@socialproof/memory-mcp 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +189 -0
- package/dist/bin/memory-mcp.d.ts +2 -0
- package/dist/bin/memory-mcp.js +3 -0
- package/dist/cli.d.ts +2 -0
- package/dist/cli.js +61 -0
- package/dist/credentials.d.ts +21 -0
- package/dist/credentials.js +157 -0
- package/dist/errors.d.ts +26 -0
- package/dist/errors.js +57 -0
- package/dist/hosted.d.ts +15 -0
- package/dist/hosted.js +108 -0
- package/dist/index.d.ts +11 -0
- package/dist/index.js +20 -0
- package/dist/oauth.d.ts +25 -0
- package/dist/oauth.js +104 -0
- package/dist/provisioning.d.ts +19 -0
- package/dist/provisioning.js +70 -0
- package/dist/server.d.ts +3 -0
- package/dist/server.js +28 -0
- package/dist/signers.d.ts +119 -0
- package/dist/signers.js +323 -0
- package/dist/social-gateway.d.ts +195 -0
- package/dist/social-gateway.js +671 -0
- package/dist/tools.d.ts +29 -0
- package/dist/tools.js +1089 -0
- package/dist/version.d.ts +3 -0
- package/dist/version.js +12 -0
- package/package.json +42 -0
package/dist/signers.js
ADDED
|
@@ -0,0 +1,323 @@
|
|
|
1
|
+
import { createPrivateKey, createPublicKey, sign as nodeSign, } from "node:crypto";
|
|
2
|
+
import fs from "node:fs";
|
|
3
|
+
import os from "node:os";
|
|
4
|
+
import path from "node:path";
|
|
5
|
+
import { execFileSync } from "node:child_process";
|
|
6
|
+
import { Ed25519Keypair } from "@socialproof/myso/keypairs/ed25519";
|
|
7
|
+
import { McpRuntimeError } from "./errors.js";
|
|
8
|
+
export class KmsSessionAgentSigner {
|
|
9
|
+
policy;
|
|
10
|
+
provider;
|
|
11
|
+
authorizer;
|
|
12
|
+
kind = "kms-session";
|
|
13
|
+
keyId;
|
|
14
|
+
active = true;
|
|
15
|
+
constructor(policy, provider, authorizer) {
|
|
16
|
+
this.policy = policy;
|
|
17
|
+
this.provider = provider;
|
|
18
|
+
this.authorizer = authorizer;
|
|
19
|
+
if (!policy.sessionId.trim() || !policy.keyId.trim()) {
|
|
20
|
+
throw new McpRuntimeError("INVALID_CONFIGURATION", "KMS session and key identifiers are required.");
|
|
21
|
+
}
|
|
22
|
+
if (!/^0x[0-9a-fA-F]{1,64}$/.test(policy.expectedAddress)) {
|
|
23
|
+
throw new McpRuntimeError("INVALID_CONFIGURATION", "KMS session expectedAddress is invalid.");
|
|
24
|
+
}
|
|
25
|
+
this.keyId = policy.keyId;
|
|
26
|
+
}
|
|
27
|
+
async getPublicKey() {
|
|
28
|
+
await this.guard("http-auth");
|
|
29
|
+
const key = Uint8Array.from(await this.provider.getPublicKey(this.keyId));
|
|
30
|
+
if (key.byteLength !== 32) {
|
|
31
|
+
throw new McpRuntimeError("SIGNER_UNAVAILABLE", "KMS returned an invalid Ed25519 public key.");
|
|
32
|
+
}
|
|
33
|
+
return key;
|
|
34
|
+
}
|
|
35
|
+
async sign(message) {
|
|
36
|
+
await this.guard("http-auth");
|
|
37
|
+
const signature = Uint8Array.from(await this.provider.signEd25519(this.keyId, message.slice()));
|
|
38
|
+
if (signature.byteLength !== 64) {
|
|
39
|
+
throw new McpRuntimeError("SIGNER_UNAVAILABLE", "KMS returned an invalid Ed25519 signature.");
|
|
40
|
+
}
|
|
41
|
+
return signature;
|
|
42
|
+
}
|
|
43
|
+
async getMySoAddress() {
|
|
44
|
+
await this.guard("http-auth");
|
|
45
|
+
return this.policy.expectedAddress;
|
|
46
|
+
}
|
|
47
|
+
async signTransaction(transactionBytes) {
|
|
48
|
+
await this.guard("transaction");
|
|
49
|
+
const signature = await this.provider.signTransaction(this.keyId, transactionBytes.slice());
|
|
50
|
+
if (typeof signature !== "string" || !signature.trim()) {
|
|
51
|
+
