**
+   * Apply a partial update to the profile.
+   * Returns the updated profile.
+   */
+  async update(updates) {
+    if (!this.profile) {
+      await this.load();
+    }
+    const features = this.profile.features;
+    if (updates.audit_logging !== void 0) {
+      if (updates.audit_logging.enabled !== void 0) {
+        if (typeof updates.audit_logging.enabled !== "boolean") {
+          throw new Error("audit_logging.enabled must be a boolean");
+        }
+        features.audit_logging.enabled = updates.audit_logging.enabled;
+      }
+    }
+    if (updates.injection_detection !== void 0) {
+      if (updates.injection_detection.enabled !== void 0) {
+        if (typeof updates.injection_detection.enabled !== "boolean") {
+          throw new Error("injection_detection.enabled must be a boolean");
+        }
+        features.injection_detection.enabled = updates.injection_detection.enabled;
+      }
+      if (updates.injection_detection.sensitivity !== void 0) {
+        const valid = ["low", "medium", "high"];
+        if (!valid.includes(updates.injection_detection.sensitivity)) {
+          throw new Error("injection_detection.sensitivity must be low, medium, or high");
+        }
+        features.injection_detection.sensitivity = updates.injection_detection.sensitivity;
+      }
+    }
+    if (updates.context_gating !== void 0) {
+      if (updates.context_gating.enabled !== void 0) {
+        if (typeof updates.context_gating.enabled !== "boolean") {
+          throw new Error("context_gating.enabled must be a boolean");
+        }
+        features.context_gating.enabled = updates.context_gating.enabled;
+      }
+      if (updates.context_gating.policy_id !== void 0) {
+        if (typeof updates.context_gating.policy_id !== "string" || updates.context_gating.policy_id.length > 256) {
+          throw new Error("context_gating.policy_id must be a string of 256 characters or fewer");
+        }
+        features.context_gating.policy_id = updates.context_gating.policy_id;
+      }
+    }
+    if (updates.approval_gate !== void 0) {
+      if (updates.approval_gate.enabled !== void 0) {
+        if (typeof updates.approval_gate.enabled !== "boolean") {
+          throw new Error("approval_gate.enabled must be a boolean");
+        }
+        features.approval_gate.enabled = updates.approval_gate.enabled;
+      }
+    }
+    if (updates.zk_proofs !== void 0) {
+      if (updates.zk_proofs.enabled !== void 0) {
+        if (typeof updates.zk_proofs.enabled !== "boolean") {
+          throw new Error("zk_proofs.enabled must be a boolean");
+        }
+        features.zk_proofs.enabled = updates.zk_proofs.enabled;
+      }
+    }
+    this.profile.updated_at = (/* @__PURE__ */ new Date()).toISOString();
+    await this.persist();
+    return this.profile;
+  }
+  /**
+   * Persist the current profile to encrypted storage.
+   */
+  async persist() {
+    const serialized = stringToBytes(JSON.stringify(this.profile));
+    const encrypted = encrypt(serialized, this.encryptionKey);
+    await this.storage.write(
+      NAMESPACE,
+      PROFILE_KEY,
+      stringToBytes(JSON.stringify(encrypted))
+    );
+  }
+};
+// src/sovereignty-profile-tools.ts
+function createSovereigntyProfileTools(profileStore, auditLog) {
+  const tools = [
+    // ── Get Profile ──────────────────────────────────────────────────
+    {
+      name: "sanctuary/sovereignty_profile_get",
+      description: "Get the current Sovereignty Profile \u2014 shows which Sanctuary features are active (audit logging, injection detection, context gating, approval gates, ZK proofs) and their configuration.",
+      inputSchema: {
+        type: "object",
+        properties: {}
+      },
+      handler: async () => {
+        const profile = profileStore.get();
+        auditLog.append("l2", "sovereignty_profile_get", "system", {
+          features_enabled: Object.entries(profile.features).filter(([, v]) => v.enabled).map(([k]) => k)
+        });
+        return toolResult({
+          profile,
+          message: "Current Sovereignty Profile. Use sovereignty_profile_update to change settings."
