npm - @sanctuary-framework/mcp-server - Versions diffs - 0.5.6 → 0.5.8 - Mend

@sanctuary-framework/mcp-server 0.5.6 → 0.5.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/index.d.cts CHANGED Viewed

@@ -1954,6 +1954,53 @@ declare class FilesystemStorage implements StorageBackend {
  */
 declare function loadPrincipalPolicy(storagePath: string): Promise<PrincipalPolicy>;
+/**
+ * Sanctuary MCP Server — L1 Cognitive Sovereignty: Tool Definitions
+ *
+ * MCP tool wrappers for StateStore and IdentityRoot operations.
+ * These tools are the public API that agents interact with.
+ */
+/** Manages all identities — provides storage and retrieval */
+declare class IdentityManager {
+    private storage;
+    private masterKey;
+    private identities;
+    private primaryIdentityId;
+    constructor(storage: StorageBackend, masterKey: Uint8Array);
+    private get encryptionKey();
+    /** Load identities from storage on startup */
+    load(): Promise<void>;
+    /** Save an identity to storage */
+    save(identity: StoredIdentity): Promise<void>;
+    get(id: string): StoredIdentity | undefined;
+    getDefault(): StoredIdentity | undefined;
+    list(): PublicIdentity[];
+}
+/**
+ * Sanctuary MCP Server — SHR Generator
+ *
+ * Generates a Sovereignty Health Report from current server state,
+ * signs it with a specified identity, and returns the complete signed SHR.
+ */
+interface SHRGeneratorOptions {
+    config: SanctuaryConfig;
+    identityManager: IdentityManager;
+    masterKey: Uint8Array;
+    /** Override validity window (milliseconds). Default: 1 hour. */
+    validityMs?: number;
+}
+/**
+ * Generate and sign a Sovereignty Health Report.
+ *
+ * @param identityId - Which identity to sign with (defaults to primary)
+ * @param opts - Generator dependencies
+ * @returns The signed SHR, or an error string
+ */
+declare function generateSHR(identityId: string | undefined, opts: SHRGeneratorOptions): SignedSHR | string;
 /**
  * Sanctuary MCP Server — Principal Dashboard
  *
@@ -1999,6 +2046,10 @@ declare class DashboardApprovalChannel implements ApprovalChannel {
     private policy;
     private baseline;
     private auditLog;
+    private identityManager;
+    private handshakeResults;
+    private shrOpts;
+    private _sanctuaryConfig;
     private dashboardHTML;
     private loginHTML;
     private authToken;
@@ -2019,6 +2070,10 @@ declare class DashboardApprovalChannel implements ApprovalChannel {
         policy: PrincipalPolicy;
         baseline: BaselineTracker;
         auditLog: AuditLog;
+        identityManager?: IdentityManager;
+        handshakeResults?: Map<string, HandshakeResult>;
+        shrOpts?: SHRGeneratorOptions;
+        sanctuaryConfig?: SanctuaryConfig;
     }): void;
     /**
      * Start the HTTP(S) server for the dashboard.
@@ -2097,6 +2152,10 @@ declare class DashboardApprovalChannel implements ApprovalChannel {
     private handlePendingList;
     private handleAuditLog;
     private handleDecision;
+    private handleSovereignty;
+    private handleIdentity;
+    private handleHandshakes;
+    private handleSHR;
     broadcastSSE(event: string, data: unknown): void;
     /**
      * Broadcast an audit entry to connected dashboards.
@@ -2246,53 +2305,6 @@ declare class WebhookApprovalChannel implements ApprovalChannel {
     get pendingCount(): number;
 }
-/**
- * Sanctuary MCP Server — L1 Cognitive Sovereignty: Tool Definitions
- *
- * MCP tool wrappers for StateStore and IdentityRoot operations.
- * These tools are the public API that agents interact with.