throw new McpRuntimeError("SIGNER_UNAVAILABLE", "KMS returned an invalid transaction signature.");
|
|
52
|
+
}
|
|
53
|
+
return signature;
|
|
54
|
+
}
|
|
55
|
+
destroy() {
|
|
56
|
+
this.active = false;
|
|
57
|
+
}
|
|
58
|
+
async guard(operation) {
|
|
59
|
+
if (!this.active) {
|
|
60
|
+
throw new McpRuntimeError("SIGNER_UNAVAILABLE", "The KMS signing session has been destroyed.");
|
|
61
|
+
}
|
|
62
|
+
if (Date.now() >= this.policy.expiresAtMs) {
|
|
63
|
+
throw new McpRuntimeError("AUTHENTICATION_FAILED", "The KMS signing session expired.");
|
|
64
|
+
}
|
|
65
|
+
await this.authorizer.assertActive(this.policy, operation);
|
|
66
|
+
}
|
|
67
|
+
}
|
|
68
|
+
/** HTTP adapter for a private KMS/HSM signing service. No private key is returned. */
|
|
69
|
+
export class RemoteKmsSigningProvider {
|
|
70
|
+
options;
|
|
71
|
+
baseUrl;
|
|
72
|
+
fetchImpl;
|
|
73
|
+
constructor(options) {
|
|
74
|
+
this.options = options;
|
|
75
|
+
this.baseUrl = options.baseUrl.replace(/\/$/, "");
|
|
76
|
+
if (!this.baseUrl.startsWith("https://") && !this.baseUrl.startsWith("http://localhost")) {
|
|
77
|
+
throw new McpRuntimeError("INVALID_CONFIGURATION", "Remote KMS must use HTTPS.");
|
|
78
|
+
}
|
|
79
|
+
this.fetchImpl = options.fetch ?? globalThis.fetch;
|
|
80
|
+
}
|
|
81
|
+
async getPublicKey(keyId) {
|
|
82
|
+
const response = await this.request(`/v1/keys/${encodeURIComponent(keyId)}/public-key`, {});
|
|
83
|
+
return decodeBase64Field(response, "publicKey");
|
|
84
|
+
}
|
|
85
|
+
async signEd25519(keyId, message) {
|
|
86
|
+
const response = await this.request(`/v1/keys/${encodeURIComponent(keyId)}/sign`, {
|
|
87
|
+
purpose: "http-auth",
|
|
88
|
+
message: Buffer.from(message).toString("base64"),
|
|
89
|
+
});
|
|
90
|
+
return decodeBase64Field(response, "signature");
|
|
91
|
+
}
|
|
92
|
+
async signTransaction(keyId, transactionBytes) {
|
|
93
|
+
const response = await this.request(`/v1/keys/${encodeURIComponent(keyId)}/sign`, {
|
|
94
|
+
purpose: "myso-transaction",
|
|
95
|
+
transactionBytes: Buffer.from(transactionBytes).toString("base64"),
|
|
96
|
+
});
|
|
97
|
+
if (typeof response.signature !== "string" || !response.signature.trim()) {
|
|
98
|
+
throw new McpRuntimeError("SIGNER_UNAVAILABLE", "Remote KMS response omitted signature.");
|
|
99
|
+
}
|
|
100
|
+
return response.signature;
|
|
101
|
+
}
|
|
102
|
+
async request(pathname, body) {
|
|
103
|
+
const token = await this.options.bearerToken();
|
|
104
|
+
const response = await this.fetchImpl(`${this.baseUrl}${pathname}`, {
|
|
105
|
+
method: "POST",
|
|
106
|
+
headers: { authorization: `Bearer ${token}`, "content-type": "application/json" },
|
|
107
|
+
body: JSON.stringify(body),
|
|
108
|
+
});
|
|
109
|
+
if (!response.ok) {
|
|
110
|
+
throw new McpRuntimeError("SIGNER_UNAVAILABLE", `Remote KMS rejected signing (${response.status}).`);
|
|
111
|
+
}
|
|
112
|
+
return response.json();
|
|
113
|
+
}
|
|
114
|
+
}
|
|
115
|
+
export class HttpKmsSessionAuthorizer {
|
|
116
|
+
options;
|
|
117
|
+
baseUrl;
|
|
118
|
+
fetchImpl;
|
|
119
|
+
constructor(options) {
|
|
120
|
+
this.options = options;
|
|
121
|
+
this.baseUrl = options.baseUrl.replace(/\/$/, "");
|
|
122
|
+
this.fetchImpl = options.fetch ?? globalThis.fetch;
|
|
123
|
+
}
|
|
124
|
+
async assertActive(policy, operation) {
|
|
125
|
+
const token = await this.options.bearerToken();
|
|
126
|
+
const response = await this.fetchImpl(`${this.baseUrl}/v1/signer-sessions/${encodeURIComponent(policy.sessionId)}/authorize`, {
