@shroud-fi/mcp-server 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +130 -0
- package/dist/cjs/auth.d.ts +41 -0
- package/dist/cjs/auth.d.ts.map +1 -0
- package/dist/cjs/auth.js +103 -0
- package/dist/cjs/auth.js.map +1 -0
- package/dist/cjs/bin/http.d.ts +7 -0
- package/dist/cjs/bin/http.d.ts.map +1 -0
- package/dist/cjs/bin/http.js +24 -0
- package/dist/cjs/bin/http.js.map +1 -0
- package/dist/cjs/bin/stdio.d.ts +9 -0
- package/dist/cjs/bin/stdio.d.ts.map +1 -0
- package/dist/cjs/bin/stdio.js +15 -0
- package/dist/cjs/bin/stdio.js.map +1 -0
- package/dist/cjs/config.d.ts +22 -0
- package/dist/cjs/config.d.ts.map +1 -0
- package/dist/cjs/config.js +180 -0
- package/dist/cjs/config.js.map +1 -0
- package/dist/cjs/constants.d.ts +29 -0
- package/dist/cjs/constants.d.ts.map +1 -0
- package/dist/cjs/constants.js +35 -0
- package/dist/cjs/constants.js.map +1 -0
- package/dist/cjs/errors.d.ts +43 -0
- package/dist/cjs/errors.d.ts.map +1 -0
- package/dist/cjs/errors.js +72 -0
- package/dist/cjs/errors.js.map +1 -0
- package/dist/cjs/http.d.ts +32 -0
- package/dist/cjs/http.d.ts.map +1 -0
- package/dist/cjs/http.js +180 -0
- package/dist/cjs/http.js.map +1 -0
- package/dist/cjs/index.d.ts +19 -0
- package/dist/cjs/index.d.ts.map +1 -0
- package/dist/cjs/index.js +40 -0
- package/dist/cjs/index.js.map +1 -0
- package/dist/cjs/package.json +1 -0
- package/dist/cjs/server.d.ts +14 -0
- package/dist/cjs/server.d.ts.map +1 -0
- package/dist/cjs/server.js +92 -0
- package/dist/cjs/server.js.map +1 -0
- package/dist/cjs/stdio.d.ts +9 -0
- package/dist/cjs/stdio.d.ts.map +1 -0
- package/dist/cjs/stdio.js +21 -0
- package/dist/cjs/stdio.js.map +1 -0
- package/dist/cjs/tools/balance.d.ts +9 -0
- package/dist/cjs/tools/balance.d.ts.map +1 -0
- package/dist/cjs/tools/balance.js +61 -0
- package/dist/cjs/tools/balance.js.map +1 -0
- package/dist/cjs/tools/index.d.ts +17 -0
- package/dist/cjs/tools/index.d.ts.map +1 -0
- package/dist/cjs/tools/index.js +40 -0
- package/dist/cjs/tools/index.js.map +1 -0
- package/dist/cjs/tools/receive.d.ts +13 -0
- package/dist/cjs/tools/receive.d.ts.map +1 -0
- package/dist/cjs/tools/receive.js +100 -0
- package/dist/cjs/tools/receive.js.map +1 -0
- package/dist/cjs/tools/register.d.ts +9 -0
- package/dist/cjs/tools/register.d.ts.map +1 -0
- package/dist/cjs/tools/register.js +36 -0
- package/dist/cjs/tools/register.js.map +1 -0
- package/dist/cjs/tools/schema.d.ts +18 -0
- package/dist/cjs/tools/schema.d.ts.map +1 -0
- package/dist/cjs/tools/schema.js +25 -0
- package/dist/cjs/tools/schema.js.map +1 -0
- package/dist/cjs/tools/send-to-wallet.d.ts +9 -0
- package/dist/cjs/tools/send-to-wallet.d.ts.map +1 -0
- package/dist/cjs/tools/send-to-wallet.js +60 -0
- package/dist/cjs/tools/send-to-wallet.js.map +1 -0
- package/dist/cjs/tools/send.d.ts +9 -0
- package/dist/cjs/tools/send.d.ts.map +1 -0
- package/dist/cjs/tools/send.js +68 -0
- package/dist/cjs/tools/send.js.map +1 -0
- package/dist/cjs/tools/status.d.ts +6 -0
- package/dist/cjs/tools/status.d.ts.map +1 -0
- package/dist/cjs/tools/status.js +39 -0
- package/dist/cjs/tools/status.js.map +1 -0
- package/dist/cjs/tools/sweep.d.ts +14 -0
- package/dist/cjs/tools/sweep.d.ts.map +1 -0
- package/dist/cjs/tools/sweep.js +119 -0
- package/dist/cjs/tools/sweep.js.map +1 -0
- package/dist/cjs/tools/x402-pay.d.ts +14 -0
- package/dist/cjs/tools/x402-pay.d.ts.map +1 -0
- package/dist/cjs/tools/x402-pay.js +78 -0
- package/dist/cjs/tools/x402-pay.js.map +1 -0
- package/dist/cjs/tools/x402-serve.d.ts +17 -0
- package/dist/cjs/tools/x402-serve.d.ts.map +1 -0
- package/dist/cjs/tools/x402-serve.js +133 -0
- package/dist/cjs/tools/x402-serve.js.map +1 -0
- package/dist/cjs/types.d.ts +66 -0
- package/dist/cjs/types.d.ts.map +1 -0
- package/dist/cjs/types.js +6 -0
- package/dist/cjs/types.js.map +1 -0
- package/dist/esm/auth.d.ts +41 -0
- package/dist/esm/auth.d.ts.map +1 -0
- package/dist/esm/auth.js +99 -0
- package/dist/esm/auth.js.map +1 -0
- package/dist/esm/bin/http.d.ts +7 -0
- package/dist/esm/bin/http.d.ts.map +1 -0
- package/dist/esm/bin/http.js +22 -0
- package/dist/esm/bin/http.js.map +1 -0
- package/dist/esm/bin/stdio.d.ts +9 -0
- package/dist/esm/bin/stdio.d.ts.map +1 -0
- package/dist/esm/bin/stdio.js +13 -0
- package/dist/esm/bin/stdio.js.map +1 -0
- package/dist/esm/config.d.ts +22 -0
- package/dist/esm/config.d.ts.map +1 -0
- package/dist/esm/config.js +175 -0
- package/dist/esm/config.js.map +1 -0
- package/dist/esm/constants.d.ts +29 -0
- package/dist/esm/constants.d.ts.map +1 -0
- package/dist/esm/constants.js +32 -0
- package/dist/esm/constants.js.map +1 -0
- package/dist/esm/errors.d.ts +43 -0
- package/dist/esm/errors.d.ts.map +1 -0
- package/dist/esm/errors.js +61 -0
- package/dist/esm/errors.js.map +1 -0
- package/dist/esm/http.d.ts +32 -0
- package/dist/esm/http.d.ts.map +1 -0
- package/dist/esm/http.js +177 -0
