@scriptmasterlabs/mcp-x402 2.0.2 → 2.1.1

package/src/server/security/audit.ts

@@ -1,94 +0,0 @@
-import { createHash, createHmac } from 'crypto';
-import { appendFileSync } from 'fs';
-
-type LogLevel = 'info' | 'warn' | 'error';
-
-interface LogEntry {
-  seq: number;
-  ts: number;
-  level: LogLevel;
-  event: string;
-  data: Record<string, unknown>;
-  prev_hash: string;
-  hash: string;
-}
-
-// Append-only SHA-256 chained audit log (N5)
-// Each entry includes the hash of the previous entry — tampering breaks the chain.
-export class AuditLogger {
-  private static instance: AuditLogger;
-  private seq = 0;
-  private prevHash = '0000000000000000000000000000000000000000000000000000000000000000';
-  private readonly logPath: string;
-  private readonly hmacSecret: string;
-
-  private constructor() {
-    this.logPath = process.env['AUDIT_LOG_PATH'] ?? './audit.log';
-    this.hmacSecret = process.env['AUDIT_HMAC_SECRET'] ?? 'mcp-x402-audit-secret';
-  }
-
-  static getInstance(): AuditLogger {
-    if (!AuditLogger.instance) {
-      AuditLogger.instance = new AuditLogger();
-    }
-    return AuditLogger.instance;
-  }
-
-  private log(level: LogLevel, event: string, data: Record<string, unknown>): void {
-    const seq = ++this.seq;
-    const ts = Date.now();
-
-    // Redact PII (N3): hash wallet addresses, never log raw filing content
-    const safeData = this.redact(data);
-
-    const payload = JSON.stringify({ seq, ts, level, event, data: safeData, prev_hash: this.prevHash });
-    const hash = createHmac('sha256', this.hmacSecret).update(payload).digest('hex');
-
-    const entry: LogEntry = {
-      seq,
-      ts,
-      level,
-      event,
-      data: safeData,
-      prev_hash: this.prevHash,
-      hash,
-    };
-
-    this.prevHash = hash;
-
-    try {
-      appendFileSync(this.logPath, JSON.stringify(entry) + '\n', 'utf8');
-    } catch {
-      // If log write fails, emit to stderr but don't crash
-      process.stderr.write(`[audit-fail] ${JSON.stringify(entry)}\n`);
-    }
-  }
-
-  private redact(data: Record<string, unknown>): Record<string, unknown> {
-    const out: Record<string, unknown> = {};
-    for (const [k, v] of Object.entries(data)) {
-      if (k === 'wallet' || k === 'address') {
-        // Hash wallet addresses (N3)
-        out[k] = createHash('sha256').update(String(v)).digest('hex').slice(0, 16) + '...';
-      } else if (k === 'content' || k === 'raw_text' || k === 'filing') {
-        // Never log raw filing data (N3)
-        out[k] = '[REDACTED]';
-      } else {
-        out[k] = v;
-      }
-    }
-    return out;
-  }
-
-  info(event: string, data: Record<string, unknown> = {}): void {
-    this.log('info', event, data);
-  }
-
-  warn(event: string, data: Record<string, unknown> = {}): void {
-    this.log('warn', event, data);
-  }
-
-  error(event: string, data: Record<string, unknown> = {}): void {
-    this.log('error', event, data);
-  }
-}