|
|
127
|
+
method: "POST",
|
|
128
|
+
headers: { authorization: `Bearer ${token}`, "content-type": "application/json" },
|
|
129
|
+
body: JSON.stringify({
|
|
130
|
+
operation,
|
|
131
|
+
keyId: policy.keyId,
|
|
132
|
+
accountId: policy.accountId,
|
|
133
|
+
agentObjectId: policy.agentObjectId,
|
|
134
|
+
}),
|
|
135
|
+
});
|
|
136
|
+
if (!response.ok) {
|
|
137
|
+
throw new McpRuntimeError("AUTHENTICATION_FAILED", "KMS session is revoked or unauthorized.");
|
|
138
|
+
}
|
|
139
|
+
const result = await response.json();
|
|
140
|
+
if (result.active !== true || !Number.isSafeInteger(result.expiresAtMs) || result.expiresAtMs <= Date.now()) {
|
|
141
|
+
throw new McpRuntimeError("AUTHENTICATION_FAILED", "KMS session is inactive or expired.");
|
|
142
|
+
}
|
|
143
|
+
}
|
|
144
|
+
}
|
|
145
|
+
function decodeBase64Field(value, field) {
|
|
146
|
+
const encoded = value[field];
|
|
147
|
+
if (typeof encoded !== "string" || !/^[A-Za-z0-9+/]*={0,2}$/.test(encoded)) {
|
|
148
|
+
throw new McpRuntimeError("SIGNER_UNAVAILABLE", `Remote KMS response omitted ${field}.`);
|
|
149
|
+
}
|
|
150
|
+
return Uint8Array.from(Buffer.from(encoded, "base64"));
|
|
151
|
+
}
|
|
152
|
+
const ED25519_PKCS8_PREFIX = Buffer.from("302e020100300506032b657004220420", "hex");
|
|
153
|
+
function decodeSecret(value, source) {
|
|
154
|
+
const normalized = value.trim().replace(/^0x/, "");
|
|
155
|
+
if (!/^[0-9a-fA-F]{64}$/.test(normalized)) {
|
|
156
|
+
throw new McpRuntimeError("INVALID_CONFIGURATION", `${source} must contain exactly one 32-byte Ed25519 secret encoded as hex.`);
|
|
157
|
+
}
|
|
158
|
+
return Uint8Array.from(Buffer.from(normalized, "hex"));
|
|
159
|
+
}
|
|
160
|
+
function privateKeyFromSeed(seed) {
|
|
161
|
+
return createPrivateKey({
|
|
162
|
+
key: Buffer.concat([ED25519_PKCS8_PREFIX, Buffer.from(seed)]),
|
|
163
|
+
format: "der",
|
|
164
|
+
type: "pkcs8",
|
|
165
|
+
});
|
|
166
|
+
}
|
|
167
|
+
export class LocalEd25519Signer {
|
|
168
|
+
kind;
|
|
169
|
+
keyId;
|
|
170
|
+
secretKey;
|
|
171
|
+
privateKey;
|
|
172
|
+
publicKey;
|
|
173
|
+
constructor(kind, keyId, secretKey) {
|
|
174
|
+
if (secretKey.byteLength !== 32) {
|
|
175
|
+
throw new McpRuntimeError("INVALID_CONFIGURATION", "Ed25519 signers require a 32-byte secret.");
|
|
176
|
+
}
|
|
177
|
+
this.kind = kind;
|
|
178
|
+
this.keyId = keyId;
|
|
179
|
+
this.secretKey = secretKey.slice();
|
|
180
|
+
this.privateKey = privateKeyFromSeed(this.secretKey);
|
|
181
|
+
const der = createPublicKey(this.privateKey).export({ format: "der", type: "spki" });
|
|
182
|
+
this.publicKey = Uint8Array.from(Buffer.from(der).subarray(-32));
|
|
183
|
+
}
|
|
184
|
+
async getPublicKey() {
|
|
185
|
+
this.assertActive();
|
|
186
|
+
return this.publicKey.slice();
|
|
187
|
+
}
|
|
188
|
+
async sign(message) {
|
|
189
|
+
this.assertActive();
|
|
190
|
+
return Uint8Array.from(nodeSign(null, Buffer.from(message), this.privateKey));
|
|
191
|
+
}
|
|
192
|
+
async withLocalSecret(callback) {
|
|
193
|
+
this.assertActive();
|
|
194
|
+
const temporary = this.secretKey.slice();
|
|
195
|
+
try {
|
|
196
|
+
return await callback(temporary);
|
|
197
|
+
}
|
|
198
|
+
finally {
|
|
199
|
+
temporary.fill(0);
|
|
200
|
+
}
|
|
201
|
+
}
|
|
202
|
+
async getMySoAddress() {
|
|
203
|
+
return this.withLocalSecret((secret) => Ed25519Keypair.fromSecretKey(secret).toMySoAddress());
|
|
204
|
+
}
|
|
205
|
+