- package/dist/esm/http.js.map +1 -0
- package/dist/esm/index.d.ts +19 -0
- package/dist/esm/index.d.ts.map +1 -0
- package/dist/esm/index.js +18 -0
- package/dist/esm/index.js.map +1 -0
- package/dist/esm/server.d.ts +14 -0
- package/dist/esm/server.d.ts.map +1 -0
- package/dist/esm/server.js +89 -0
- package/dist/esm/server.js.map +1 -0
- package/dist/esm/stdio.d.ts +9 -0
- package/dist/esm/stdio.d.ts.map +1 -0
- package/dist/esm/stdio.js +18 -0
- package/dist/esm/stdio.js.map +1 -0
- package/dist/esm/tools/balance.d.ts +9 -0
- package/dist/esm/tools/balance.d.ts.map +1 -0
- package/dist/esm/tools/balance.js +58 -0
- package/dist/esm/tools/balance.js.map +1 -0
- package/dist/esm/tools/index.d.ts +17 -0
- package/dist/esm/tools/index.d.ts.map +1 -0
- package/dist/esm/tools/index.js +28 -0
- package/dist/esm/tools/index.js.map +1 -0
- package/dist/esm/tools/receive.d.ts +13 -0
- package/dist/esm/tools/receive.d.ts.map +1 -0
- package/dist/esm/tools/receive.js +97 -0
- package/dist/esm/tools/receive.js.map +1 -0
- package/dist/esm/tools/register.d.ts +9 -0
- package/dist/esm/tools/register.d.ts.map +1 -0
- package/dist/esm/tools/register.js +33 -0
- package/dist/esm/tools/register.js.map +1 -0
- package/dist/esm/tools/schema.d.ts +18 -0
- package/dist/esm/tools/schema.d.ts.map +1 -0
- package/dist/esm/tools/schema.js +21 -0
- package/dist/esm/tools/schema.js.map +1 -0
- package/dist/esm/tools/send-to-wallet.d.ts +9 -0
- package/dist/esm/tools/send-to-wallet.d.ts.map +1 -0
- package/dist/esm/tools/send-to-wallet.js +57 -0
- package/dist/esm/tools/send-to-wallet.js.map +1 -0
- package/dist/esm/tools/send.d.ts +9 -0
- package/dist/esm/tools/send.d.ts.map +1 -0
- package/dist/esm/tools/send.js +65 -0
- package/dist/esm/tools/send.js.map +1 -0
- package/dist/esm/tools/status.d.ts +6 -0
- package/dist/esm/tools/status.d.ts.map +1 -0
- package/dist/esm/tools/status.js +36 -0
- package/dist/esm/tools/status.js.map +1 -0
- package/dist/esm/tools/sweep.d.ts +14 -0
- package/dist/esm/tools/sweep.d.ts.map +1 -0
- package/dist/esm/tools/sweep.js +116 -0
- package/dist/esm/tools/sweep.js.map +1 -0
- package/dist/esm/tools/x402-pay.d.ts +14 -0
- package/dist/esm/tools/x402-pay.d.ts.map +1 -0
- package/dist/esm/tools/x402-pay.js +75 -0
- package/dist/esm/tools/x402-pay.js.map +1 -0
- package/dist/esm/tools/x402-serve.d.ts +17 -0
- package/dist/esm/tools/x402-serve.d.ts.map +1 -0
- package/dist/esm/tools/x402-serve.js +130 -0
- package/dist/esm/tools/x402-serve.js.map +1 -0
- package/dist/esm/types.d.ts +66 -0
- package/dist/esm/types.d.ts.map +1 -0
- package/dist/esm/types.js +5 -0
- package/dist/esm/types.js.map +1 -0
- package/dist/tsconfig.cjs.tsbuildinfo +1 -0
- package/dist/tsconfig.esm.tsbuildinfo +1 -0
- package/dist/tsconfig.tsbuildinfo +1 -0
- package/package.json +81 -0
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
/**
|
|
3
|
+
* HTTP transport bin. Reads SHROUDFI_MCP_HTTP_PORT (default 7070) via the
|
|
4
|
+
* config module, boots the HTTP server, parks until SIGINT/SIGTERM.
|
|
5
|
+
*/
|
|
6
|
+
import { runHttpServer } from '../http.js';
|
|
7
|
+
import { readHttpPortFromEnv } from '../config.js';
|
|
8
|
+
const port = readHttpPortFromEnv();
|
|
9
|
+
runHttpServer({ port })
|
|
10
|
+
.then((handle) => {
|
|
11
|
+
process.stderr.write(`shroudfi-mcp-http listening on :${port}\n`);
|
|
12
|
+
const shutdown = () => {
|
|
13
|
+
void handle.close().then(() => process.exit(0));
|
|
14
|
+
};
|
|
15
|
+
process.on('SIGINT', shutdown);
|
|
16
|
+
process.on('SIGTERM', shutdown);
|
|
17
|
+
})
|
|
18
|
+
.catch((err) => {
|
|
19
|
+
process.stderr.write(`shroudfi-mcp-http failed: ${err.code ?? 'unknown'}\n`);
|
|
20
|
+
process.exitCode = 1;
|
|
21
|
+
});
|
|
22
|
+
//# sourceMappingURL=http.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"http.js","sourceRoot":"","sources":["../../../src/bin/http.ts"],"names":[],"mappings":";AACA;;;GAGG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAC3C,OAAO,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAC;AAEnD,MAAM,IAAI,GAAG,mBAAmB,EAAE,CAAC;AAEnC,aAAa,CAAC,EAAE,IAAI,EAAE,CAAC;KACpB,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE;IACf,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,mCAAmC,IAAI,IAAI,CAAC,CAAC;IAClE,MAAM,QAAQ,GAAG,GAAS,EAAE;QAC1B,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;IAClD,CAAC,CAAC;IACF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/B,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;AAClC,CAAC,CAAC;KACD,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE;IACtB,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,6BAA8B,GAAyB,CAAC,IAAI,IAAI,SAAS,IAAI,CAC9E,CAAC;IACF,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;AACvB,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
/**
|
|
3
|
+
* Stdio bin — invoked by MCP clients via `.mcp.json` `command` field.