package/src/server/security/rate-limit.ts

@@ -1,84 +0,0 @@
-interface BucketState {
-  minute: { count: number; resetAt: number };
-  day: { count: number; resetAt: number };
-}
-
-const PER_TOOL_MINUTE_LIMIT = 100;
-const PER_WALLET_DAY_LIMIT = 1000;
-const IP_MINUTE_LIMIT = 200;
-
-function nowMs(): number {
-  return Date.now();
-}
-
-export class RateLimiter {
-  private static instance: RateLimiter;
-  private readonly toolBuckets = new Map<string, BucketState>();
-  private readonly walletBuckets = new Map<string, BucketState>();
-  private readonly ipBuckets = new Map<string, { count: number; resetAt: number }>();
-
-  private constructor() {}
-
-  static getInstance(): RateLimiter {
-    if (!RateLimiter.instance) {
-      RateLimiter.instance = new RateLimiter();
-    }
-    return RateLimiter.instance;
-  }
-
-  checkTool(toolName: string): boolean {
-    const now = nowMs();
-    let bucket = this.toolBuckets.get(toolName);
-
-    if (!bucket) {
-      bucket = {
-        minute: { count: 0, resetAt: now + 60_000 },
-        day: { count: 0, resetAt: now + 86_400_000 },
-      };
-      this.toolBuckets.set(toolName, bucket);
-    }
-
-    if (now > bucket.minute.resetAt) {
-      bucket.minute = { count: 0, resetAt: now + 60_000 };
-    }
-
-    if (bucket.minute.count >= PER_TOOL_MINUTE_LIMIT) return false;
-    bucket.minute.count++;
-    return true;
-  }
-
-  checkWallet(wallet: string): boolean {
-    const now = nowMs();
-    let bucket = this.walletBuckets.get(wallet);
-
-    if (!bucket) {
-      bucket = {
-        minute: { count: 0, resetAt: now + 60_000 },
-        day: { count: 0, resetAt: now + 86_400_000 },
-      };
-      this.walletBuckets.set(wallet, bucket);
-    }
-
-    if (now > bucket.day.resetAt) {
-      bucket.day = { count: 0, resetAt: now + 86_400_000 };
-    }
-
-    if (bucket.day.count >= PER_WALLET_DAY_LIMIT) return false;
-    bucket.day.count++;
-    return true;
-  }
-
-  checkIp(ip: string): boolean {
-    const now = nowMs();
-    let entry = this.ipBuckets.get(ip);
-
-    if (!entry || now > entry.resetAt) {
-      entry = { count: 0, resetAt: now + 60_000 };
-      this.ipBuckets.set(ip, entry);
-    }
-
-    if (entry.count >= IP_MINUTE_LIMIT) return false;
-    entry.count++;
-    return true;
-  }
-}

package/src/server/security/sandbox.ts

@@ -1,40 +0,0 @@
-import { z } from 'zod';
-
-// Sandboxed input validation layer — all tool inputs pass through here before execution.
-// No eval(), no dynamic require(), no raw SQL (N4 enforcement at schema layer).
-export class Sandbox {
-  static validate<T>(schema: z.ZodType<T>, input: unknown): T {
-    const result = schema.safeParse(input);
-    if (!result.success) {
-      const issues = result.error.issues
-        .map((i) => `${i.path.join('.')}: ${i.message}`)
-        .join('; ');
-      throw new Error(`Input validation failed: ${issues}`);
-    }
-    return result.data;
-  }
-
-  // Ensure URL is http/https only — no file://, data://, javascript:
-  static validateUrl(raw: string): URL {
-    let url: URL;
-    try {
-      url = new URL(raw);
-    } catch {
-      throw new Error(`Invalid URL: ${raw}`);
-    }
-    if (url.protocol !== 'http:' && url.protocol !== 'https:') {
-      throw new Error(`Disallowed URL protocol: ${url.protocol}`);
-    }
-    return url;
-  }
-
-  // Strip any response content that looks like a prompt injection attempt
-  static sanitizeApiResponse(text: string): string {
-    // Remove common injection markers
-    return text
-      .replace(/<\/?system>/gi, '')
-      .replace(/\[INST\]/gi, '')
-      .replace(/\[\/?INST\]/gi, '')
-      .slice(0, 50_000); // Hard cap on returned content size
-  }
-}