async signTransaction(transactionBytes) {
|
|
206
|
+
return this.withLocalSecret(async (secret) => {
|
|
207
|
+
const keypair = Ed25519Keypair.fromSecretKey(secret);
|
|
208
|
+
const signed = await keypair.signTransaction(transactionBytes.slice());
|
|
209
|
+
return signed.signature;
|
|
210
|
+
});
|
|
211
|
+
}
|
|
212
|
+
destroy() {
|
|
213
|
+
this.secretKey?.fill(0);
|
|
214
|
+
this.publicKey.fill(0);
|
|
215
|
+
this.secretKey = null;
|
|
216
|
+
this.privateKey = null;
|
|
217
|
+
}
|
|
218
|
+
assertActive() {
|
|
219
|
+
if (!this.secretKey || !this.privateKey) {
|
|
220
|
+
throw new McpRuntimeError("SIGNER_UNAVAILABLE", "The configured signer has been destroyed.");
|
|
221
|
+
}
|
|
222
|
+
}
|
|
223
|
+
}
|
|
224
|
+
export class InjectedAgentSigner {
|
|
225
|
+
kind = "injected";
|
|
226
|
+
keyId;
|
|
227
|
+
callbacks;
|
|
228
|
+
constructor(callbacks) {
|
|
229
|
+
if (!callbacks.keyId.trim()) {
|
|
230
|
+
throw new McpRuntimeError("INVALID_CONFIGURATION", "Injected signer keyId is required.");
|
|
231
|
+
}
|
|
232
|
+
this.keyId = callbacks.keyId;
|
|
233
|
+
this.callbacks = callbacks;
|
|
234
|
+
}
|
|
235
|
+
async getPublicKey() {
|
|
236
|
+
const key = Uint8Array.from(await this.callbacks.getPublicKey());
|
|
237
|
+
if (key.byteLength !== 32) {
|
|
238
|
+
throw new McpRuntimeError("SIGNER_UNAVAILABLE", "Injected signer returned an invalid public key.");
|
|
239
|
+
}
|
|
240
|
+
return key;
|
|
241
|
+
}
|
|
242
|
+
async sign(message) {
|
|
243
|
+
const signature = Uint8Array.from(await this.callbacks.sign(message.slice()));
|
|
244
|
+
if (signature.byteLength !== 64) {
|
|
245
|
+
throw new McpRuntimeError("SIGNER_UNAVAILABLE", "Injected signer returned an invalid signature.");
|
|
246
|
+
}
|
|
247
|
+
return signature;
|
|
248
|
+
}
|
|
249
|
+
async getMySoAddress() {
|
|
250
|
+
const address = await this.callbacks.getMySoAddress();
|
|
251
|
+
if (!/^0x[0-9a-fA-F]{1,64}$/.test(address)) {
|
|
252
|
+
throw new McpRuntimeError("SIGNER_UNAVAILABLE", "Injected signer returned an invalid MySo address.");
|
|
253
|
+
}
|
|
254
|
+
return address;
|
|
255
|
+
}
|
|
256
|
+
async signTransaction(transactionBytes) {
|
|
257
|
+
const signature = await this.callbacks.signTransaction(transactionBytes.slice());
|
|
258
|
+
if (typeof signature !== "string" || !signature.trim()) {
|
|
259
|
+
throw new McpRuntimeError("SIGNER_UNAVAILABLE", "Injected signer returned an invalid transaction signature.");
|
|
260
|
+
}
|
|
261
|
+
return signature;
|
|
262
|
+
}
|
|
263
|
+
destroy() {
|
|
264
|
+
this.callbacks.destroy?.();
|
|
265
|
+
}
|
|
266
|
+
}
|
|
267
|
+
function expandHome(filePath) {
|
|
268
|
+
return filePath === "~" || filePath.startsWith("~/")
|
|
269
|
+
? path.join(os.homedir(), filePath.slice(2))
|
|
270
|
+
: filePath;
|
|
271
|
+
}
|
|
272
|
+
function loadDevelopmentSecret(reference) {
|
|
273
|
+
if (process.env.MEMORY_MCP_ALLOW_INSECURE_DEV_FILE !== "1") {
|
|
274
|
+
throw new McpRuntimeError("INVALID_CONFIGURATION", "Development-file signing is disabled. Set MEMORY_MCP_ALLOW_INSECURE_DEV_FILE=1 only for local development.");
|
|
275
|
+
}
|
|
276
|
+
const resolved = path.resolve(expandHome(reference.path));
|
|
277
|
+
let stat;
|
|
278
|
+
try {
|
|
279
|
+
stat = fs.lstatSync(resolved);
|
|
280
|
+
}
|
|
281
|
+
catch (error) {
|
|
282
|
+
throw new McpRuntimeError("SIGNER_UNAVAILABLE", "The configured development signer file could not be read.", { cause: error });
|
|
283
