@sanctuary-framework/mcp-server 0.5.9 → 0.5.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/cli.cjs +87 -35
  2. package/dist/cli.cjs.map +1 -1
  3. package/dist/cli.js +87 -35
  4. package/dist/cli.js.map +1 -1
  5. package/dist/index.cjs +184 -35
  6. package/dist/index.cjs.map +1 -1
  7. package/dist/index.d.cts +115 -1
  8. package/dist/index.d.ts +115 -1
  9. package/dist/index.js +183 -36
  10. package/dist/index.js.map +1 -1
  11. package/package.json +1 -1
package/dist/cli.js CHANGED
@@ -3451,11 +3451,12 @@ function generateDashboardHTML(options) {
3451
3451
  // API Updates
3452
3452
  async function updateSovereignty() {
3453
3453
  const data = await fetchAPI('/api/sovereignty');
3454
- if (!data) return;
3454
+ if (!data || data.error) return;
3455
3455
 
3456
3456
  apiState.sovereignty = data;
3457
3457
 
3458
- const score = calculateSovereigntyScore(data.shr);
3458
+ // API returns { score, overall_level, layers: { l1, l2, l3, l4 }, ... }
3459
+ const score = data.score ?? 0;
3459
3460
  const badge = document.getElementById('sovereignty-badge');
3460
3461
  const scoreEl = document.getElementById('sovereignty-score');
3461
3462
 
@@ -3465,18 +3466,18 @@ function generateDashboardHTML(options) {
3465
3466
  if (score < 70) badge.classList.add('degraded');
3466
3467
  if (score < 40) badge.classList.add('inactive');
3467
3468
 
3468
- updateLayerCards(data.shr);
3469
+ updateLayerCards(data);
3469
3470
  }
3470
3471
 
3471
- function updateLayerCards(shr) {
3472
- if (!shr || !shr.layers) return;
3472
+ function updateLayerCards(data) {
3473
+ if (!data || !data.layers) return;
3473
3474
 
3474
- const layers = shr.layers;
3475
+ const layers = data.layers;
3475
3476
 
3476
- updateLayerCard('l1', layers.l1, layers.l1?.encryption || 'AES-256-GCM');
3477
- updateLayerCard('l2', layers.l2, layers.l2?.isolation_type || 'Process-level');
3478
- updateLayerCard('l3', layers.l3, layers.l3?.proof_system || 'Schnorr-Pedersen');
3479
- updateLayerCard('l4', layers.l4, layers.l4?.reputation_mode || 'Weighted');
3477
+ updateLayerCard('l1', layers.l1, layers.l1?.detail || 'AES-256-GCM');
3478
+ updateLayerCard('l2', layers.l2, layers.l2?.detail || 'Process-level');
3479
+ updateLayerCard('l3', layers.l3, layers.l3?.detail || 'Schnorr-Pedersen');
3480
+ updateLayerCard('l4', layers.l4, layers.l4?.detail || 'Weighted');
3480
3481
  }
3481
3482
 
3482
3483
  function updateLayerCard(layer, layerData, detail) {
@@ -3504,14 +3505,16 @@ function generateDashboardHTML(options) {
3504
3505
 
3505
3506
  apiState.identity = data;
3506
3507
 
3507
- const primary = data.primary || {};
3508
+ // API returns { identities: [...], count, primary_id }
3509
+ // Find the primary identity from the array
3510
+ const primary = (data.identities || []).find(id => id.identity_id === data.primary_id) || {};
3508
3511
  document.getElementById('identity-label').textContent = primary.label || '\u2014';
3509
3512
  document.getElementById('identity-did').textContent = truncate(primary.did, 24);
3510
3513
  document.getElementById('identity-did').title = primary.did || '';
3511
- document.getElementById('identity-pubkey').textContent = truncate(primary.publicKey, 24);
3512
- document.getElementById('identity-pubkey').title = primary.publicKey || '';
3513
- document.getElementById('identity-created').textContent = formatTime(primary.createdAt);
3514
- document.getElementById('identity-count').textContent = data.identities?.length || '\u2014';
3514
+ document.getElementById('identity-pubkey').textContent = truncate(primary.public_key, 24);
3515
+ document.getElementById('identity-pubkey').title = primary.public_key || '';
3516
+ document.getElementById('identity-created').textContent = formatTime(primary.created_at);
3517
+ document.getElementById('identity-count').textContent = data.count || '\u2014';
3515
3518
  }
3516
3519
 
3517
3520
  async function updateHandshakes() {
@@ -3520,14 +3523,14 @@ function generateDashboardHTML(options) {
3520
3523
 
