@sanctuary-framework/mcp-server 0.5.13 → 0.5.14

package/dist/index.js

@@ -745,7 +745,9 @@ var RESERVED_NAMESPACE_PREFIXES = [
   "_bridge",
   "_federation",
   "_handshake",
-  "_shr"
+  "_shr",
+  "_sovereignty_profile",
+  "_context_gate_policies"
 ];
 var StateStore = class {
   storage;
@@ -1286,7 +1288,9 @@ var RESERVED_NAMESPACE_PREFIXES2 = [
   "_bridge",
   "_federation",
   "_handshake",
-  "_shr"
+  "_shr",
+  "_sovereignty_profile",
+  "_context_gate_policies"
 ];
 function getReservedNamespaceViolation(namespace) {
   for (const prefix of RESERVED_NAMESPACE_PREFIXES2) {
@@ -3810,8 +3814,10 @@ var DEFAULT_POLICY = {
     "reputation_export",
     "bootstrap_provide_guarantee",
     "decommission_certificate",
-    "reputation_publish"
+    "reputation_publish",
     // SEC-039: Explicit Tier 1 — sends data to external API
+    "sovereignty_profile_update"
+    // Changes enforcement behavior — always requires approval
   ],
   tier2_anomaly: DEFAULT_TIER2,
   tier3_always_allow: [
@@ -3864,8 +3870,10 @@ var DEFAULT_POLICY = {
     "bridge_commit",
     "bridge_verify",
     "bridge_attest",
-    "dashboard_open"
+    "dashboard_open",
     // SEC-039: Explicit Tier 3 — only generates a URL
+    "sovereignty_profile_get",
+    "sovereignty_profile_generate_prompt"
   ],
   approval_channel: DEFAULT_CHANNEL
 };
@@ -3974,6 +3982,7 @@ tier1_always_approve:
   - reputation_export
   - bootstrap_provide_guarantee
   - reputation_publish
+  - sovereignty_profile_update
 
 # \u2500\u2500\u2500 Tier 2: Behavioral Anomaly Detection \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500
 # Triggers approval when agent behavior deviates from its baseline.
@@ -4037,6 +4046,8 @@ tier3_always_allow:
   - bridge_verify
   - bridge_attest
   - dashboard_open
+  - sovereignty_profile_get
+  - sovereignty_profile_generate_prompt
 
 # \u2500\u2500\u2500 Approval Channel \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500
 # How Sanctuary reaches you when approval is needed.
@@ -5312,6 +5323,133 @@ function generateDashboardHTML(options) {
       background-color: #e03c3c;
     }
 
+    /* Sovereignty Profile Panel */
+    .profile-panel {
+      background-color: var(--surface);
+      border: 1px solid var(--border);
+      border-radius: 8px;
+      padding: 20px;
+    }
+
+    .profile-panel .panel-header {
+      display: flex;
+      justify-content: space-between;
+      align-items: center;
+      margin-bottom: 16px;
+    }
+
+    .profile-panel .panel-title {
+      font-size: 14px;
+      font-weight: 600;
+      color: var(--text-primary);
+    }
+
+    .profile-cards {
+      display: grid;
+      grid-template-columns: repeat(5, 1fr);
+      gap: 12px;
+      margin-bottom: 16px;
+    }
+
+    .profile-card {
+      background-color: var(--bg);
+      border: 1px solid var(--border);
+      border-radius: 6px;
+      padding: 14px;
+      display: flex;
+      flex-direction: column;
+      gap: 8px;
+    }
+
+    .profile-card-name {
+      font-size: 12px;
+      font-weight: 600;
+      color: var(--text-primary);
+    }
+
+    .profile-card-desc {
+      font-size: 11px;
+      color: var(--text-secondary);
+      line-height: 1.4;
+    }
+
+    .profile-badge {
+      display: inline-flex;
+      align-items: center;
+      gap: 4px;
+      padding: 2px 8px;
+      border-radius: 4px;
+      font-size: 10px;
+      font-weight: 600;
+      width: fit-content;
+    }
+
+    .profile-badge.enabled {
+      background-color: rgba(63, 185, 80, 0.15);
+      color: var(--green);
+    }
+
+    .profile-badge.disabled {
+      background-color: rgba(139, 148, 158, 0.15);
+      color: var(--text-secondary);
+    }
+
+    .prompt-section {
+      margin-top: 12px;