- */
-/** Manages all identities — provides storage and retrieval */
-declare class IdentityManager {
-    private storage;
-    private masterKey;
-    private identities;
-    private primaryIdentityId;
-    constructor(storage: StorageBackend, masterKey: Uint8Array);
-    private get encryptionKey();
-    /** Load identities from storage on startup */
-    load(): Promise<void>;
-    /** Save an identity to storage */
-    save(identity: StoredIdentity): Promise<void>;
-    get(id: string): StoredIdentity | undefined;
-    getDefault(): StoredIdentity | undefined;
-    list(): PublicIdentity[];
-}
-/**
- * Sanctuary MCP Server — SHR Generator
- *
- * Generates a Sovereignty Health Report from current server state,
- * signs it with a specified identity, and returns the complete signed SHR.
- */
-interface SHRGeneratorOptions {
-    config: SanctuaryConfig;
-    identityManager: IdentityManager;
-    masterKey: Uint8Array;
-    /** Override validity window (milliseconds). Default: 1 hour. */
-    validityMs?: number;
-}
-/**
- * Generate and sign a Sovereignty Health Report.
- *
- * @param identityId - Which identity to sign with (defaults to primary)
- * @param opts - Generator dependencies
- * @returns The signed SHR, or an error string
- */
-declare function generateSHR(identityId: string | undefined, opts: SHRGeneratorOptions): SignedSHR | string;
 /**
  * Sanctuary MCP Server — SHR Verifier
  *
@@ -2654,4 +2666,4 @@ declare function createSanctuaryServer(options?: {
     storage?: StorageBackend;
 }): Promise<SanctuaryServer>;
-export { ATTESTATION_VERSION, ApprovalGate, type AttestationBody, type AttestationVerificationResult, AuditLog, AutoApproveChannel, BaselineTracker, type BridgeAttestationRequest, type BridgeAttestationResult, type BridgeCommitment, type BridgeVerificationResult, TEMPLATES as CONTEXT_GATE_TEMPLATES, CallbackApprovalChannel, CommitmentStore, type ConcordiaOutcome, type ContextAction, type ContextFilterResult, ContextGateEnforcer, type ContextGatePolicy, ContextGatePolicyStore, type ContextGateRule, type ContextGateTemplate, DashboardApprovalChannel, type DashboardConfig, type DetectionResult, type EnforcerConfig, type FederationCapabilities, type FederationPeer, FederationRegistry, type FieldClassification, type FieldFilterResult, FilesystemStorage, type GateResult, type HandshakeChallenge, type HandshakeCompletion, type HandshakeResponse, type HandshakeResult, InjectionDetector, type InjectionDetectorConfig, type InjectionSignal, MemoryStorage, type PedersenCommitment, type PeerTrustEvaluation, type PolicyRecommendation, PolicyStore, type PrincipalPolicy, type ProviderCategory, ReputationStore, type SHRBody, type SHRVerificationResult, type SanctuaryConfig, type SanctuaryServer, type SignedAttestation, type SignedSHR, type SovereigntyTier, StateStore, StderrApprovalChannel, TIER_WEIGHTS, type TierMetadata, type TieredAttestation, WebhookApprovalChannel, type WebhookCallbackPayload, type WebhookConfig, type WebhookPayload, type ZKProofOfKnowledge, type ZKRangeProof, canonicalize, classifyField, completeHandshake, computeWeightedScore, createBridgeCommitment, createPedersenCommitment, createProofOfKnowledge, createRangeProof, createSanctuaryServer, evaluateField, filterContext, generateAttestation, generateSHR, getTemplate, initiateHandshake, listTemplateIds, loadConfig, loadPrincipalPolicy, recommendPolicy, resolveTier, respondToHandshake, signPayload, tierDistribution, verifyAttestation, verifyBridgeCommitment, verifyCompletion, verifyPedersenCommitment, verifyProofOfKnowledge, verifyRangeProof, verifySHR, verifySignature };