3521
3524
  apiState.handshakes = data.handshakes || [];
3522
3525
 
3523
- document.getElementById('handshake-count').textContent = data.handshakes?.length || '0';
3526
+ document.getElementById('handshake-count').textContent = data.count || '0';
3524
3527
 
3525
3528
  if (data.handshakes && data.handshakes.length > 0) {
3526
3529
  const latest = data.handshakes[0];
3527
- document.getElementById('handshake-latest').textContent = truncate(latest.counterpartyId, 20);
3528
- document.getElementById('handshake-latest').title = latest.counterpartyId || '';
3529
- document.getElementById('handshake-tier').textContent = (latest.trustTier || 'Unverified').toUpperCase();
3530
- document.getElementById('handshake-time').textContent = formatTime(latest.completedAt);
3530
+ document.getElementById('handshake-latest').textContent = truncate(latest.counterparty_id, 20);
3531
+ document.getElementById('handshake-latest').title = latest.counterparty_id || '';
3532
+ document.getElementById('handshake-tier').textContent = (latest.trust_tier || 'Unverified').toUpperCase();
3533
+ document.getElementById('handshake-time').textContent = formatTime(latest.completed_at);
3531
3534
  } else {
3532
3535
  document.getElementById('handshake-latest').textContent = '\u2014';
3533
3536
  document.getElementById('handshake-tier').textContent = 'Unverified';
@@ -3549,12 +3552,12 @@ function generateDashboardHTML(options) {
3549
3552
  .map(
3550
3553
  (hs) => \`
3551
3554
  <div class="table-row">
3552
- <div class="table-cell strong">\${esc(truncate(hs.counterpartyId, 24))}</div>
3553
- <div class="table-cell">\${esc(hs.trustTier || 'Unverified')}</div>
3554
- <div class="table-cell">\${esc(hs.sovereigntyLevel || '\u2014')}</div>
3555
+ <div class="table-cell strong">\${esc(truncate(hs.counterparty_id, 24))}</div>
3556
+ <div class="table-cell">\${esc(hs.trust_tier || 'Unverified')}</div>
3557
+ <div class="table-cell">\${esc(hs.sovereignty_level || '\u2014')}</div>
3555
3558
  <div class="table-cell">\${hs.verified ? 'Yes' : 'No'}</div>
3556
- <div class="table-cell">\${formatTime(hs.completedAt)}</div>
3557
- <div class="table-cell">\${formatTime(hs.expiresAt)}</div>
3559
+ <div class="table-cell">\${formatTime(hs.completed_at)}</div>
3560
+ <div class="table-cell">\${formatTime(hs.expires_at)}</div>
3558
3561
  </div>
3559
3562
  \`
3560
3563
  )
@@ -3572,11 +3575,14 @@ function generateDashboardHTML(options) {
3572
3575
  function renderSHRViewer(shr) {
3573
3576
  const viewer = document.getElementById('shr-viewer');
3574
3577
 
3575
- if (!shr) {
3578
+ if (!shr || shr.error) {
3576
3579
  viewer.innerHTML = '<div class="empty-state">No SHR available</div>';
3577
3580
  return;
3578
3581
  }
3579
3582
 
3583
+ // SignedSHR shape: { body: { implementation, instance_id, layers, ... }, signed_by, signature }
3584
+ const body = shr.body || shr;
3585
+
3580
3586
  let html = '';
3581
3587
 
3582
3588
  // Implementation
@@ -3589,15 +3595,15 @@ function generateDashboardHTML(options) {
3589
3595
  <div class="shr-section-content">
3590
3596
  <div class="shr-item">
3591
3597
  <div class="shr-key">sanctuary_version:</div>
3592
- <div class="shr-value">\${esc(shr.implementation?.sanctuary_version || '\u2014')}</div>
3598
+ <div class="shr-value">\${esc(body.implementation?.sanctuary_version || '\u2014')}</div>
3593
3599
  </div>
3594
3600
  <div class="shr-item">
3595
3601
  <div class="shr-key">node_version:</div>
3596
- <div class="shr-value">\${esc(shr.implementation?.node_version || '\u2014')}</div>
3602
+ <div class="shr-value">\${esc(body.implementation?.node_version || '\u2014')}</div>
3597
3603
  </div>
3598
3604
  <div class="shr-item">
3599
3605
  <div class="shr-key">generated_by:</div>
3600
- <div class="shr-value">\${esc(shr.implementation?.generated_by || '\u2014')}</div>
3606
+ <div class="shr-value">\${esc(body.implementation?.generated_by || '\u2014')}</div>
3601
3607
  </div>
3602
3608
  </div>
3603
3609
  </div>
@@ -3613,22 +3619,22 @@ function generateDashboardHTML(options) {
3613
3619
  <div class="shr-section-content">
3614
3620
  <div class="shr-item">
3615
3621
  <div class="shr-key">instance_id:</div>
3616
- <div class="shr-value">\${esc(truncate(shr.instance_id, 20))}</div>
3622
+ <div class="shr-value">\${esc(truncate(body.instance_id, 20))}</div>
3617
3623
  </div>
3618
3624
  <div class="shr-item">
3619
3625
  <div class="shr-key">generated_at:</div>
3620
- <div class="shr-value">\${formatTime(shr.generated_at)}</div>
3626
+ <div class="shr-value">\${formatTime(body.generated_at)}</div>
3621
3627
  </div>
3622
3628
  <div class="shr-item">
3623
3629
  <div class="shr-key">expires_at:</div>
3624
- <div class="shr-value">\${formatTime(shr.expires_at)}</div>
3630
+ <div class="shr-value">\${formatTime(body.expires_at)}</div>
3625
3631
  </div>
3626
3632
  </div>
3627
3633
  </div>
3628
3634
  \`;
3629
3635
 