+    }
+
+    .prompt-textarea {
+      width: 100%;
+      min-height: 120px;
+      background-color: var(--bg);
+      border: 1px solid var(--border);
+      border-radius: 6px;
+      color: var(--text-primary);
+      font-family: 'JetBrains Mono', monospace;
+      font-size: 12px;
+      padding: 12px;
+      resize: vertical;
+      margin-top: 8px;
+    }
+
+    .prompt-actions {
+      display: flex;
+      gap: 8px;
+      margin-top: 8px;
+    }
+
+    .prompt-btn {
+      padding: 6px 12px;
+      border: 1px solid var(--border);
+      border-radius: 4px;
+      background-color: var(--surface);
+      color: var(--text-primary);
+      font-size: 12px;
+      cursor: pointer;
+    }
+
+    .prompt-btn:hover {
+      background-color: var(--muted);
+    }
+
+    .prompt-btn.primary {
+      background-color: var(--blue);
+      color: var(--bg);
+      border-color: var(--blue);
+    }
+
+    @media (max-width: 900px) {
+      .profile-cards {
+        grid-template-columns: repeat(2, 1fr);
+      }
+    }
+
+    @media (max-width: 500px) {
+      .profile-cards {
+        grid-template-columns: 1fr;
+      }
+    }
+
     /* Threat Panel */
     .threat-panel {
       background-color: var(--surface);
@@ -5650,6 +5788,48 @@ function generateDashboardHTML(options) {
         </div>
       </div>
 
+      <!-- Sovereignty Profile Panel -->
+      <div class="profile-panel" id="sovereignty-profile-panel">
+        <div class="panel-header">
+          <div class="panel-title">Sovereignty Profile</div>
+          <span class="card-value" id="profile-updated-at" style="font-size: 11px; color: var(--text-secondary);">\u2014</span>
+        </div>
+        <div class="profile-cards" id="profile-cards">
+          <div class="profile-card" data-feature="audit_logging">
+            <div class="profile-card-name">Audit Logging</div>
+            <div class="profile-badge disabled" id="badge-audit_logging">OFF</div>
+            <div class="profile-card-desc">Encrypted audit trail of all tool calls</div>
+          </div>
+          <div class="profile-card" data-feature="injection_detection">
+            <div class="profile-card-name">Injection Detection</div>
+            <div class="profile-badge disabled" id="badge-injection_detection">OFF</div>
+            <div class="profile-card-desc">Scans tool arguments for prompt injection</div>
+          </div>
+          <div class="profile-card" data-feature="context_gating">
+            <div class="profile-card-name">Context Gating</div>
+            <div class="profile-badge disabled" id="badge-context_gating">OFF</div>
+            <div class="profile-card-desc">Controls context flow to remote providers</div>
+          </div>
+          <div class="profile-card" data-feature="approval_gate">
+            <div class="profile-card-name">Approval Gates</div>
+            <div class="profile-badge disabled" id="badge-approval_gate">OFF</div>
+            <div class="profile-card-desc">Human approval for high-risk operations</div>
+          </div>
+          <div class="profile-card" data-feature="zk_proofs">
+            <div class="profile-card-name">ZK Proofs</div>
+            <div class="profile-badge disabled" id="badge-zk_proofs">OFF</div>
+            <div class="profile-card-desc">Prove claims without revealing data</div>
+          </div>
+        </div>
+        <div class="prompt-section">
+          <div class="prompt-actions">
+            <button class="prompt-btn primary" id="generate-prompt-btn">Generate System Prompt</button>
+            <button class="prompt-btn" id="copy-prompt-btn" style="display:none;">Copy</button>
+          </div>