|
|
4
|
+
*
|
|
5
|
+
* Errors go to stderr only — stdout is reserved for the JSON-RPC framed
|
|
6
|
+
* MCP protocol stream. Any stdout pollution corrupts the client.
|
|
7
|
+
*/
|
|
8
|
+
export {};
|
|
9
|
+
//# sourceMappingURL=stdio.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"stdio.d.ts","sourceRoot":"","sources":["../../../src/bin/stdio.ts"],"names":[],"mappings":";AACA;;;;;GAKG"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
/**
|
|
3
|
+
* Stdio bin — invoked by MCP clients via `.mcp.json` `command` field.
|
|
4
|
+
*
|
|
5
|
+
* Errors go to stderr only — stdout is reserved for the JSON-RPC framed
|
|
6
|
+
* MCP protocol stream. Any stdout pollution corrupts the client.
|
|
7
|
+
*/
|
|
8
|
+
import { runStdioServer } from '../stdio.js';
|
|
9
|
+
runStdioServer().catch((err) => {
|
|
10
|
+
process.stderr.write(`shroudfi-mcp stdio failed: ${err.code ?? 'unknown'}\n`);
|
|
11
|
+
process.exitCode = 1;
|
|
12
|
+
});
|
|
13
|
+
//# sourceMappingURL=stdio.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"stdio.js","sourceRoot":"","sources":["../../../src/bin/stdio.ts"],"names":[],"mappings":";AACA;;;;;GAKG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAE7C,cAAc,EAAE,CAAC,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE;IACtC,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,8BAA+B,GAAyB,CAAC,IAAI,IAAI,SAAS,IAAI,CAC/E,CAAC;IACF,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;AACvB,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Resolve operator config from env (or explicit args) into a runtime context.
|
|
3
|
+
*
|
|
4
|
+
* Env reads concentrated here per verify-privacy R5. Allowed to use process.env.
|
|
5
|
+
*/
|
|
6
|
+
import type { McpServerBootstrapConfig, McpServerContext } from './types.js';
|
|
7
|
+
/**
|
|
8
|
+
* Read the HTTP port the operator wants the MCP server to listen on. Defaults
|
|
9
|
+
* to 7070. Strict integer between 1 and 65535.
|
|
10
|
+
*/
|
|
11
|
+
export declare function readHttpPortFromEnv(defaultPort?: number): number;
|
|
12
|
+
/**
|
|
13
|
+
* Resolve env into a fully-formed bootstrap config.
|
|
14
|
+
*/
|
|
15
|
+
export declare function loadBootstrapConfigFromEnv(): McpServerBootstrapConfig;
|
|
16
|
+
/**
|
|
17
|
+
* Build a McpServerContext from a resolved bootstrap config.
|
|
18
|
+
*
|
|
19
|
+
* Throws McpConfigError if the chain is unknown to @shroud-fi/transport.
|
|
20
|
+
*/
|
|
21
|
+
export declare function buildContextFromConfig(config: McpServerBootstrapConfig): McpServerContext;
|
|
22
|
+
//# sourceMappingURL=config.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/config.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAoBH,OAAO,KAAK,EACV,wBAAwB,EACxB,gBAAgB,EACjB,MAAM,YAAY,CAAC;AA2FpB;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,WAAW,SAAO,GAAG,MAAM,CAQ9D;AAED;;GAEG;AACH,wBAAgB,0BAA0B,IAAI,wBAAwB,CAkBrE;AAED;;;;GAIG;AACH,wBAAgB,sBAAsB,CACpC,MAAM,EAAE,wBAAwB,GAC/B,gBAAgB,CAmClB"}
|
|
@@ -0,0 +1,175 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Resolve operator config from env (or explicit args) into a runtime context.
|
|
3
|
+
*
|
|
4
|
+
* Env reads concentrated here per verify-privacy R5. Allowed to use process.env.
|
|
5
|
+
*/
|
|
6
|
+
import { readFileSync } from 'node:fs';
|
|
7
|
+
import { hexToBytes, isHex } from 'viem';
|
|
8
|
+
import { createTransport, getShroudFiStealth } from '@shroud-fi/transport';
|
|
9
|
+
import { createShroudAgent } from '@shroud-fi/agent-runtime';
|
|
10
|
+
import { DEFAULT_RPC_URL_BY_CHAIN, ENV_CHAIN, ENV_HTTP_ALLOWED_WALLETS, ENV_HTTP_PORT, ENV_MASTER_SEED, ENV_MASTER_SEED_FILE, ENV_PRIVATE_KEY, ENV_PRIVATE_KEY_FILE, ENV_RPC_URL, ENV_START_BLOCK, } from './constants.js';
|
|
11
|
+
import { McpConfigError } from './errors.js';
|
|
12
|
+
function readChain() {
|
|
13
|
+
const v = process.env[ENV_CHAIN];
|
|
14
|
+
if (v === undefined || v === '')
|
|
15
|
+
return 8453;
|
|
16
|
+
if (v === 'base' || v === 'mainnet' || v === '8453')
|
|
17
|
+
return 8453;
|
|
18
|
+
if (v === 'sepolia' || v === 'base-sepolia' || v === '84532')
|
|
19
|
+
return 84532;
|
|
20
|
+
throw new McpConfigError('Unknown chain — set SHROUDFI_CHAIN to base|sepolia');
|
|
21
|
+
}
|
|
22
|
+
function readPrivateKey() {
|
|
23
|
+
const inline = process.env[ENV_PRIVATE_KEY];
|
|
24
|
+
if (typeof inline === 'string' && inline.length > 0) {
|
|
25
|
+
if (!isHex(inline) || inline.length !== 66) {
|
|
26
|
+
throw new McpConfigError('SHROUDFI_PRIVATE_KEY is not a 0x… 32-byte hex');
|
|
27
|
+
}
|
|
28
|
+
return inline;
|
|
29
|
+
}
|
|
30
|
+
const file = process.env[ENV_PRIVATE_KEY_FILE];
|
|
31
|
+
if (typeof file === 'string' && file.length > 0) {
|
|
32
|
+
let raw;
|
|
33
|
+
try {
|
|
34
|
+
raw = readFileSync(file, 'utf-8').trim();
|
|
35
|
+
}
|
|
36
|
+
catch {
|
|
37
|
+
throw new McpConfigError('SHROUDFI_PRIVATE_KEY_FILE could not be read');
|
|
38
|
+
}
|
|
39
|
+
if (!isHex(raw) || raw.length !== 66) {
|
|
40
|
+
throw new McpConfigError('Private key file contents are not a 0x… 32-byte hex');
|
|
41
|
+
}
|
|
42
|
+
return raw;
|
|
43
|
+
}
|
|
44
|
+
return undefined;
|
|
45
|
+
}
|
|
46
|
+
/**
|
|
47
|
+
* Resolve the optional 32-byte master seed from env. Accepts either an inline
|
|
48
|
+
* 0x… hex string or a path to a file containing one (same shape as the
|
|
49
|
+
* private-key resolution). Returns `undefined` when neither is set so callers
|
|
50
|
+
* can fall back to per-process random seeds.