package/src/server/tools/agentcard.ts

@@ -1,134 +0,0 @@
-import { z } from 'zod';
-import type { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
-import { executeX402Payment } from '../payments/x402.js';
-import { RateLimiter } from '../security/rate-limit.js';
-import { Sandbox } from '../security/sandbox.js';
-import { AuditLogger } from '../security/audit.js';
-import { PriceRegistry } from '../registry/pricing.js';
-import { AgentCardAPI } from '../../lib/sml-api/agentcard.js';
-
-const LookupSchema = z.object({
-  identifier: z.string().min(1),
-});
-
-const VerifySchema = z.object({
-  wallet_address: z.string().min(10),
-  message: z.string().min(1),
-  signature: z.string().min(1),
-});
-
-const MintSchema = z.object({
-  wallet_address: z.string().min(10),
-  name: z.string().min(1).max(64),
-  did: z.string().optional(),
-  metadata: z.record(z.unknown()).optional(),
-  payment_wallet: z.string().optional(),
-});
-
-export function registerAgentCard(server: McpServer): void {
-  const audit = AuditLogger.getInstance();
-
-  // ── FREE: agentcard_lookup ─────────────────────────────────────────────────
-  server.tool(
-    'agentcard_lookup',
-    {
-      identifier: z.string().describe('Agent wallet address or DID to look up.'),
-    },
-    async (rawArgs) => {
-      const { identifier } = Sandbox.validate(LookupSchema, rawArgs);
-      if (!RateLimiter.getInstance().checkTool('agentcard_lookup')) {
-        return { content: [{ type: 'text', text: JSON.stringify({ error: 'rate_limit_exceeded', retry_after: 60 }) }], isError: true };
-      }
-      try {
-        const data = await AgentCardAPI.lookup(identifier);
-        audit.info('agentcard_lookup', { identifier });
-        return { content: [{ type: 'text', text: JSON.stringify(data) }] };
-      } catch (err) {
-        return { content: [{ type: 'text', text: JSON.stringify({ error: 'api_error', message: String(err) }) }], isError: true };
-      }
-    },
-  );
-
-  // ── FREE: agentcard_verify ─────────────────────────────────────────────────
-  server.tool(
-    'agentcard_verify',
-    {
-      wallet_address: z.string().describe('Agent wallet address that signed the message.'),
-      message: z.string().describe('Original message that was signed.'),
-      signature: z.string().describe('Ed25519 signature (hex or base64).'),
-    },
-    async (rawArgs) => {
-      const args = Sandbox.validate(VerifySchema, rawArgs);
-      if (!RateLimiter.getInstance().checkTool('agentcard_verify')) {
-        return { content: [{ type: 'text', text: JSON.stringify({ error: 'rate_limit_exceeded', retry_after: 60 }) }], isError: true };
-      }
-      try {
-        const data = await AgentCardAPI.verify({
-          walletAddress: args.wallet_address,
-          message: args.message,
-          signature: args.signature,
-        });
-        audit.info('agentcard_verify', { wallet_address: args.wallet_address });