+export { ATTESTATION_VERSION, ApprovalGate, type AttestationBody, type AttestationVerificationResult, AuditLog, AutoApproveChannel, BaselineTracker, type BridgeAttestationRequest, type BridgeAttestationResult, type BridgeCommitment, type BridgeVerificationResult, TEMPLATES as CONTEXT_GATE_TEMPLATES, CallbackApprovalChannel, CommitmentStore, type ConcordiaOutcome, type ContextAction, type ContextFilterResult, ContextGateEnforcer, type ContextGatePolicy, ContextGatePolicyStore, type ContextGateRule, type ContextGateTemplate, DashboardApprovalChannel, type DashboardConfig, type DetectionResult, type EnforcerConfig, type FederationCapabilities, type FederationPeer, FederationRegistry, type FieldClassification, type FieldFilterResult, FilesystemStorage, type GateResult, type HandshakeChallenge, type HandshakeCompletion, type HandshakeResponse, type HandshakeResult, InjectionDetector, type InjectionDetectorConfig, type InjectionSignal, MemoryStorage, type PedersenCommitment, type PeerTrustEvaluation, type PolicyRecommendation, PolicyStore, type PrincipalPolicy, type ProviderCategory, ReputationStore, type SHRBody, type SHRGeneratorOptions, type SHRVerificationResult, type SanctuaryConfig, type SanctuaryServer, type SignedAttestation, type SignedSHR, type SovereigntyTier, StateStore, StderrApprovalChannel, TIER_WEIGHTS, type TierMetadata, type TieredAttestation, WebhookApprovalChannel, type WebhookCallbackPayload, type WebhookConfig, type WebhookPayload, type ZKProofOfKnowledge, type ZKRangeProof, canonicalize, classifyField, completeHandshake, computeWeightedScore, createBridgeCommitment, createPedersenCommitment, createProofOfKnowledge, createRangeProof, createSanctuaryServer, evaluateField, filterContext, generateAttestation, generateSHR, getTemplate, initiateHandshake, listTemplateIds, loadConfig, loadPrincipalPolicy, recommendPolicy, resolveTier, respondToHandshake, signPayload, tierDistribution, verifyAttestation, verifyBridgeCommitment, verifyCompletion, verifyPedersenCommitment, verifyProofOfKnowledge, verifyRangeProof, verifySHR, verifySignature };

package/dist/index.d.ts CHANGED Viewed

@@ -1954,6 +1954,53 @@ declare class FilesystemStorage implements StorageBackend {
  */
 declare function loadPrincipalPolicy(storagePath: string): Promise<PrincipalPolicy>;
+/**
+ * Sanctuary MCP Server — L1 Cognitive Sovereignty: Tool Definitions
+ *
+ * MCP tool wrappers for StateStore and IdentityRoot operations.
+ * These tools are the public API that agents interact with.
+ */
+/** Manages all identities — provides storage and retrieval */
+declare class IdentityManager {
+    private storage;
+    private masterKey;
+    private identities;
+    private primaryIdentityId;
+    constructor(storage: StorageBackend, masterKey: Uint8Array);
+    private get encryptionKey();
+    /** Load identities from storage on startup */
+    load(): Promise<void>;
+    /** Save an identity to storage */
+    save(identity: StoredIdentity): Promise<void>;
+    get(id: string): StoredIdentity | undefined;
+    getDefault(): StoredIdentity | undefined;
+    list(): PublicIdentity[];
+}
+/**
+ * Sanctuary MCP Server — SHR Generator
+ *
+ * Generates a Sovereignty Health Report from current server state,
+ * signs it with a specified identity, and returns the complete signed SHR.
+ */
+interface SHRGeneratorOptions {
+    config: SanctuaryConfig;
+    identityManager: IdentityManager;
+    masterKey: Uint8Array;
+    /** Override validity window (milliseconds). Default: 1 hour. */
+    validityMs?: number;
+}
+/**
+ * Generate and sign a Sovereignty Health Report.