|
|
51
|
+
*/
|
|
52
|
+
function readMasterSeed() {
|
|
53
|
+
const inline = process.env[ENV_MASTER_SEED];
|
|
54
|
+
if (typeof inline === 'string' && inline.length > 0) {
|
|
55
|
+
if (!isHex(inline) || inline.length !== 66) {
|
|
56
|
+
throw new McpConfigError('SHROUDFI_MASTER_SEED is not a 0x… 32-byte hex');
|
|
57
|
+
}
|
|
58
|
+
return hexToBytes(inline);
|
|
59
|
+
}
|
|
60
|
+
const file = process.env[ENV_MASTER_SEED_FILE];
|
|
61
|
+
if (typeof file === 'string' && file.length > 0) {
|
|
62
|
+
let raw;
|
|
63
|
+
try {
|
|
64
|
+
raw = readFileSync(file, 'utf-8').trim();
|
|
65
|
+
}
|
|
66
|
+
catch {
|
|
67
|
+
throw new McpConfigError('SHROUDFI_MASTER_SEED_FILE could not be read');
|
|
68
|
+
}
|
|
69
|
+
if (!isHex(raw) || raw.length !== 66) {
|
|
70
|
+
throw new McpConfigError('Master seed file contents are not a 0x… 32-byte hex');
|
|
71
|
+
}
|
|
72
|
+
return hexToBytes(raw);
|
|
73
|
+
}
|
|
74
|
+
return undefined;
|
|
75
|
+
}
|
|
76
|
+
function readStartBlock() {
|
|
77
|
+
const v = process.env[ENV_START_BLOCK];
|
|
78
|
+
if (v === undefined || v === '')
|
|
79
|
+
return 0n;
|
|
80
|
+
try {
|
|
81
|
+
return BigInt(v);
|
|
82
|
+
}
|
|
83
|
+
catch {
|
|
84
|
+
throw new McpConfigError('SHROUDFI_START_BLOCK must be a non-negative integer');
|
|
85
|
+
}
|
|
86
|
+
}
|
|
87
|
+
function readHttpAllowedWallets() {
|
|
88
|
+
const v = process.env[ENV_HTTP_ALLOWED_WALLETS];
|
|
89
|
+
if (v === undefined || v === '')
|
|
90
|
+
return new Set();
|
|
91
|
+
const out = new Set();
|
|
92
|
+
for (const piece of v.split(',')) {
|
|
93
|
+
const trimmed = piece.trim().toLowerCase();
|
|
94
|
+
if (trimmed.length === 0)
|
|
95
|
+
continue;
|
|
96
|
+
if (!isHex(trimmed) || trimmed.length !== 42) {
|
|
97
|
+
throw new McpConfigError('SHROUDFI_MCP_HTTP_ALLOWED_WALLETS contains a non-address entry');
|
|
98
|
+
}
|
|
99
|
+
out.add(trimmed);
|
|
100
|
+
}
|
|
101
|
+
return out;
|
|
102
|
+
}
|
|
103
|
+
/**
|
|
104
|
+
* Read the HTTP port the operator wants the MCP server to listen on. Defaults
|
|
105
|
+
* to 7070. Strict integer between 1 and 65535.
|
|
106
|
+
*/
|
|
107
|
+
export function readHttpPortFromEnv(defaultPort = 7070) {
|
|
108
|
+
const raw = process.env[ENV_HTTP_PORT];
|
|
109
|
+
if (raw === undefined || raw.length === 0)
|
|
110
|
+
return defaultPort;
|
|
111
|
+
const port = Number(raw);
|
|
112
|
+
if (!Number.isInteger(port) || port < 1 || port > 65_535) {
|
|
113
|
+
throw new McpConfigError('SHROUDFI_MCP_HTTP_PORT must be 1..65535');
|
|
114
|
+
}
|
|
115
|
+
return port;
|
|
116
|
+
}
|
|
117
|
+
/**
|
|
118
|
+
* Resolve env into a fully-formed bootstrap config.
|
|
119
|
+
*/
|
|
120
|
+
export function loadBootstrapConfigFromEnv() {
|
|
121
|
+
const chainId = readChain();
|
|
122
|
+
const rpcOverride = process.env[ENV_RPC_URL];
|
|
123
|
+
const rpcUrl = rpcOverride !== undefined && rpcOverride.length > 0
|
|
124
|
+
? rpcOverride
|
|
125
|
+
: DEFAULT_RPC_URL_BY_CHAIN[chainId];
|
|
126
|
+
if (rpcUrl === undefined) {
|
|
127
|
+
throw new McpConfigError('No RPC URL resolved for the requested chain');
|
|
128
|
+
}
|
|
129
|
+
return {
|
|
130
|
+
chainId,
|
|
131
|
+
rpcUrl,
|
|
132
|
+
privateKey: readPrivateKey(),
|
|
133
|
+
startBlock: readStartBlock(),
|
|
134
|
+
masterSeed: readMasterSeed(),
|
|
135
|
+
httpAllowedWallets: readHttpAllowedWallets(),
|
|
136
|
+
};
|
|
137
|
+
}
|
|
138
|
+
/**
|
|
139
|
+
* Build a McpServerContext from a resolved bootstrap config.
|
|
140
|
+
*
|
|
141
|
+
* Throws McpConfigError if the chain is unknown to @shroud-fi/transport.
|
|
142
|
+
*/
|
|
143
|
+
export function buildContextFromConfig(config) {
|
|
144
|
+
const chainName = config.chainId === 8453 ? 'base' : 'baseSepolia';
|
|
145
|
+
const transport = createTransport({
|
|
146
|
+
chain: chainName,
|
|
147
|
+
rpcUrl: config.rpcUrl,
|
|
148
|
+
...(config.privateKey !== undefined
|
|
149
|
+
? { privateKey: config.privateKey }
|
|
150
|
+
: {}),
|
|
151
|
+
});
|
|
152
|
+
// Will throw UnknownChainError if no manifest entry — surface as config error.