+          <textarea class="prompt-textarea" id="system-prompt-output" readonly style="display:none;" placeholder="Click 'Generate System Prompt' to create an agent instruction snippet..."></textarea>
+        </div>
+      </div>
+
       <!-- Threat Panel -->
       <div class="threat-panel collapsed">
         <div class="threat-header">
@@ -5684,6 +5864,7 @@ function generateDashboardHTML(options) {
       handshakes: [],
       shr: null,
       status: null,
+      systemPrompt: null,
     };
 
     let pendingRequests = new Map();
@@ -6136,6 +6317,10 @@ function generateDashboardHTML(options) {
         removePendingRequest(data.requestId);
       });
 
+      eventSource.addEventListener('sovereignty-profile-update', () => {
+        updateSovereigntyProfile();
+      });
+
       eventSource.onerror = () => {
         console.error('SSE error');
         setTimeout(setupSSE, 5000);
@@ -6292,6 +6477,58 @@ function generateDashboardHTML(options) {
       document.getElementById('pending-overlay').classList.toggle('show');
     });
 
+    // Sovereignty Profile
+    async function updateSovereigntyProfile() {
+      try {
+        const data = await fetchAPI('/api/sovereignty-profile');
+        if (data && data.profile) {
+          const features = data.profile.features;
+          for (const [key, value] of Object.entries(features)) {
+            const badge = document.getElementById('badge-' + key);
+            if (badge) {
+              const enabled = value && value.enabled;
+              badge.textContent = enabled ? 'ON' : 'OFF';
+              badge.className = 'profile-badge ' + (enabled ? 'enabled' : 'disabled');
+            }
+          }
+          const updatedEl = document.getElementById('profile-updated-at');
+          if (updatedEl && data.profile.updated_at) {
+            updatedEl.textContent = 'Updated: ' + new Date(data.profile.updated_at).toLocaleString();
+          }
+          // Cache the prompt
+          if (data.system_prompt) {
+            apiState.systemPrompt = data.system_prompt;
+          }
+        }
+      } catch (e) {
+        // Profile not available
+      }
+    }
+
+    document.getElementById('generate-prompt-btn').addEventListener('click', async () => {
+      const data = await fetchAPI('/api/sovereignty-profile');
+      if (data && data.system_prompt) {
+        const textarea = document.getElementById('system-prompt-output');
+        const copyBtn = document.getElementById('copy-prompt-btn');
+        textarea.value = data.system_prompt;
+        textarea.style.display = 'block';
+        copyBtn.style.display = 'inline-flex';
+      }
+    });
+
+    document.getElementById('copy-prompt-btn').addEventListener('click', async () => {
+      const textarea = document.getElementById('system-prompt-output');
+      try {
+        await navigator.clipboard.writeText(textarea.value);
+        const btn = document.getElementById('copy-prompt-btn');
+        const original = btn.textContent;
+        btn.textContent = 'Copied!';
+        setTimeout(() => { btn.textContent = original; }, 2000);
+      } catch (err) {
+        console.error('Copy failed:', err);
+      }
+    });
+
     // Initialize
     async function initialize() {
       if (!AUTH_TOKEN) {
@@ -6306,6 +6543,7 @@ function generateDashboardHTML(options) {
         updateHandshakes(),
         updateSHR(),
         updateStatus(),
+        updateSovereigntyProfile(),
       ]);
 
       // Setup SSE for real-time updates
@@ -6322,6 +6560,80 @@ function generateDashboardHTML(options) {
 </html>`;
 }
 
+// src/system-prompt-generator.ts
+var FEATURE_INFO = {
+  audit_logging: {
+    name: "Audit Logging",
+    activeDescription: "All your tool calls are logged to an encrypted audit trail. No action needed \u2014 this is automatic.",