+ *
+ * @param identityId - Which identity to sign with (defaults to primary)
+ * @param opts - Generator dependencies
+ * @returns The signed SHR, or an error string
+ */
+declare function generateSHR(identityId: string | undefined, opts: SHRGeneratorOptions): SignedSHR | string;
 /**
  * Sanctuary MCP Server — Principal Dashboard
  *
@@ -1999,6 +2046,10 @@ declare class DashboardApprovalChannel implements ApprovalChannel {
     private policy;
     private baseline;
     private auditLog;
+    private identityManager;
+    private handshakeResults;
+    private shrOpts;
+    private _sanctuaryConfig;
     private dashboardHTML;
     private loginHTML;
     private authToken;
@@ -2019,6 +2070,10 @@ declare class DashboardApprovalChannel implements ApprovalChannel {
         policy: PrincipalPolicy;
         baseline: BaselineTracker;
         auditLog: AuditLog;
+        identityManager?: IdentityManager;
+        handshakeResults?: Map<string, HandshakeResult>;
+        shrOpts?: SHRGeneratorOptions;
+        sanctuaryConfig?: SanctuaryConfig;
     }): void;
     /**
      * Start the HTTP(S) server for the dashboard.
@@ -2097,6 +2152,10 @@ declare class DashboardApprovalChannel implements ApprovalChannel {
     private handlePendingList;
     private handleAuditLog;
     private handleDecision;
+    private handleSovereignty;
+    private handleIdentity;
+    private handleHandshakes;
+    private handleSHR;
     broadcastSSE(event: string, data: unknown): void;
     /**
      * Broadcast an audit entry to connected dashboards.
@@ -2246,53 +2305,6 @@ declare class WebhookApprovalChannel implements ApprovalChannel {
     get pendingCount(): number;
 }
-/**
- * Sanctuary MCP Server — L1 Cognitive Sovereignty: Tool Definitions
- *
- * MCP tool wrappers for StateStore and IdentityRoot operations.
- * These tools are the public API that agents interact with.
- */
-/** Manages all identities — provides storage and retrieval */
-declare class IdentityManager {
-    private storage;
-    private masterKey;
-    private identities;
-    private primaryIdentityId;
-    constructor(storage: StorageBackend, masterKey: Uint8Array);
-    private get encryptionKey();
-    /** Load identities from storage on startup */
-    load(): Promise<void>;
-    /** Save an identity to storage */
-    save(identity: StoredIdentity): Promise<void>;
-    get(id: string): StoredIdentity | undefined;
-    getDefault(): StoredIdentity | undefined;
-    list(): PublicIdentity[];
-}
-/**
- * Sanctuary MCP Server — SHR Generator
- *
- * Generates a Sovereignty Health Report from current server state,
- * signs it with a specified identity, and returns the complete signed SHR.
- */
-interface SHRGeneratorOptions {
-    config: SanctuaryConfig;
-    identityManager: IdentityManager;
-    masterKey: Uint8Array;
-    /** Override validity window (milliseconds). Default: 1 hour. */
-    validityMs?: number;
-}
-/**
- * Generate and sign a Sovereignty Health Report.