-        return { content: [{ type: 'text', text: JSON.stringify(data) }] };
-      } catch (err) {
-        return { content: [{ type: 'text', text: JSON.stringify({ error: 'api_error', message: String(err) }) }], isError: true };
-      }
-    },
-  );
-
-  // ── PAID: agentcard_mint (0.01 USDC) ──────────────────────────────────────
-  server.tool(
-    'agentcard_mint',
-    {
-      wallet_address: z.string().describe('XRPL wallet address for the new agent identity.'),
-      name: z.string().describe('Human-readable agent name (max 64 chars).'),
-      did: z.string().describe('Optional DID (decentralized identifier) for the agent.'),
-      metadata: z.record(z.unknown()).describe('Optional metadata object (capabilities, version, etc.).'),
-      payment_wallet: z.string().describe('Wallet to pay x402 fee from (defaults to wallet_address).'),
-    },
-    async (rawArgs) => {
-      const args = Sandbox.validate(MintSchema, rawArgs);
-      const paymentWallet = args.payment_wallet ?? args.wallet_address;
-
-      if (!RateLimiter.getInstance().checkTool('agentcard_mint')) {
-        return { content: [{ type: 'text', text: JSON.stringify({ error: 'rate_limit_exceeded', retry_after: 60 }) }], isError: true };
-      }
-
-      await PriceRegistry.getInstance().seedDefaults();
-      const price = await PriceRegistry.getInstance().getPrice('agentcard_mint');
-      if (!price) {
-        return { content: [{ type: 'text', text: JSON.stringify({ error: 'price_unavailable' }) }], isError: true };
-      }
-
-      let payment;
-      try {
-        payment = await executeX402Payment({ price, currency: 'USDC', toolName: 'agentcard_mint', walletAddress: paymentWallet });
-      } catch (err) {
-        audit.warn('agentcard_mint_payment_fail', { error: String(err) });
-        return { content: [{ type: 'text', text: JSON.stringify({ error: 'payment_failed', message: String(err) }) }], isError: true };
-      }
-
-      try {
-        const data = await AgentCardAPI.mint({
-          walletAddress: args.wallet_address,
-          name: args.name,
-          did: args.did,
-          metadata: args.metadata,
-        });
-        audit.info('agentcard_mint_success', { name: args.name, receiptId: payment.receiptId });
-        return {
-          content: [{
-            type: 'text',
-            text: JSON.stringify({
-              data,
-              _meta: { receipt_id: payment.receiptId, tx_hash: payment.txHash, chain: payment.chain, amount_paid: `${payment.amountPaid} ${payment.currency}`, timestamp: payment.timestamp },
-            }),
-          }],
-        };
-      } catch (err) {
-        audit.error('agentcard_mint_api_fail', { error: String(err) });
-        return { content: [{ type: 'text', text: JSON.stringify({ error: 'api_error', message: String(err) }) }], isError: true };
-      }
-    },
-  );
-}