+        });
+      }
+    },
+    // ── Update Profile ───────────────────────────────────────────────
+    {
+      name: "sanctuary/sovereignty_profile_update",
+      description: "Update the Sovereignty Profile feature toggles. This changes which Sanctuary protections are active. Requires human approval (Tier 1) because it modifies enforcement behavior. Pass only the features you want to change \u2014 unspecified features remain unchanged.",
+      inputSchema: {
+        type: "object",
+        properties: {
+          audit_logging: {
+            type: "object",
+            properties: {
+              enabled: { type: "boolean" }
+            },
+            description: "Toggle audit logging on/off"
+          },
+          injection_detection: {
+            type: "object",
+            properties: {
+              enabled: { type: "boolean" },
+              sensitivity: {
+                type: "string",
+                enum: ["low", "medium", "high"],
+                description: "Detection sensitivity threshold"
+              }
+            },
+            description: "Toggle injection detection and set sensitivity"
+          },
+          context_gating: {
+            type: "object",
+            properties: {
+              enabled: { type: "boolean" },
+              policy_id: {
+                type: "string",
+                description: "ID of the context-gating policy to use"
+              }
+            },
+            description: "Toggle context gating and set active policy"
+          },
+          approval_gate: {
+            type: "object",
+            properties: {
+              enabled: { type: "boolean" }
+            },
+            description: "Toggle approval gates on/off"
+          },
+          zk_proofs: {
+            type: "object",
+            properties: {
+              enabled: { type: "boolean" }
+            },
+            description: "Toggle zero-knowledge proofs on/off"
+          }
+        }
+      },
+      handler: async (args) => {
+        const updates = {};
+        if (args.audit_logging !== void 0) {
+          updates.audit_logging = args.audit_logging;
+        }
+        if (args.injection_detection !== void 0) {
+          updates.injection_detection = args.injection_detection;
+        }
+        if (args.context_gating !== void 0) {
+          updates.context_gating = args.context_gating;
+        }
+        if (args.approval_gate !== void 0) {
+          updates.approval_gate = args.approval_gate;
+        }
+        if (args.zk_proofs !== void 0) {
+          updates.zk_proofs = args.zk_proofs;
+        }
+        const updated = await profileStore.update(updates);
+        auditLog.append("l2", "sovereignty_profile_update", "system", {
+          changes: updates,
+          features_enabled: Object.entries(updated.features).filter(([, v]) => v.enabled).map(([k]) => k)
+        });
+        return toolResult({
+          profile: updated,
+          message: "Sovereignty Profile updated. Changes take effect immediately."
+        });
+      }
+    },
+    // ── Generate System Prompt ───────────────────────────────────────
+    {
+      name: "sanctuary/sovereignty_profile_generate_prompt",
+      description: "Generate a system prompt snippet based on the active Sovereignty Profile. The snippet instructs an agent on which Sanctuary features are active and how to use them. Copy and paste this into your agent's system configuration.",
+      inputSchema: {
+        type: "object",
+        properties: {}
+      },
+      handler: async () => {
+        const profile = profileStore.get();
+        const prompt = generateSystemPrompt(profile);
+        auditLog.append("l2", "sovereignty_profile_generate_prompt", "system", {
+          features_enabled: Object.entries(profile.features).filter(([, v]) => v.enabled).map(([k]) => k)
+        });
+        return toolResult({
+          system_prompt: prompt,
+          token_estimate: Math.ceil(prompt.length / 4),
+          message: "Copy the system_prompt text above and paste it into your agent's system configuration. It will update dynamically as you toggle features."
+        });
+      }
+    }
+  ];
+  return { tools };
+}
 // src/index.ts
+init_random();
 init_encoding();
 // src/l2-operational/model-provenance.ts
@@ -13132,6 +13849,9 @@ async function createSanctuaryServer(options) {
   const { tools: auditTools } = createAuditTools(config);
   const { tools: contextGateTools, enforcer: contextGateEnforcer } = createContextGateTools(storage, masterKey, auditLog);
   const hardeningTools = createL2HardeningTools(config.storage_path, auditLog);
+  const profileStore = new SovereigntyProfileStore(storage, masterKey);
+  await profileStore.load();
+  const { tools: profileTools } = createSovereigntyProfileTools(profileStore, auditLog);
   const policy = await loadPrincipalPolicy(config.storage_path);
   const baseline = new BaselineTracker(storage, masterKey);
   await baseline.load();
@@ -13159,7 +13879,8 @@ async function createSanctuaryServer(options) {
       identityManager,
       handshakeResults,
       shrOpts: { config, identityManager, masterKey },
-      sanctuaryConfig: config
+      sanctuaryConfig: config,
+      profileStore
     });
     await dashboard.start();
     approvalChannel = dashboard;
@@ -13236,6 +13957,7 @@ async function createSanctuaryServer(options) {
     ...auditTools,
     ...contextGateTools,
     ...hardeningTools,
+    ...profileTools,
     ...dashboardTools,
     manifestTool
   ];
@@ -13285,6 +14007,7 @@ exports.MODEL_PRESETS = MODEL_PRESETS;
 exports.MemoryStorage = MemoryStorage;
 exports.PolicyStore = PolicyStore;
 exports.ReputationStore = ReputationStore;
+exports.SovereigntyProfileStore = SovereigntyProfileStore;
 exports.StateStore = StateStore;
 exports.StderrApprovalChannel = StderrApprovalChannel;
 exports.TIER_WEIGHTS = TIER_WEIGHTS;
@@ -13294,6 +14017,7 @@ exports.classifyField = classifyField;
 exports.completeHandshake = completeHandshake;
 exports.computeWeightedScore = computeWeightedScore;
 exports.createBridgeCommitment = createBridgeCommitment;
+exports.createDefaultProfile = createDefaultProfile;
 exports.createPedersenCommitment = createPedersenCommitment;
 exports.createProofOfKnowledge = createProofOfKnowledge;
 exports.createRangeProof = createRangeProof;
@@ -13302,6 +14026,7 @@ exports.evaluateField = evaluateField;
 exports.filterContext = filterContext;
 exports.generateAttestation = generateAttestation;
 exports.generateSHR = generateSHR;
+exports.generateSystemPrompt = generateSystemPrompt;
 exports.getTemplate = getTemplate;
 exports.initiateHandshake = initiateHandshake;
 exports.listTemplateIds = listTemplateIds;