|
|
153
|
+
let stealthContract;
|
|
154
|
+
try {
|
|
155
|
+
stealthContract = getShroudFiStealth(config.chainId);
|
|
156
|
+
}
|
|
157
|
+
catch {
|
|
158
|
+
throw new McpConfigError('No ShroudFiStealth deployment for the chain');
|
|
159
|
+
}
|
|
160
|
+
const agent = createShroudAgent({
|
|
161
|
+
transport,
|
|
162
|
+
startBlock: config.startBlock,
|
|
163
|
+
stealthContract,
|
|
164
|
+
autoRegister: true,
|
|
165
|
+
...(config.masterSeed !== undefined ? { masterSeed: config.masterSeed } : {}),
|
|
166
|
+
});
|
|
167
|
+
const walletAddress = transport.walletClient?.account?.address;
|
|
168
|
+
return {
|
|
169
|
+
agent,
|
|
170
|
+
transport,
|
|
171
|
+
chainId: config.chainId,
|
|
172
|
+
walletAddress,
|
|
173
|
+
};
|
|
174
|
+
}
|
|
175
|
+
//# sourceMappingURL=config.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/config.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAEvC,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,MAAM,CAAC;AACzC,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC3E,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EACL,wBAAwB,EACxB,SAAS,EACT,wBAAwB,EACxB,aAAa,EACb,eAAe,EACf,oBAAoB,EACpB,eAAe,EACf,oBAAoB,EACpB,WAAW,EACX,eAAe,GAChB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAM7C,SAAS,SAAS;IAChB,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACjC,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,KAAK,EAAE;QAAE,OAAO,IAAI,CAAC;IAC7C,IAAI,CAAC,KAAK,MAAM,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,KAAK,MAAM;QAAE,OAAO,IAAI,CAAC;IACjE,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,KAAK,cAAc,IAAI,CAAC,KAAK,OAAO;QAAE,OAAO,KAAK,CAAC;IAC3E,MAAM,IAAI,cAAc,CAAC,oDAAoD,CAAC,CAAC;AACjF,CAAC;AAED,SAAS,cAAc;IACrB,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IAC5C,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpD,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YAC3C,MAAM,IAAI,cAAc,CAAC,+CAA+C,CAAC,CAAC;QAC5E,CAAC;QACD,OAAO,MAAa,CAAC;IACvB,CAAC;IACD,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAC/C,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChD,IAAI,GAAW,CAAC;QAChB,IAAI,CAAC;YACH,GAAG,GAAG,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;QAC3C,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,cAAc,CAAC,6CAA6C,CAAC,CAAC;QAC1E,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YACrC,MAAM,IAAI,cAAc,CAAC,qDAAqD,CAAC,CAAC;QAClF,CAAC;QACD,OAAO,GAAU,CAAC;IACpB,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;;;;GAKG;AACH,SAAS,cAAc;IACrB,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IAC5C,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpD,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YAC3C,MAAM,IAAI,cAAc,CAAC,+CAA+C,CAAC,CAAC;QAC5E,CAAC;QACD,OAAO,UAAU,CAAC,MAAa,CAAC,CAAC;IACnC,CAAC;IACD,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAC/C,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChD,IAAI,GAAW,CAAC;QAChB,IAAI,CAAC;YACH,GAAG,GAAG,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;QAC3C,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,cAAc,CAAC,6CAA6C,CAAC,CAAC;QAC1E,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YACrC,MAAM,IAAI,cAAc,CAAC,qDAAqD,CAAC,CAAC;QAClF,CAAC;QACD,OAAO,UAAU,CAAC,GAAU,CAAC,CAAC;IAChC,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,cAAc;IACrB,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IACvC,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,KAAK,EAAE;QAAE,OAAO,EAAE,CAAC;IAC3C,IAAI,CAAC;QACH,OAAO,MAAM,CAAC,CAAC,CAAC,CAAC;IACnB,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,cAAc,CAAC,qDAAqD,CAAC,CAAC;IAClF,CAAC;AACH,CAAC;AAED,SAAS,sBAAsB;IAC7B,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;IAChD,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,KAAK,EAAE;QAAE,OAAO,IAAI,GAAG,EAAE,CAAC;IAClD,MAAM,GAAG,GAAG,IAAI,GAAG,EAAiB,CAAC;IACrC,KAAK,MAAM,KAAK,IAAI,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QACjC,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAC3C,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QACnC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YAC7C,MAAM,IAAI,cAAc,CACtB,gEAAgE,CACjE,CAAC;QACJ,CAAC;QACD,GAAG,CAAC,GAAG,CAAC,OAAwB,CAAC,CAAC;IACpC,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CAAC,WAAW,GAAG,IAAI;IACpD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IACvC,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,WAAW,CAAC;IAC9D,MAAM,IAAI,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;IACzB,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,IAAI,GAAG,MAAM,EAAE,CAAC;QACzD,MAAM,IAAI,cAAc,CAAC,yCAAyC,CAAC,CAAC;IACtE,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,0BAA0B;IACxC,MAAM,OAAO,GAAG,SAAS,EAAE,CAAC;IAC5B,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IAC7C,MAAM,MAAM,GACV,WAAW,KAAK,SAAS,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC;QACjD,CAAC,CAAC,WAAW;QACb,CAAC,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAC;IACxC,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QACzB,MAAM,IAAI,cAAc,CAAC,6CAA6C,CAAC,CAAC;IAC1E,CAAC;IACD,OAAO;QACL,OAAO;QACP,MAAM;QACN,UAAU,EAAE,cAAc,EAAE;QAC5B,UAAU,EAAE,cAAc,EAAE;QAC5B,UAAU,EAAE,cAAc,EAAE;QAC5B,kBAAkB,EAAE,sBAAsB,EAAE;KAC7C,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,sBAAsB,CACpC,MAAgC;IAEhC,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,KAAK,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,aAAa,CAAC;IAEnE,MAAM,SAAS,GAAG,eAAe,CAAC;QAChC,KAAK,EAAE,SAAmC;QAC1C,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,GAAG,CAAC,MAAM,CAAC,UAAU,KAAK,SAAS;YACjC,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,CAAC,UAAU,EAAE;YACnC,CAAC,CAAC,EAAE,CAAC;KACR,CAAC,CAAC;IAEH,+EAA+E;IAC/E,IAAI,eAA8B,CAAC;IACnC,IAAI,CAAC;QACH,eAAe,GAAG,kBAAkB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACvD,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,cAAc,CAAC,6CAA6C,CAAC,CAAC;IAC1E,CAAC;IAED,MAAM,KAAK,GAAG,iBAAiB,CAAC;QAC9B,SAAS;QACT,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,eAAe;QACf,YAAY,EAAE,IAAI;QAClB,GAAG,CAAC,MAAM,CAAC,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC9E,CAAC,CAAC;IAEH,MAAM,aAAa,GAAG,SAAS,CAAC,YAAY,EAAE,OAAO,EAAE,OAAO,CAAC;IAE/D,OAAO;QACL,KAAK;QACL,SAAS;QACT,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,aAAa;KACd,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Static constants. All env reads live here per verify-privacy R5.