|
+
}
|
|
284
|
+
if (!stat.isFile() || stat.isSymbolicLink()) {
|
|
285
|
+
throw new McpRuntimeError("INVALID_CONFIGURATION", "The development signer path must be a regular file.");
|
|
286
|
+
}
|
|
287
|
+
if ((stat.mode & 0o077) !== 0) {
|
|
288
|
+
throw new McpRuntimeError("INVALID_CONFIGURATION", "The development signer file must have mode 0600 or stricter.");
|
|
289
|
+
}
|
|
290
|
+
return decodeSecret(fs.readFileSync(resolved, "utf8"), "Development signer file");
|
|
291
|
+
}
|
|
292
|
+
function loadKeychainSecret(reference) {
|
|
293
|
+
if (process.platform !== "darwin") {
|
|
294
|
+
throw new McpRuntimeError("SIGNER_UNAVAILABLE", "macOS Keychain signing is available only on macOS; inject a signer on other platforms.");
|
|
295
|
+
}
|
|
296
|
+
try {
|
|
297
|
+
const value = execFileSync("/usr/bin/security", ["find-generic-password", "-w", "-s", reference.service, "-a", reference.account], { encoding: "utf8", stdio: ["ignore", "pipe", "ignore"] });
|
|
298
|
+
return decodeSecret(value, "Keychain item");
|
|
299
|
+
}
|
|
300
|
+
catch (error) {
|
|
301
|
+
if (error instanceof McpRuntimeError)
|
|
302
|
+
throw error;
|
|
303
|
+
throw new McpRuntimeError("SIGNER_UNAVAILABLE", `No usable macOS Keychain item was found for service ${reference.service} and account ${reference.account}.`, { cause: error });
|
|
304
|
+
}
|
|
305
|
+
}
|
|
306
|
+
export function createCliSigner(reference) {
|
|
307
|
+
if (reference.type === "keychain") {
|
|
308
|
+
const secret = loadKeychainSecret(reference);
|
|
309
|
+
try {
|
|
310
|
+
return new LocalEd25519Signer("keychain", `${reference.service}/${reference.account}`, secret);
|
|
311
|
+
}
|
|
312
|
+
finally {
|
|
313
|
+
secret.fill(0);
|
|
314
|
+
}
|
|
315
|
+
}
|
|
316
|
+
const secret = loadDevelopmentSecret(reference);
|
|
317
|
+
try {
|
|
318
|
+
return new LocalEd25519Signer("development-file", path.resolve(expandHome(reference.path)), secret);
|
|
319
|
+
}
|
|
320
|
+
finally {
|
|
321
|
+
secret.fill(0);
|
|
322
|
+
}
|
|
323
|
+
}
|
|
@@ -0,0 +1,195 @@
|
|
|
1
|
+
import { type SocialActionId, type SocialChainConfig, type EditCommentParams, type EditPostParams, type ProfileRelationParams, type RemoveCommentReactionParams, type RemovePostReactionParams, type RemoveRepostParams, type SendMessageParams, type CreateMessagingGroupParams, type OrganizationInvitationDecisionParams, type RegisterChildAgentParams, type UpdateManagedAgentParams, type ManagedAgentParams } from "@socialproof/social";
|
|
2
|
+
import type { AgentSigner } from "./signers.js";
|
|
3
|
+
export interface CreatePostInput {
|
|
4
|
+
content: string;
|
|
5
|
+
idempotencyKey: string;
|
|
6
|
+
}
|
|
7
|
+
export interface CreateCommentInput {
|
|
8
|
+
postId: string;
|
|
9
|
+
content: string;
|
|
10
|
+
parentCommentId?: string;
|
|
11
|
+
idempotencyKey: string;
|
|
12
|
+
}
|
|
13
|
+
export interface ReactToPostInput {
|
|
14
|
+
postId: string;
|
|
15
|
+
reaction: string;
|
|
16
|
+
idempotencyKey: string;
|
|
17
|
+
}
|
|
18
|
+
export interface ReactToCommentInput {
|
|
19
|
+
commentId: string;
|
|
20
|
+
reaction: string;
|
|
21
|
+
idempotencyKey: string;
|
|
22
|
+
}
|
|
23
|
+
export interface CreateRepostInput {
|
|
24
|
+
originalPostId: string;
|
|
25
|
+
content?: string;
|
|
26
|
+
idempotencyKey: string;
|
|
27
|
+
}
|
|
28
|
+
export interface DeleteCommentInput {
|
|
29
|
+
postId: string;
|
|
30
|
+
commentId: string;
|
|
31
|
+
}
|
|
32
|
+