+    disabledDescription: "audit logging (sanctuary/monitor_audit_log)"
+  },
+  injection_detection: {
+    name: "Injection Detection",
+    activeDescription: "Your tool call arguments are scanned for prompt injection attempts. No action needed \u2014 this is automatic.",
+    disabledDescription: "injection detection"
+  },
+  context_gating: {
+    name: "Context Gating",
+    activeDescription: "Before making outbound calls to remote providers, filter your context through sanctuary/context_gate_filter to ensure minimum-necessary disclosure.",
+    toolNames: ["sanctuary/context_gate_filter", "sanctuary/context_gate_set_policy"],
+    disabledDescription: "context gating (sanctuary/context_gate_filter)"
+  },
+  approval_gate: {
+    name: "Approval Gates",
+    activeDescription: "High-risk operations require human approval before execution. Tier 1 operations always require approval; Tier 2 operations trigger approval on anomaly detection.",
+    disabledDescription: "approval gates"
+  },
+  zk_proofs: {
+    name: "Zero-Knowledge Proofs",
+    activeDescription: "You can prove claims about your data without revealing the underlying values. Use sanctuary/zk_commit to create commitments, sanctuary/zk_prove for proofs of knowledge, and sanctuary/zk_range_prove for range proofs.",
+    toolNames: ["sanctuary/zk_commit", "sanctuary/zk_prove", "sanctuary/zk_range_prove"],
+    disabledDescription: "zero-knowledge proofs (sanctuary/zk_commit, sanctuary/zk_prove)"
+  }
+};
+function generateSystemPrompt(profile) {
+  const activeFeatures = [];
+  const inactiveFeatures = [];
+  const featureKeys = [
+    "audit_logging",
+    "injection_detection",
+    "context_gating",
+    "approval_gate",
+    "zk_proofs"
+  ];
+  for (const key of featureKeys) {
+    const featureConfig = profile.features[key];
+    const info = FEATURE_INFO[key];
+    if (featureConfig.enabled) {
+      let desc = `- ${info.name}: ${info.activeDescription}`;
+      if (key === "injection_detection" && "sensitivity" in featureConfig && featureConfig.sensitivity) {
+        desc += ` Sensitivity: ${featureConfig.sensitivity}.`;
+      }
+      if (key === "context_gating" && "policy_id" in featureConfig && featureConfig.policy_id) {
+        desc += ` Active policy: ${featureConfig.policy_id}.`;
+      }
+      activeFeatures.push(desc);
+    } else {
+      inactiveFeatures.push(info.disabledDescription);
+    }
+  }
+  const lines = [
+    "You are protected by Sanctuary sovereignty infrastructure. The following protections are active:",
+    ""
+  ];
+  if (activeFeatures.length > 0) {
+    lines.push(...activeFeatures);
+  } else {
+    lines.push("- No features are currently enabled. Contact your operator to configure protections.");
+  }
+  if (inactiveFeatures.length > 0) {
+    lines.push("");
+    lines.push(
+      `Optional tools available but not currently enabled: ${inactiveFeatures.join(", ")}.`
+    );
+  }
+  return lines.join("\n");
+}
+
 // src/principal-policy/dashboard.ts
 var SESSION_TTL_REMOTE_MS = 5 * 60 * 1e3;
 var SESSION_TTL_LOCAL_MS = 24 * 60 * 60 * 1e3;
@@ -6342,6 +6654,7 @@ var DashboardApprovalChannel = class {
   handshakeResults = null;
   shrOpts = null;
   _sanctuaryConfig = null;
+  profileStore = null;
   dashboardHTML;
   loginHTML;
   authToken;
@@ -6381,6 +6694,7 @@ var DashboardApprovalChannel = class {
     if (deps.handshakeResults) this.handshakeResults = deps.handshakeResults;
     if (deps.shrOpts) this.shrOpts = deps.shrOpts;
     if (deps.sanctuaryConfig) this._sanctuaryConfig = deps.sanctuaryConfig;
+    if (deps.profileStore) this.profileStore = deps.profileStore;
   }
   /**
    * Mark this dashboard as running in standalone mode.