package/src/server/tools/backtest.ts

@@ -1,119 +0,0 @@
-import { z } from 'zod';
-import type { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
-import { executeX402Payment } from '../payments/x402.js';
-import { RateLimiter } from '../security/rate-limit.js';
-import { Sandbox } from '../security/sandbox.js';
-import { AuditLogger } from '../security/audit.js';
-import { PriceRegistry } from '../registry/pricing.js';
-import { BacktestAPI } from '../../lib/sml-api/backtest.js';
-
-const BacktestSchema = z.object({
-  ticker: z.string().min(1).max(10).toUpperCase(),
-  lookback_days: z.number().int().min(30).max(1260).default(252),
-  fees: z.number().min(0).max(0.05).default(0.001),
-  slippage: z.number().min(0).max(0.05).default(0.0005),
-  momentum_window: z.number().int().min(2).max(50).default(10),
-  momentum_threshold: z.number().min(0).max(0.1).default(0.001),
-  wallet_address: z.string().optional(),
-});
-
-const ValidateSchema = z.object({
-  ticker: z.string().min(1).max(10).toUpperCase(),
-  lookback_days: z.number().int().min(60).max(1260).default(504),
-  train_ratio: z.number().min(0.5).max(0.9).default(0.7),
-  fees: z.number().min(0).max(0.05).default(0.001),
-  slippage: z.number().min(0).max(0.05).default(0.0005),
-  wallet_address: z.string().optional(),
-});
-
-export function registerBacktest(server: McpServer): void {
-  const audit = AuditLogger.getInstance();
-
-  // ── backtest_run — full backtest on live price data (FREE) ─────────────────
-  server.tool(
-    'backtest_run',
-    {
-      ticker: z.string().describe('Ticker symbol (e.g. NVDA, SPY, GME)'),
-      lookback_days: z.number().describe('Days of history to backtest (30–1260, default 252)'),
-      fees: z.number().describe('Round-trip commission rate (default 0.001 = 0.1%)'),
-      slippage: z.number().describe('Slippage per side (default 0.0005)'),
-      momentum_window: z.number().describe('Momentum rolling window in days (default 10)'),
-      momentum_threshold: z.number().describe('Minimum momentum to enter long (default 0.001)'),
-      wallet_address: z.string().describe('Agent wallet address (optional)'),
-    },
-    async (rawArgs) => {
-      const args = Sandbox.validate(BacktestSchema, rawArgs);
-      if (!RateLimiter.getInstance().checkTool('backtest_run')) {
-        return { content: [{ type: 'text', text: JSON.stringify({ error: 'rate_limit_exceeded' }) }], isError: true };
-      }
-      try {
-        const result = await BacktestAPI.backtest({
-          ticker: args.ticker,
-          lookback_days: args.lookback_days,
-          fees: args.fees,
-          slippage: args.slippage,
-          momentum_window: args.momentum_window,
-          momentum_threshold: args.momentum_threshold,
-        });
-        audit.info('backtest_run_success', { ticker: args.ticker });
-        return { content: [{ type: 'text', text: JSON.stringify(result) }] };
-      } catch (err) {
-        audit.warn('backtest_run_fail', { error: String(err) });
-        return { content: [{ type: 'text', text: JSON.stringify({ error: String(err) }) }], isError: true };
-      }
-    },
-  );
-
-  // ── backtest_validate — walk-forward OOS validation ($0.02) ───────────────
-  server.tool(
-    'backtest_validate',
-    {
-      ticker: z.string().describe('Ticker symbol to validate'),
-      lookback_days: z.number().describe('Total history window (60–1260, default 504 = 2 years)'),
-      train_ratio: z.number().describe('Train/test split ratio (default 0.7 = 70% in-sample)'),
-      fees: z.number().describe('Round-trip commission rate (default 0.001)'),
-      slippage: z.number().describe('Slippage per side (default 0.0005)'),
-      wallet_address: z.string().describe('Agent wallet for x402 payment (AP2 required)'),
-    },
-    async (rawArgs) => {
-      const args = Sandbox.validate(ValidateSchema, rawArgs);
-      if (!RateLimiter.getInstance().checkTool('backtest_validate')) {
-        return { content: [{ type: 'text', text: JSON.stringify({ error: 'rate_limit_exceeded' }) }], isError: true };
-      }
-      await PriceRegistry.getInstance().seedDefaults();
-      const price = await PriceRegistry.getInstance().getPrice('backtest_validate');
-      if (!price) {
-        return { content: [{ type: 'text', text: JSON.stringify({ error: 'price_unavailable' }) }], isError: true };
-      }
-      let payment;
-      try {
-        payment = await executeX402Payment({ price, currency: 'USDC', toolName: 'backtest_validate', walletAddress: args.wallet_address });
-      } catch (err) {
-        audit.warn('backtest_validate_payment_fail', { error: String(err) });
-        return { content: [{ type: 'text', text: JSON.stringify({ error: 'payment_failed', message: String(err) }) }], isError: true };
-      }
-      try {
-        const result = await BacktestAPI.walkForward({
-          ticker: args.ticker,
-          lookback_days: args.lookback_days,
-          train_ratio: args.train_ratio,
-          fees: args.fees,
-          slippage: args.slippage,
-        });
-        audit.info('backtest_validate_success', { ticker: args.ticker });
-        return {
-          content: [{
-            type: 'text',
-            text: JSON.stringify({
-              ...(result as object),
-              _meta: { receipt_id: payment.receiptId, tx_hash: payment.txHash, chain: payment.chain, amount_paid: `${payment.amountPaid} ${payment.currency}` },
-            }),
-          }],
-        };
-      } catch (err) {
-        audit.warn('backtest_validate_fail', { error: String(err) });
-        return { content: [{ type: 'text', text: JSON.stringify({ error: String(err) }) }], isError: true };
-      }
-    },
-  );
-}