type IdempotentInput<T> = T & {
|
|
33
|
+
idempotencyKey: string;
|
|
34
|
+
};
|
|
35
|
+
export interface ActionApprovalInput {
|
|
36
|
+
registryAction: SocialActionId;
|
|
37
|
+
parameters: unknown;
|
|
38
|
+
idempotencyKey: string;
|
|
39
|
+
expiresInSeconds?: number;
|
|
40
|
+
}
|
|
41
|
+
export interface ActionApprovalDecisionInput {
|
|
42
|
+
approvalId: string;
|
|
43
|
+
walletSignature: string;
|
|
44
|
+
}
|
|
45
|
+
export interface ApprovedActionPrepareInput extends ActionApprovalInput {
|
|
46
|
+
approvalId: string;
|
|
47
|
+
}
|
|
48
|
+
export interface ApprovedActionSubmitInput {
|
|
49
|
+
registryAction: SocialActionId;
|
|
50
|
+
idempotencyKey: string;
|
|
51
|
+
approvalId: string;
|
|
52
|
+
digest: string;
|
|
53
|
+
walletSignature: string;
|
|
54
|
+
}
|
|
55
|
+
export interface SocialGateway {
|
|
56
|
+
readonly supportedToolNames: readonly string[];
|
|
57
|
+
listActions(): Promise<unknown>;
|
|
58
|
+
createPost(input: CreatePostInput): Promise<unknown>;
|
|
59
|
+
createComment(input: CreateCommentInput): Promise<unknown>;
|
|
60
|
+
reactToPost(input: ReactToPostInput): Promise<unknown>;
|
|
61
|
+
reactToComment(input: ReactToCommentInput): Promise<unknown>;
|
|
62
|
+
createRepost(input: CreateRepostInput): Promise<unknown>;
|
|
63
|
+
removePostReaction(input: IdempotentInput<RemovePostReactionParams>): Promise<unknown>;
|
|
64
|
+
removeCommentReaction(input: IdempotentInput<RemoveCommentReactionParams>): Promise<unknown>;
|
|
65
|
+
editPost(input: IdempotentInput<EditPostParams>): Promise<unknown>;
|
|
66
|
+
editComment(input: IdempotentInput<EditCommentParams>): Promise<unknown>;
|
|
67
|
+
removeRepost(input: IdempotentInput<RemoveRepostParams>): Promise<unknown>;
|
|
68
|
+
followProfile(input: IdempotentInput<ProfileRelationParams>): Promise<unknown>;
|
|
69
|
+
unfollowProfile(input: IdempotentInput<ProfileRelationParams>): Promise<unknown>;
|
|
70
|
+
blockProfile(input: IdempotentInput<ProfileRelationParams>): Promise<unknown>;
|
|
71
|
+
unblockProfile(input: IdempotentInput<ProfileRelationParams>): Promise<unknown>;
|
|
72
|
+
sendMessage(input: IdempotentInput<SendMessageParams>): Promise<unknown>;
|
|
73
|
+
createMessagingGroup(input: IdempotentInput<CreateMessagingGroupParams>): Promise<unknown>;
|
|
74
|
+
acceptOrganizationInvitation(input: IdempotentInput<OrganizationInvitationDecisionParams>): Promise<unknown>;
|
|
75
|
+
declineOrganizationInvitation(input: IdempotentInput<OrganizationInvitationDecisionParams>): Promise<unknown>;
|
|
76
|
+
registerChildAgent(input: IdempotentInput<Omit<RegisterChildAgentParams, "parentAgentObjectId"> & {
|
|
77
|
+
parentAgentObjectId?: string;
|
|
78
|
+
}>): Promise<unknown>;
|
|
79
|
+
updateChildAgent(input: IdempotentInput<UpdateManagedAgentParams>): Promise<unknown>;
|
|
80
|
+
deactivateChildAgent(input: IdempotentInput<ManagedAgentParams>): Promise<unknown>;
|
|
81
|
+
revokeChildAgent(input: IdempotentInput<ManagedAgentParams>): Promise<unknown>;
|
|
82
|
+
getOrganizationControl(organizationId: string): Promise<unknown>;
|
|
83
|
+
listInbox(input: {
|
|
84
|
+
limit?: number;
|
|
85
|
+
offset?: number;
|
|
86
|
+
groupId?: string;
|
|
87
|
+
afterCreatedAtMs?: number;
|
|
88
|
+
afterSeq?: number;
|
|
89
|
+
}): Promise<unknown>;
|
|
90
|
+
waitForMessage(input: {
|
|
91
|
+
timeoutMs?: number;
|
|
92
|
+
groupId?: string;
|
|
93
|
+
afterCreatedAtMs?: number;
|
|
94
|
+
afterSeq?: number;
|
|
95
|
+
}): Promise<unknown>;