@@ -6728,6 +7042,10 @@ var DashboardApprovalChannel = class {
         this.handleHandshakes(res);
       } else if (method === "GET" && url.pathname === "/api/shr") {
         this.handleSHR(res);
+      } else if (method === "GET" && url.pathname === "/api/sovereignty-profile") {
+        this.handleSovereigntyProfileGet(res);
+      } else if (method === "POST" && url.pathname === "/api/sovereignty-profile") {
+        this.handleSovereigntyProfileUpdate(req, res);
       } else if (method === "POST" && url.pathname.startsWith("/api/approve/")) {
         if (!this.checkRateLimit(req, res, "decisions")) return;
         const id = url.pathname.slice("/api/approve/".length);
@@ -7019,6 +7337,61 @@ data: ${JSON.stringify(initData)}
     res.writeHead(200, { "Content-Type": "application/json" });
     res.end(JSON.stringify(shr));
   }
+  // ── Sovereignty Profile API ─────────────────────────────────────────
+  handleSovereigntyProfileGet(res) {
+    if (!this.profileStore) {
+      res.writeHead(200, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ error: "Sovereignty Profile not available" }));
+      return;
+    }
+    try {
+      const profile = this.profileStore.get();
+      const prompt = generateSystemPrompt(profile);
+      res.writeHead(200, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ profile, system_prompt: prompt }));
+    } catch {
+      res.writeHead(500, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ error: "Failed to read sovereignty profile" }));
+    }
+  }
+  handleSovereigntyProfileUpdate(req, res) {
+    if (!this.profileStore) {
+      res.writeHead(400, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ error: "Sovereignty Profile not available" }));
+      return;
+    }
+    let body = "";
+    let destroyed = false;
+    req.on("data", (chunk) => {
+      body += chunk.toString();
+      if (body.length > 16384) {
+        destroyed = true;
+        res.writeHead(413, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "Request body too large" }));
+        req.destroy();
+      }
+    });
+    req.on("end", async () => {
+      if (destroyed) return;
+      try {
+        const updates = JSON.parse(body);
+        const updated = await this.profileStore.update(updates);
+        const prompt = generateSystemPrompt(updated);
+        if (this.auditLog) {
+          this.auditLog.append("l2", "sovereignty_profile_update_dashboard", "dashboard", {
+            changes: updates,
+            features_enabled: Object.entries(updated.features).filter(([, v]) => v.enabled).map(([k]) => k)
+          });
+        }
+        this.broadcastSSE("sovereignty-profile-update", { profile: updated, system_prompt: prompt });
+        res.writeHead(200, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ profile: updated, system_prompt: prompt }));
+      } catch {
+        res.writeHead(400, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "Invalid JSON body" }));
+      }
+    });
+  }
   // ── SSE Broadcasting ────────────────────────────────────────────────
   broadcastSSE(event, data) {
     const message = `event: ${event}
@@ -12701,6 +13074,270 @@ function createL2HardeningTools(storagePath, auditLog) {
   ];
 }
 
+// src/sovereignty-profile.ts
+init_encryption();
+init_encoding();
+var NAMESPACE = "_sovereignty_profile";
+var PROFILE_KEY = "active";
+var HKDF_DOMAIN = "sovereignty-profile";
+function createDefaultProfile() {
+  return {
+    version: 1,
+    features: {
+      audit_logging: { enabled: true },
+      injection_detection: { enabled: true },
+      context_gating: { enabled: false },
+      approval_gate: { enabled: false },
+      zk_proofs: { enabled: false }
+    },
+    updated_at: (/* @__PURE__ */ new Date()).toISOString()
+  };
+}
+var SovereigntyProfileStore = class {
+  storage;
+  encryptionKey;
+  profile = null;
+  constructor(storage, masterKey) {
+    this.storage = storage;
+    this.encryptionKey = derivePurposeKey(masterKey, HKDF_DOMAIN);
+  }
+  /**
+   * Load the active sovereignty profile from encrypted storage.
+   * Creates the default profile on first run.
+   */
+  async load() {
+    if (this.profile) return this.profile;
+    const raw = await this.storage.read(NAMESPACE, PROFILE_KEY);
+    if (raw) {
+      try {
+        const encrypted = JSON.parse(bytesToString(raw));
+        const decrypted = decrypt(encrypted, this.encryptionKey);
+        this.profile = JSON.parse(bytesToString(decrypted));
+        return this.profile;
+      } catch {
+      }
+    }
+    this.profile = createDefaultProfile();
+    await this.persist();
+    return this.profile;
+  }
+  /**
+   * Get the current profile. Must call load() first.