|
|
3
|
+
*/
|
|
4
|
+
export declare const SHROUDFI_MCP_SERVER_NAME: "shroudfi-mcp";
|
|
5
|
+
export declare const SHROUDFI_MCP_SERVER_VERSION: "0.0.1";
|
|
6
|
+
/** EIP-191 challenge TTL — short window so a replayed challenge dies fast. */
|
|
7
|
+
export declare const EIP191_CHALLENGE_TTL_MS: number;
|
|
8
|
+
/** Default RPC URLs by chain id. Operator override via SHROUDFI_RPC_URL. */
|
|
9
|
+
export declare const DEFAULT_RPC_URL_BY_CHAIN: Record<number, string>;
|
|
10
|
+
/** Env knobs the bootstrap surface reads. */
|
|
11
|
+
export declare const ENV_PRIVATE_KEY: "SHROUDFI_PRIVATE_KEY";
|
|
12
|
+
export declare const ENV_PRIVATE_KEY_FILE: "SHROUDFI_PRIVATE_KEY_FILE";
|
|
13
|
+
export declare const ENV_RPC_URL: "SHROUDFI_RPC_URL";
|
|
14
|
+
export declare const ENV_CHAIN: "SHROUDFI_CHAIN";
|
|
15
|
+
export declare const ENV_START_BLOCK: "SHROUDFI_START_BLOCK";
|
|
16
|
+
export declare const ENV_HTTP_PORT: "SHROUDFI_MCP_HTTP_PORT";
|
|
17
|
+
export declare const ENV_HTTP_ALLOWED_WALLETS: "SHROUDFI_MCP_HTTP_ALLOWED_WALLETS";
|
|
18
|
+
/**
|
|
19
|
+
* Deterministic 32-byte master seed (0x… 64 hex chars). When set, every
|
|
20
|
+
* boot of the MCP server, REST API, or any other surface using
|
|
21
|
+
* `loadBootstrapConfigFromEnv` resolves the SAME stealth meta-address for
|
|
22
|
+
* the same operator EOA. When unset, a fresh random seed is generated per
|
|
23
|
+
* process — fine for local testing, BAD for production multi-surface
|
|
24
|
+
* deployments (caller's main wallet ↔ stealth meta-address binding would
|
|
25
|
+
* desync between MCP, REST, and UI processes).
|
|
26
|
+
*/
|
|
27
|
+
export declare const ENV_MASTER_SEED: "SHROUDFI_MASTER_SEED";
|
|
28
|
+
export declare const ENV_MASTER_SEED_FILE: "SHROUDFI_MASTER_SEED_FILE";
|
|
29
|
+
//# sourceMappingURL=constants.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,eAAO,MAAM,wBAAwB,EAAG,cAAuB,CAAC;AAChE,eAAO,MAAM,2BAA2B,EAAG,OAAgB,CAAC;AAE5D,8EAA8E;AAC9E,eAAO,MAAM,uBAAuB,QAAgB,CAAC;AAErD,4EAA4E;AAC5E,eAAO,MAAM,wBAAwB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAG3D,CAAC;AAEF,6CAA6C;AAC7C,eAAO,MAAM,eAAe,EAAG,sBAA+B,CAAC;AAC/D,eAAO,MAAM,oBAAoB,EAAG,2BAAoC,CAAC;AACzE,eAAO,MAAM,WAAW,EAAG,kBAA2B,CAAC;AACvD,eAAO,MAAM,SAAS,EAAG,gBAAyB,CAAC;AACnD,eAAO,MAAM,eAAe,EAAG,sBAA+B,CAAC;AAC/D,eAAO,MAAM,aAAa,EAAG,wBAAiC,CAAC;AAC/D,eAAO,MAAM,wBAAwB,EAAG,mCAA4C,CAAC;AACrF;;;;;;;;GAQG;AACH,eAAO,MAAM,eAAe,EAAG,sBAA+B,CAAC;AAC/D,eAAO,MAAM,oBAAoB,EAAG,2BAAoC,CAAC"}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Static constants. All env reads live here per verify-privacy R5.
|
|
3
|
+
*/
|
|
4
|
+
export const SHROUDFI_MCP_SERVER_NAME = 'shroudfi-mcp';
|
|
5
|
+
export const SHROUDFI_MCP_SERVER_VERSION = '0.0.1';
|
|
6
|
+
/** EIP-191 challenge TTL — short window so a replayed challenge dies fast. */
|
|
7
|
+
export const EIP191_CHALLENGE_TTL_MS = 5 * 60 * 1000;
|
|
8
|
+
/** Default RPC URLs by chain id. Operator override via SHROUDFI_RPC_URL. */
|
|
9
|
+
export const DEFAULT_RPC_URL_BY_CHAIN = {
|
|
10
|
+
8453: 'https://mainnet.base.org',
|
|
11
|
+
84532: 'https://sepolia.base.org',
|
|
12
|
+
};
|
|
13
|
+
/** Env knobs the bootstrap surface reads. */
|
|
14
|
+
export const ENV_PRIVATE_KEY = 'SHROUDFI_PRIVATE_KEY';
|
|
15
|
+
export const ENV_PRIVATE_KEY_FILE = 'SHROUDFI_PRIVATE_KEY_FILE';
|
|
16
|
+
export const ENV_RPC_URL = 'SHROUDFI_RPC_URL';
|
|
17
|
+
export const ENV_CHAIN = 'SHROUDFI_CHAIN';
|
|
18
|
+
export const ENV_START_BLOCK = 'SHROUDFI_START_BLOCK';
|
|
19
|
+
export const ENV_HTTP_PORT = 'SHROUDFI_MCP_HTTP_PORT';
|
|
20
|
+
export const ENV_HTTP_ALLOWED_WALLETS = 'SHROUDFI_MCP_HTTP_ALLOWED_WALLETS';
|
|
21
|
+
/**
|
|
22
|
+
* Deterministic 32-byte master seed (0x… 64 hex chars). When set, every
|
|
23
|
+
* boot of the MCP server, REST API, or any other surface using
|
|
24
|
+
* `loadBootstrapConfigFromEnv` resolves the SAME stealth meta-address for
|
|
25
|
+
* the same operator EOA. When unset, a fresh random seed is generated per
|
|
26
|
+
* process — fine for local testing, BAD for production multi-surface
|
|
27
|
+
* deployments (caller's main wallet ↔ stealth meta-address binding would
|
|
28
|
+
* desync between MCP, REST, and UI processes).