3630
3636
  // Layers
3631
- if (shr.layers) {
3637
+ if (body.layers) {
3632
3638
  html += \`<div class="shr-section">
3633
3639
  <div class="shr-section-header">
3634
3640
  <div class="shr-toggle">\u25BC</div>
@@ -3637,7 +3643,7 @@ function generateDashboardHTML(options) {
3637
3643
  <div class="shr-section-content">
3638
3644
  \`;
3639
3645
 
3640
- for (const [key, layer] of Object.entries(shr.layers)) {
3646
+ for (const [key, layer] of Object.entries(body.layers)) {
3641
3647
  html += \`
3642
3648
  <div style="margin-bottom: 12px;">
3643
3649
  <div style="color: var(--blue); font-weight: 600; margin-bottom: 4px;">\${esc(key)}</div>
@@ -11365,11 +11371,57 @@ var TOOL_API_SCOPED = {
11365
11371
  ],
11366
11372
  default_action: "redact"
11367
11373
  };
11374
+ var REMOTE_INFERENCE_SANITIZE = {
11375
+ id: "remote-inference-sanitize",
11376
+ name: "Remote Inference Sanitization",
11377
+ description: "Maximum privacy for remote/cloud LLM calls. Strips all identity, financial, location, and personal data before passing queries to external models. Inspired by Vitalik Buterin's 2-of-2 sovereignty model.",
11378
+ use_when: "Your local agent needs to call a remote LLM for tasks beyond local model capability (complex coding, deep research) and you want to minimize data leakage to the remote provider. The remote model gets only the task, query, format requirements, and stripped code context.",
11379
+ rules: [
11380
+ {
11381
+ provider: "inference",
11382
+ allow: [
11383
+ "task",
11384
+ "task_description",
11385
+ "current_query",
11386
+ "query",
11387
+ "prompt",
11388
+ "question",
11389
+ "instruction",
11390
+ "output_format",
11391
+ "format",
11392
+ "language",
11393
+ "code_context",
11394
+ // Stripped code snippets for coding tasks
11395
+ "error_message"
11396
+ // For debugging help
11397
+ ],
11398
+ redact: [
11399
+ ...ALWAYS_REDACT_SECRETS,
11400
+ ...PII_PATTERNS,
11401
+ ...INTERNAL_STATE_PATTERNS,
11402
+ ...HISTORY_PATTERNS,
11403
+ "tool_results",
11404
+ "previous_results",
11405
+ // Additional redactions for remote inference
11406
+ "model_data",
11407
+ "agent_state",
11408
+ "runtime_config",
11409
+ "capabilities",
11410
+ "tool_list"
11411
+ ],
11412
+ // Deny patterns — these must NEVER reach the remote model, not even redacted
11413
+ hash: [],
11414
+ summarize: []
11415
+ }
11416
+ ],
11417
+ default_action: "deny"
11418
+ };
11368
11419
  var TEMPLATES = {
11369
11420
  "inference-minimal": INFERENCE_MINIMAL,
11370
11421
  "inference-standard": INFERENCE_STANDARD,
11371
11422
  "logging-strict": LOGGING_STRICT,
11372
- "tool-api-scoped": TOOL_API_SCOPED
11423
+ "tool-api-scoped": TOOL_API_SCOPED,
11424
+ "remote-inference-sanitize": REMOTE_INFERENCE_SANITIZE
11373
11425
  };
11374
11426
  function listTemplateIds() {
11375
11427
  return Object.keys(TEMPLATES);