+   */
+  get() {
+    if (!this.profile) {
+      throw new Error("SovereigntyProfileStore: call load() before get()");
+    }
+    return this.profile;
+  }
+  /**
+   * Apply a partial update to the profile.
+   * Returns the updated profile.
+   */
+  async update(updates) {
+    if (!this.profile) {
+      await this.load();
+    }
+    const features = this.profile.features;
+    if (updates.audit_logging !== void 0) {
+      if (updates.audit_logging.enabled !== void 0) {
+        if (typeof updates.audit_logging.enabled !== "boolean") {
+          throw new Error("audit_logging.enabled must be a boolean");
+        }
+        features.audit_logging.enabled = updates.audit_logging.enabled;
+      }
+    }
+    if (updates.injection_detection !== void 0) {
+      if (updates.injection_detection.enabled !== void 0) {
+        if (typeof updates.injection_detection.enabled !== "boolean") {
+          throw new Error("injection_detection.enabled must be a boolean");
+        }
+        features.injection_detection.enabled = updates.injection_detection.enabled;
+      }
+      if (updates.injection_detection.sensitivity !== void 0) {
+        const valid = ["low", "medium", "high"];
+        if (!valid.includes(updates.injection_detection.sensitivity)) {
+          throw new Error("injection_detection.sensitivity must be low, medium, or high");
+        }
+        features.injection_detection.sensitivity = updates.injection_detection.sensitivity;
+      }
+    }
+    if (updates.context_gating !== void 0) {
+      if (updates.context_gating.enabled !== void 0) {
+        if (typeof updates.context_gating.enabled !== "boolean") {
+          throw new Error("context_gating.enabled must be a boolean");
+        }
+        features.context_gating.enabled = updates.context_gating.enabled;
+      }
+      if (updates.context_gating.policy_id !== void 0) {
+        if (typeof updates.context_gating.policy_id !== "string" || updates.context_gating.policy_id.length > 256) {
+          throw new Error("context_gating.policy_id must be a string of 256 characters or fewer");
+        }
+        features.context_gating.policy_id = updates.context_gating.policy_id;
+      }
+    }
+    if (updates.approval_gate !== void 0) {
+      if (updates.approval_gate.enabled !== void 0) {
+        if (typeof updates.approval_gate.enabled !== "boolean") {
+          throw new Error("approval_gate.enabled must be a boolean");
+        }
+        features.approval_gate.enabled = updates.approval_gate.enabled;
+      }
+    }
+    if (updates.zk_proofs !== void 0) {
+      if (updates.zk_proofs.enabled !== void 0) {
+        if (typeof updates.zk_proofs.enabled !== "boolean") {
+          throw new Error("zk_proofs.enabled must be a boolean");
+        }
+        features.zk_proofs.enabled = updates.zk_proofs.enabled;
+      }
+    }
+    this.profile.updated_at = (/* @__PURE__ */ new Date()).toISOString();
+    await this.persist();
+    return this.profile;
+  }
+  /**
+   * Persist the current profile to encrypted storage.
+   */
+  async persist() {
+    const serialized = stringToBytes(JSON.stringify(this.profile));
+    const encrypted = encrypt(serialized, this.encryptionKey);
+    await this.storage.write(
+      NAMESPACE,
+      PROFILE_KEY,
+      stringToBytes(JSON.stringify(encrypted))
+    );
+  }
+};
+
+// src/sovereignty-profile-tools.ts
+function createSovereigntyProfileTools(profileStore, auditLog) {
+  const tools = [
+    // ── Get Profile ──────────────────────────────────────────────────
+    {
+      name: "sanctuary/sovereignty_profile_get",
+      description: "Get the current Sovereignty Profile \u2014 shows which Sanctuary features are active (audit logging, injection detection, context gating, approval gates, ZK proofs) and their configuration.",
+      inputSchema: {
+        type: "object",
+        properties: {}
+      },
+      handler: async () => {
+        const profile = profileStore.get();
+        auditLog.append("l2", "sovereignty_profile_get", "system", {
+          features_enabled: Object.entries(profile.features).filter(([, v]) => v.enabled).map(([k]) => k)
+        });
+        return toolResult({
+          profile,
+          message: "Current Sovereignty Profile. Use sovereignty_profile_update to change settings."