|
|
96
|
+
deletePost(postId: string): Promise<unknown>;
|
|
97
|
+
deleteComment(input: DeleteCommentInput): Promise<unknown>;
|
|
98
|
+
getActionStatus(digest: string): Promise<unknown>;
|
|
99
|
+
requestActionApproval(input: ActionApprovalInput): Promise<unknown>;
|
|
100
|
+
approveAction(input: ActionApprovalDecisionInput): Promise<unknown>;
|
|
101
|
+
prepareApprovedAction(input: ApprovedActionPrepareInput): Promise<unknown>;
|
|
102
|
+
submitApprovedAction(input: ApprovedActionSubmitInput): Promise<unknown>;
|
|
103
|
+
}
|
|
104
|
+
type MySoNetwork = "mainnet" | "testnet" | "devnet" | "localnet";
|
|
105
|
+
export interface AuthenticatedSocialExecutionContext {
|
|
106
|
+
network: MySoNetwork;
|
|
107
|
+
rpcUrl: string;
|
|
108
|
+
chain: SocialChainConfig;
|
|
109
|
+
}
|
|
110
|
+
export interface SponsoredSocialGatewayOptions {
|
|
111
|
+
signer: AgentSigner;
|
|
112
|
+
accountId: string;
|
|
113
|
+
serverUrl: string;
|
|
114
|
+
platformId?: string;
|
|
115
|
+
/** Optional deployment pin checked against authenticated agent context. */
|
|
116
|
+
network?: MySoNetwork;
|
|
117
|
+
/** Optional deployment pin checked against authenticated agent context. */
|
|
118
|
+
rpcUrl?: string;
|
|
119
|
+
/** Optional object-id pins checked against authenticated agent context. */
|
|
120
|
+
chain?: Partial<SocialChainConfig>;
|
|
121
|
+
fetch?: typeof globalThis.fetch;
|
|
122
|
+
}
|
|
123
|
+
/**
|
|
124
|
+
* Executes only hard-coded, versioned Tier 1A/1B action-registry entries.
|
|
125
|
+
* There is no arbitrary action name, Move target, PTB, or direct-sign fallback
|
|
126
|
+
* in the public MCP path. Tier 3 owner actions remain disabled until the
|
|
127
|
+
* wallet-approval workflow is available.
|
|
128
|
+
*/
|
|
129
|
+
export declare class SponsoredSocialGateway implements SocialGateway {
|
|
130
|
+
readonly supportedToolNames: readonly ["chain_list_actions", "social_create_post", "social_create_comment", "social_react_post", "social_react_comment", "social_create_repost", "social_remove_post_reaction", "social_remove_comment_reaction", "social_edit_post", "social_edit_comment", "social_remove_repost", "social_follow_profile", "social_unfollow_profile", "social_block_profile", "social_unblock_profile", "messaging_send_message", "messaging_create_group", "messaging_list_inbox", "messaging_wait_for_message", "organization_get_control", "organization_accept_invitation", "organization_decline_invitation", "agent_register_child", "agent_update_child", "agent_deactivate_child", "agent_revoke_child", "organization_create", "organization_update_metadata", "organization_update_category", "organization_deactivate", "organization_ensure_memory_group", "organization_define_role", "organization_assign_role", "organization_revoke_role", "organization_create_invitation", "agent_provision_signer", "agent_register_root", "chain_get_action_status", "chain_request_action_approval", "chain_approve_action", "chain_prepare_approved_action", "chain_submit_approved_action"];
|
|
131
|
+
private readonly signer;
|
|
132
|
+
private readonly accountId;
|
|
133
|
+
private readonly serverUrl;
|
|
134
|
+
private platformId?;
|
|
135
|
+
private readonly networkPin?;
|
|
136
|
+
private readonly rpcUrlPin?;
|
|
137
|
+
private readonly chainPins?;
|
|
138
|
+
private readonly fetchImpl;
|
|
139
|
+
constructor(options: SponsoredSocialGatewayOptions);
|
|
140
|
+
listActions(): Promise<unknown>;
|
|
141
|