- *
- * @param identityId - Which identity to sign with (defaults to primary)
- * @param opts - Generator dependencies
- * @returns The signed SHR, or an error string
- */
-declare function generateSHR(identityId: string | undefined, opts: SHRGeneratorOptions): SignedSHR | string;
 /**
  * Sanctuary MCP Server — SHR Verifier
  *
@@ -2654,4 +2666,4 @@ declare function createSanctuaryServer(options?: {
     storage?: StorageBackend;
 }): Promise<SanctuaryServer>;
-export { ATTESTATION_VERSION, ApprovalGate, type AttestationBody, type AttestationVerificationResult, AuditLog, AutoApproveChannel, BaselineTracker, type BridgeAttestationRequest, type BridgeAttestationResult, type BridgeCommitment, type BridgeVerificationResult, TEMPLATES as CONTEXT_GATE_TEMPLATES, CallbackApprovalChannel, CommitmentStore, type ConcordiaOutcome, type ContextAction, type ContextFilterResult, ContextGateEnforcer, type ContextGatePolicy, ContextGatePolicyStore, type ContextGateRule, type ContextGateTemplate, DashboardApprovalChannel, type DashboardConfig, type DetectionResult, type EnforcerConfig, type FederationCapabilities, type FederationPeer, FederationRegistry, type FieldClassification, type FieldFilterResult, FilesystemStorage, type GateResult, type HandshakeChallenge, type HandshakeCompletion, type HandshakeResponse, type HandshakeResult, InjectionDetector, type InjectionDetectorConfig, type InjectionSignal, MemoryStorage, type PedersenCommitment, type PeerTrustEvaluation, type PolicyRecommendation, PolicyStore, type PrincipalPolicy, type ProviderCategory, ReputationStore, type SHRBody, type SHRVerificationResult, type SanctuaryConfig, type SanctuaryServer, type SignedAttestation, type SignedSHR, type SovereigntyTier, StateStore, StderrApprovalChannel, TIER_WEIGHTS, type TierMetadata, type TieredAttestation, WebhookApprovalChannel, type WebhookCallbackPayload, type WebhookConfig, type WebhookPayload, type ZKProofOfKnowledge, type ZKRangeProof, canonicalize, classifyField, completeHandshake, computeWeightedScore, createBridgeCommitment, createPedersenCommitment, createProofOfKnowledge, createRangeProof, createSanctuaryServer, evaluateField, filterContext, generateAttestation, generateSHR, getTemplate, initiateHandshake, listTemplateIds, loadConfig, loadPrincipalPolicy, recommendPolicy, resolveTier, respondToHandshake, signPayload, tierDistribution, verifyAttestation, verifyBridgeCommitment, verifyCompletion, verifyPedersenCommitment, verifyProofOfKnowledge, verifyRangeProof, verifySHR, verifySignature };
+export { ATTESTATION_VERSION, ApprovalGate, type AttestationBody, type AttestationVerificationResult, AuditLog, AutoApproveChannel, BaselineTracker, type BridgeAttestationRequest, type BridgeAttestationResult, type BridgeCommitment, type BridgeVerificationResult, TEMPLATES as CONTEXT_GATE_TEMPLATES, CallbackApprovalChannel, CommitmentStore, type ConcordiaOutcome, type ContextAction, type ContextFilterResult, ContextGateEnforcer, type ContextGatePolicy, ContextGatePolicyStore, type ContextGateRule, type ContextGateTemplate, DashboardApprovalChannel, type DashboardConfig, type DetectionResult, type EnforcerConfig, type FederationCapabilities, type FederationPeer, FederationRegistry, type FieldClassification, type FieldFilterResult, FilesystemStorage, type GateResult, type HandshakeChallenge, type HandshakeCompletion, type HandshakeResponse, type HandshakeResult, InjectionDetector, type InjectionDetectorConfig, type InjectionSignal, MemoryStorage, type PedersenCommitment, type PeerTrustEvaluation, type PolicyRecommendation, PolicyStore, type PrincipalPolicy, type ProviderCategory, ReputationStore, type SHRBody, type SHRGeneratorOptions, type SHRVerificationResult, type SanctuaryConfig, type SanctuaryServer, type SignedAttestation, type SignedSHR, type SovereigntyTier, StateStore, StderrApprovalChannel, TIER_WEIGHTS, type TierMetadata, type TieredAttestation, WebhookApprovalChannel, type WebhookCallbackPayload, type WebhookConfig, type WebhookPayload, type ZKProofOfKnowledge, type ZKRangeProof, canonicalize, classifyField, completeHandshake, computeWeightedScore, createBridgeCommitment, createPedersenCommitment, createProofOfKnowledge, createRangeProof, createSanctuaryServer, evaluateField, filterContext, generateAttestation, generateSHR, getTemplate, initiateHandshake, listTemplateIds, loadConfig, loadPrincipalPolicy, recommendPolicy, resolveTier, respondToHandshake, signPayload, tierDistribution, verifyAttestation, verifyBridgeCommitment, verifyCompletion, verifyPedersenCommitment, verifyProofOfKnowledge, verifyRangeProof, verifySHR, verifySignature };