+        });
+      }
+    },
+    // ── Update Profile ───────────────────────────────────────────────
+    {
+      name: "sanctuary/sovereignty_profile_update",
+      description: "Update the Sovereignty Profile feature toggles. This changes which Sanctuary protections are active. Requires human approval (Tier 1) because it modifies enforcement behavior. Pass only the features you want to change \u2014 unspecified features remain unchanged.",
+      inputSchema: {
+        type: "object",
+        properties: {
+          audit_logging: {
+            type: "object",
+            properties: {
+              enabled: { type: "boolean" }
+            },
+            description: "Toggle audit logging on/off"
+          },
+          injection_detection: {
+            type: "object",
+            properties: {
+              enabled: { type: "boolean" },
+              sensitivity: {
+                type: "string",
+                enum: ["low", "medium", "high"],
+                description: "Detection sensitivity threshold"
+              }
+            },
+            description: "Toggle injection detection and set sensitivity"
+          },
+          context_gating: {
+            type: "object",
+            properties: {
+              enabled: { type: "boolean" },
+              policy_id: {
+                type: "string",
+                description: "ID of the context-gating policy to use"
+              }
+            },
+            description: "Toggle context gating and set active policy"
+          },
+          approval_gate: {
+            type: "object",
+            properties: {
+              enabled: { type: "boolean" }
+            },
+            description: "Toggle approval gates on/off"
+          },
+          zk_proofs: {
+            type: "object",
+            properties: {
+              enabled: { type: "boolean" }
+            },
+            description: "Toggle zero-knowledge proofs on/off"
+          }
+        }
+      },
+      handler: async (args) => {
+        const updates = {};
+        if (args.audit_logging !== void 0) {
+          updates.audit_logging = args.audit_logging;
+        }
+        if (args.injection_detection !== void 0) {
+          updates.injection_detection = args.injection_detection;
+        }
+        if (args.context_gating !== void 0) {
+          updates.context_gating = args.context_gating;
+        }
+        if (args.approval_gate !== void 0) {
+          updates.approval_gate = args.approval_gate;
+        }
+        if (args.zk_proofs !== void 0) {
+          updates.zk_proofs = args.zk_proofs;
+        }
+        const updated = await profileStore.update(updates);
+        auditLog.append("l2", "sovereignty_profile_update", "system", {
+          changes: updates,
+          features_enabled: Object.entries(updated.features).filter(([, v]) => v.enabled).map(([k]) => k)
+        });
+        return toolResult({
+          profile: updated,
+          message: "Sovereignty Profile updated. Changes take effect immediately."
+        });
+      }
+    },
+    // ── Generate System Prompt ───────────────────────────────────────
+    {
+      name: "sanctuary/sovereignty_profile_generate_prompt",
+      description: "Generate a system prompt snippet based on the active Sovereignty Profile. The snippet instructs an agent on which Sanctuary features are active and how to use them. Copy and paste this into your agent's system configuration.",
+      inputSchema: {
+        type: "object",
+        properties: {}
+      },
+      handler: async () => {
+        const profile = profileStore.get();
+        const prompt = generateSystemPrompt(profile);
+        auditLog.append("l2", "sovereignty_profile_generate_prompt", "system", {
+          features_enabled: Object.entries(profile.features).filter(([, v]) => v.enabled).map(([k]) => k)
+        });
+        return toolResult({
+          system_prompt: prompt,
+          token_estimate: Math.ceil(prompt.length / 4),
+          message: "Copy the system_prompt text above and paste it into your agent's system configuration. It will update dynamically as you toggle features."