+
reactToPost(input: ReactToPostInput): Promise<unknown>;
|
|
142
|
+
createPost(input: CreatePostInput): Promise<unknown>;
|
|
143
|
+
createComment(input: CreateCommentInput): Promise<unknown>;
|
|
144
|
+
reactToComment(input: ReactToCommentInput): Promise<unknown>;
|
|
145
|
+
createRepost(input: CreateRepostInput): Promise<unknown>;
|
|
146
|
+
private executeInput;
|
|
147
|
+
removePostReaction(input: IdempotentInput<RemovePostReactionParams>): Promise<unknown>;
|
|
148
|
+
removeCommentReaction(input: IdempotentInput<RemoveCommentReactionParams>): Promise<unknown>;
|
|
149
|
+
editPost(input: IdempotentInput<EditPostParams>): Promise<unknown>;
|
|
150
|
+
editComment(input: IdempotentInput<EditCommentParams>): Promise<unknown>;
|
|
151
|
+
removeRepost(input: IdempotentInput<RemoveRepostParams>): Promise<unknown>;
|
|
152
|
+
followProfile(input: IdempotentInput<ProfileRelationParams>): Promise<unknown>;
|
|
153
|
+
unfollowProfile(input: IdempotentInput<ProfileRelationParams>): Promise<unknown>;
|
|
154
|
+
blockProfile(input: IdempotentInput<ProfileRelationParams>): Promise<unknown>;
|
|
155
|
+
unblockProfile(input: IdempotentInput<ProfileRelationParams>): Promise<unknown>;
|
|
156
|
+
sendMessage(input: IdempotentInput<SendMessageParams>): Promise<unknown>;
|
|
157
|
+
createMessagingGroup(input: IdempotentInput<CreateMessagingGroupParams>): Promise<unknown>;
|
|
158
|
+
acceptOrganizationInvitation(input: IdempotentInput<OrganizationInvitationDecisionParams>): Promise<unknown>;
|
|
159
|
+
declineOrganizationInvitation(input: IdempotentInput<OrganizationInvitationDecisionParams>): Promise<unknown>;
|
|
160
|
+
registerChildAgent(input: IdempotentInput<Omit<RegisterChildAgentParams, "parentAgentObjectId"> & {
|
|
161
|
+
parentAgentObjectId?: string;
|
|
162
|
+
}>): Promise<unknown>;
|
|
163
|
+
updateChildAgent(input: IdempotentInput<UpdateManagedAgentParams>): Promise<unknown>;
|
|
164
|
+
deactivateChildAgent(input: IdempotentInput<ManagedAgentParams>): Promise<unknown>;
|
|
165
|
+
revokeChildAgent(input: IdempotentInput<ManagedAgentParams>): Promise<unknown>;
|
|
166
|
+
getOrganizationControl(organizationId: string): Promise<unknown>;
|
|
167
|
+
listInbox(input: {
|
|
168
|
+
limit?: number;
|
|
169
|
+
offset?: number;
|
|
170
|
+
groupId?: string;
|
|
171
|
+
afterCreatedAtMs?: number;
|
|
172
|
+
afterSeq?: number;
|
|
173
|
+
}): Promise<unknown>;
|
|
174
|
+
waitForMessage(input: {
|
|
175
|
+
timeoutMs?: number;
|
|
176
|
+
groupId?: string;
|
|
177
|
+
afterCreatedAtMs?: number;
|
|
178
|
+
afterSeq?: number;
|
|
179
|
+
}): Promise<unknown>;
|
|
180
|
+
deletePost(_postId: string): Promise<unknown>;
|
|
181
|
+
deleteComment(_input: DeleteCommentInput): Promise<unknown>;
|
|
182
|
+
getActionStatus(digest: string): Promise<unknown>;
|
|
183
|
+
requestActionApproval(input: ActionApprovalInput): Promise<unknown>;
|
|
184
|
+
approveAction(input: ActionApprovalDecisionInput): Promise<unknown>;
|
|
185
|
+
prepareApprovedAction(input: ApprovedActionPrepareInput): Promise<unknown>;
|
|
186
|
+
submitApprovedAction(input: ApprovedActionSubmitInput): Promise<unknown>;
|
|
187
|
+
private validateApprovalInput;
|
|
188
|
+
private assertActionInAuthenticatedCatalog;
|
|
189
|
+
private executeRegisteredAction;
|
|
190
|
+
private approvalUnavailable;
|
|
191
|
+
private ensureDeploymentPlatform;
|
|
192
|
+
private signedJson;
|
|
193
|
+
private requestJson;
|
|
194
|
+
}
|
|
195
|
+
export {};
|