|
|
29
|
+
*/
|
|
30
|
+
export const ENV_MASTER_SEED = 'SHROUDFI_MASTER_SEED';
|
|
31
|
+
export const ENV_MASTER_SEED_FILE = 'SHROUDFI_MASTER_SEED_FILE';
|
|
32
|
+
//# sourceMappingURL=constants.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,CAAC,MAAM,wBAAwB,GAAG,cAAuB,CAAC;AAChE,MAAM,CAAC,MAAM,2BAA2B,GAAG,OAAgB,CAAC;AAE5D,8EAA8E;AAC9E,MAAM,CAAC,MAAM,uBAAuB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AAErD,4EAA4E;AAC5E,MAAM,CAAC,MAAM,wBAAwB,GAA2B;IAC9D,IAAI,EAAE,0BAA0B;IAChC,KAAK,EAAE,0BAA0B;CAClC,CAAC;AAEF,6CAA6C;AAC7C,MAAM,CAAC,MAAM,eAAe,GAAG,sBAA+B,CAAC;AAC/D,MAAM,CAAC,MAAM,oBAAoB,GAAG,2BAAoC,CAAC;AACzE,MAAM,CAAC,MAAM,WAAW,GAAG,kBAA2B,CAAC;AACvD,MAAM,CAAC,MAAM,SAAS,GAAG,gBAAyB,CAAC;AACnD,MAAM,CAAC,MAAM,eAAe,GAAG,sBAA+B,CAAC;AAC/D,MAAM,CAAC,MAAM,aAAa,GAAG,wBAAiC,CAAC;AAC/D,MAAM,CAAC,MAAM,wBAAwB,GAAG,mCAA4C,CAAC;AACrF;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,sBAA+B,CAAC;AAC/D,MAAM,CAAC,MAAM,oBAAoB,GAAG,2BAAoC,CAAC"}
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Errors for @shroud-fi/mcp-server.
|
|
3
|
+
*
|
|
4
|
+
* Privacy invariants:
|
|
5
|
+
* - No private keys, signatures, or amounts in error messages.
|
|
6
|
+
* - No wallet addresses concatenated into `.message` strings — addresses
|
|
7
|
+
* are exposed on dedicated structured fields when needed.
|
|
8
|
+
*/
|
|
9
|
+
export declare class McpServerError extends Error {
|
|
10
|
+
readonly name: string;
|
|
11
|
+
readonly code: string;
|
|
12
|
+
constructor(message: string, code: string);
|
|
13
|
+
}
|
|
14
|
+
export declare class McpConfigError extends McpServerError {
|
|
15
|
+
readonly name = "McpConfigError";
|
|
16
|
+
constructor(message: string);
|
|
17
|
+
}
|
|
18
|
+
export declare class McpUnauthorizedError extends McpServerError {
|
|
19
|
+
readonly name = "McpUnauthorizedError";
|
|
20
|
+
constructor();
|
|
21
|
+
}
|
|
22
|
+
export declare class McpToolNotFoundError extends McpServerError {
|
|
23
|
+
readonly name = "McpToolNotFoundError";
|
|
24
|
+
constructor();
|
|
25
|
+
}
|
|
26
|
+
export declare class McpInvalidArgsError extends McpServerError {
|
|
27
|
+
readonly name = "McpInvalidArgsError";
|
|
28
|
+
constructor();
|
|
29
|
+
}
|
|
30
|
+
export declare class McpExecutionError extends McpServerError {
|
|
31
|
+
readonly name = "McpExecutionError";
|
|
32
|
+
readonly cause: unknown;
|
|
33
|
+
constructor(cause: unknown);
|
|
34
|
+
}
|
|
35
|
+
export declare class McpEip191ChallengeExpiredError extends McpServerError {
|
|
36
|
+
readonly name = "McpEip191ChallengeExpiredError";
|
|
37
|
+
constructor();
|
|
38
|
+
}
|
|
39
|
+
export declare class McpEip191SignatureInvalidError extends McpServerError {
|
|
40
|
+
readonly name = "McpEip191SignatureInvalidError";
|
|
41
|
+
constructor();
|
|
42
|
+
}
|
|
43
|
+
//# sourceMappingURL=errors.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/errors.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,qBAAa,cAAe,SAAQ,KAAK;IACvC,SAAkB,IAAI,EAAE,MAAM,CAAoB;IAClD,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;gBACV,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM;CAI1C;AAED,qBAAa,cAAe,SAAQ,cAAc;IAChD,SAAkB,IAAI,oBAAoB;gBAC9B,OAAO,EAAE,MAAM;CAG5B;AAED,qBAAa,oBAAqB,SAAQ,cAAc;IACtD,SAAkB,IAAI,0BAA0B;;CAIjD;AAED,qBAAa,oBAAqB,SAAQ,cAAc;IACtD,SAAkB,IAAI,0BAA0B;;CAIjD;AAED,qBAAa,mBAAoB,SAAQ,cAAc;IACrD,SAAkB,IAAI,yBAAyB;;CAIhD;AAED,qBAAa,iBAAkB,SAAQ,cAAc;IACnD,SAAkB,IAAI,uBAAuB;IAC7C,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC;gBACZ,KAAK,EAAE,OAAO;CAI3B;AAED,qBAAa,8BAA+B,SAAQ,cAAc;IAChE,SAAkB,IAAI,oCAAoC;;CAI3D;AAED,qBAAa,8BAA+B,SAAQ,cAAc;IAChE,SAAkB,IAAI,oCAAoC;;CAI3D"}
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Errors for @shroud-fi/mcp-server.
|
|
3
|
+
*
|
|
4
|
+
* Privacy invariants:
|
|
5
|
+
* - No private keys, signatures, or amounts in error messages.
|
|
6
|
+
* - No wallet addresses concatenated into `.message` strings — addresses
|
|
7
|
+
* are exposed on dedicated structured fields when needed.