+        });
+      }
+    }
+  ];
+  return { tools };
+}
+
 // src/index.ts
 init_random();
 init_encoding();
@@ -13209,6 +13846,9 @@ async function createSanctuaryServer(options) {
   const { tools: auditTools } = createAuditTools(config);
   const { tools: contextGateTools, enforcer: contextGateEnforcer } = createContextGateTools(storage, masterKey, auditLog);
   const hardeningTools = createL2HardeningTools(config.storage_path, auditLog);
+  const profileStore = new SovereigntyProfileStore(storage, masterKey);
+  await profileStore.load();
+  const { tools: profileTools } = createSovereigntyProfileTools(profileStore, auditLog);
   const policy = await loadPrincipalPolicy(config.storage_path);
   const baseline = new BaselineTracker(storage, masterKey);
   await baseline.load();
@@ -13236,7 +13876,8 @@ async function createSanctuaryServer(options) {
       identityManager,
       handshakeResults,
       shrOpts: { config, identityManager, masterKey },
-      sanctuaryConfig: config
+      sanctuaryConfig: config,
+      profileStore
     });
     await dashboard.start();
     approvalChannel = dashboard;
@@ -13313,6 +13954,7 @@ async function createSanctuaryServer(options) {
     ...auditTools,
     ...contextGateTools,
     ...hardeningTools,
+    ...profileTools,
     ...dashboardTools,
     manifestTool
   ];
@@ -13343,6 +13985,6 @@ async function createSanctuaryServer(options) {
   return { server, config };
 }
 
-export { ATTESTATION_VERSION, ApprovalGate, AuditLog, AutoApproveChannel, BaselineTracker, TEMPLATES as CONTEXT_GATE_TEMPLATES, CallbackApprovalChannel, CommitmentStore, ContextGateEnforcer, ContextGatePolicyStore, DashboardApprovalChannel, FederationRegistry, FilesystemStorage, InMemoryModelProvenanceStore, InjectionDetector, MODEL_PRESETS, MemoryStorage, PolicyStore, ReputationStore, StateStore, StderrApprovalChannel, TIER_WEIGHTS, WebhookApprovalChannel, canonicalize, classifyField, completeHandshake, computeWeightedScore, createBridgeCommitment, createPedersenCommitment, createProofOfKnowledge, createRangeProof, createSanctuaryServer, evaluateField, filterContext, generateAttestation, generateSHR, getTemplate, initiateHandshake, listTemplateIds, loadConfig, loadPrincipalPolicy, recommendPolicy, resolveTier, respondToHandshake, signPayload, tierDistribution, verifyAttestation, verifyBridgeCommitment, verifyCompletion, verifyPedersenCommitment, verifyProofOfKnowledge, verifyRangeProof, verifySHR, verifySignature };
+export { ATTESTATION_VERSION, ApprovalGate, AuditLog, AutoApproveChannel, BaselineTracker, TEMPLATES as CONTEXT_GATE_TEMPLATES, CallbackApprovalChannel, CommitmentStore, ContextGateEnforcer, ContextGatePolicyStore, DashboardApprovalChannel, FederationRegistry, FilesystemStorage, InMemoryModelProvenanceStore, InjectionDetector, MODEL_PRESETS, MemoryStorage, PolicyStore, ReputationStore, SovereigntyProfileStore, StateStore, StderrApprovalChannel, TIER_WEIGHTS, WebhookApprovalChannel, canonicalize, classifyField, completeHandshake, computeWeightedScore, createBridgeCommitment, createDefaultProfile, createPedersenCommitment, createProofOfKnowledge, createRangeProof, createSanctuaryServer, evaluateField, filterContext, generateAttestation, generateSHR, generateSystemPrompt, getTemplate, initiateHandshake, listTemplateIds, loadConfig, loadPrincipalPolicy, recommendPolicy, resolveTier, respondToHandshake, signPayload, tierDistribution, verifyAttestation, verifyBridgeCommitment, verifyCompletion, verifyPedersenCommitment, verifyProofOfKnowledge, verifyRangeProof, verifySHR, verifySignature };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map