|
|
8
|
+
*/
|
|
9
|
+
export class McpServerError extends Error {
|
|
10
|
+
name = 'McpServerError';
|
|
11
|
+
code;
|
|
12
|
+
constructor(message, code) {
|
|
13
|
+
super(message);
|
|
14
|
+
this.code = code;
|
|
15
|
+
}
|
|
16
|
+
}
|
|
17
|
+
export class McpConfigError extends McpServerError {
|
|
18
|
+
name = 'McpConfigError';
|
|
19
|
+
constructor(message) {
|
|
20
|
+
super(message, 'config_invalid');
|
|
21
|
+
}
|
|
22
|
+
}
|
|
23
|
+
export class McpUnauthorizedError extends McpServerError {
|
|
24
|
+
name = 'McpUnauthorizedError';
|
|
25
|
+
constructor() {
|
|
26
|
+
super('Unauthorized', 'unauthorized');
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
export class McpToolNotFoundError extends McpServerError {
|
|
30
|
+
name = 'McpToolNotFoundError';
|
|
31
|
+
constructor() {
|
|
32
|
+
super('Tool not found', 'tool_not_found');
|
|
33
|
+
}
|
|
34
|
+
}
|
|
35
|
+
export class McpInvalidArgsError extends McpServerError {
|
|
36
|
+
name = 'McpInvalidArgsError';
|
|
37
|
+
constructor() {
|
|
38
|
+
super('Invalid tool arguments', 'invalid_args');
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
export class McpExecutionError extends McpServerError {
|
|
42
|
+
name = 'McpExecutionError';
|
|
43
|
+
cause;
|
|
44
|
+
constructor(cause) {
|
|
45
|
+
super('Tool execution failed', 'execution_failed');
|
|
46
|
+
this.cause = cause;
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
export class McpEip191ChallengeExpiredError extends McpServerError {
|
|
50
|
+
name = 'McpEip191ChallengeExpiredError';
|
|
51
|
+
constructor() {
|
|
52
|
+
super('EIP-191 challenge expired', 'auth_challenge_expired');
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
export class McpEip191SignatureInvalidError extends McpServerError {
|
|
56
|
+
name = 'McpEip191SignatureInvalidError';
|
|
57
|
+
constructor() {
|
|
58
|
+
super('EIP-191 signature invalid', 'auth_signature_invalid');
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
//# sourceMappingURL=errors.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../src/errors.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,MAAM,OAAO,cAAe,SAAQ,KAAK;IACrB,IAAI,GAAW,gBAAgB,CAAC;IACzC,IAAI,CAAS;IACtB,YAAY,OAAe,EAAE,IAAY;QACvC,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;CACF;AAED,MAAM,OAAO,cAAe,SAAQ,cAAc;IAC9B,IAAI,GAAG,gBAAgB,CAAC;IAC1C,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;IACnC,CAAC;CACF;AAED,MAAM,OAAO,oBAAqB,SAAQ,cAAc;IACpC,IAAI,GAAG,sBAAsB,CAAC;IAChD;QACE,KAAK,CAAC,cAAc,EAAE,cAAc,CAAC,CAAC;IACxC,CAAC;CACF;AAED,MAAM,OAAO,oBAAqB,SAAQ,cAAc;IACpC,IAAI,GAAG,sBAAsB,CAAC;IAChD;QACE,KAAK,CAAC,gBAAgB,EAAE,gBAAgB,CAAC,CAAC;IAC5C,CAAC;CACF;AAED,MAAM,OAAO,mBAAoB,SAAQ,cAAc;IACnC,IAAI,GAAG,qBAAqB,CAAC;IAC/C;QACE,KAAK,CAAC,wBAAwB,EAAE,cAAc,CAAC,CAAC;IAClD,CAAC;CACF;AAED,MAAM,OAAO,iBAAkB,SAAQ,cAAc;IACjC,IAAI,GAAG,mBAAmB,CAAC;IACpC,KAAK,CAAU;IACxB,YAAY,KAAc;QACxB,KAAK,CAAC,uBAAuB,EAAE,kBAAkB,CAAC,CAAC;QACnD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;CACF;AAED,MAAM,OAAO,8BAA+B,SAAQ,cAAc;IAC9C,IAAI,GAAG,gCAAgC,CAAC;IAC1D;QACE,KAAK,CAAC,2BAA2B,EAAE,wBAAwB,CAAC,CAAC;IAC/D,CAAC;CACF;AAED,MAAM,OAAO,8BAA+B,SAAQ,cAAc;IAC9C,IAAI,GAAG,gCAAgC,CAAC;IAC1D;QACE,KAAK,CAAC,2BAA2B,EAAE,wBAAwB,CAAC,CAAC;IAC/D,CAAC;CACF"}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* HTTP transport for the MCP server.
|
|
3
|
+
*
|
|
4
|
+
* Uses node:http to stay zero-dep. Exposes three endpoints:
|
|
5
|
+
* POST /auth/challenge → mint EIP-191 challenge
|
|
6
|
+
* POST /mcp → JSON-RPC framed MCP body (auth-gated)
|
|
7
|
+
* GET /healthz → public liveness ping
|
|
8
|
+
*
|
|
9
|
+
* Auth rules:
|
|
10
|
+
* - /auth/challenge public (clients need a way to get a challenge)
|
|
11
|
+
* - /mcp requires X-Shroudfi-Wallet + X-Shroudfi-Nonce +
|
|
12
|
+
* X-Shroudfi-Signature headers. Signature is verified,
|
|
13
|
+
* consumed (single-use), allow-list checked.
|
|
14
|
+
* - /healthz public
|
|
15
|
+
*
|
|
16
|
+
* Privacy invariants:
|
|
17
|
+
* - Signatures never logged or echoed.
|
|
18
|
+
* - Errors are short tag strings; no body bytes, no key bytes.
|
|
19
|
+
* - Allow-list is enforced when SHROUDFI_MCP_HTTP_ALLOWED_WALLETS is set;
|
|
20
|
+
* when empty, ANY EIP-191 wallet may authenticate. Operators MUST set
|
|
21
|
+
* the allow-list in production.
|
|
22
|
+
*/
|
|
23
|
+
import type { McpServerBootstrapConfig } from './types.js';
|
|
24
|
+
interface RunHttpServerOptions {
|
|
25
|
+
readonly port: number;
|
|
26
|
+
readonly bootstrap?: McpServerBootstrapConfig;
|
|
27
|
+
}
|
|
28
|
+
export declare function runHttpServer(opts: RunHttpServerOptions): Promise<{
|
|
29
|
+
readonly close: () => Promise<void>;
|
|
30
|
+
}>;
|
|
31
|
+
export {};
|
|
32
|
+
//# sourceMappingURL=http.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"http.d.ts","sourceRoot":"","sources":["../../src/http.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AASH,OAAO,KAAK,EAAE,wBAAwB,EAAoB,MAAM,YAAY,CAAC;AAS7E,UAAU,oBAAoB;IAC5B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,SAAS,CAAC,EAAE,wBAAwB,CAAC;CAC/C;AAoGD,wBAAsB,aAAa,CAAC,IAAI,EAAE,oBAAoB,GAAG,OAAO,CAAC;IACvE,QAAQ,CAAC,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CACrC,CAAC,CA0BD"}
|