@tenova/swt3-mcp 0.1.0 → 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/chain-verifier.d.ts +46 -0
- package/dist/chain-verifier.d.ts.map +1 -0
- package/dist/chain-verifier.js +210 -0
- package/dist/chain-verifier.js.map +1 -0
- package/dist/client.d.ts +4 -0
- package/dist/client.d.ts.map +1 -1
- package/dist/client.js.map +1 -1
- package/dist/config.d.ts +8 -0
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +8 -0
- package/dist/config.js.map +1 -1
- package/dist/density-policy.d.ts +55 -0
- package/dist/density-policy.d.ts.map +1 -0
- package/dist/density-policy.js +124 -0
- package/dist/density-policy.js.map +1 -0
- package/dist/redis-reader.d.ts +57 -0
- package/dist/redis-reader.d.ts.map +1 -0
- package/dist/redis-reader.js +254 -0
- package/dist/redis-reader.js.map +1 -0
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +442 -0
- package/dist/server.js.map +1 -1
- package/dist/state.d.ts +27 -0
- package/dist/state.d.ts.map +1 -0
- package/dist/state.js +18 -0
- package/dist/state.js.map +1 -0
- package/dist/tools/audit.d.ts +20 -0
- package/dist/tools/audit.d.ts.map +1 -0
- package/dist/tools/audit.js +102 -0
- package/dist/tools/audit.js.map +1 -0
- package/dist/tools/authorize.d.ts +19 -0
- package/dist/tools/authorize.d.ts.map +1 -0
- package/dist/tools/authorize.js +96 -0
- package/dist/tools/authorize.js.map +1 -0
- package/dist/tools/chain.d.ts +24 -0
- package/dist/tools/chain.d.ts.map +1 -0
- package/dist/tools/chain.js +114 -0
- package/dist/tools/chain.js.map +1 -0
- package/dist/tools/model.d.ts +33 -0
- package/dist/tools/model.d.ts.map +1 -0
- package/dist/tools/model.js +162 -0
- package/dist/tools/model.js.map +1 -0
- package/dist/tools/signup.d.ts +2 -2
- package/dist/tools/signup.d.ts.map +1 -1
- package/dist/tools/signup.js +10 -3
- package/dist/tools/signup.js.map +1 -1
- package/dist/tools/skill.d.ts +33 -0
- package/dist/tools/skill.d.ts.map +1 -0
- package/dist/tools/skill.js +168 -0
- package/dist/tools/skill.js.map +1 -0
- package/dist/tools/suggest.d.ts +15 -0
- package/dist/tools/suggest.d.ts.map +1 -0
- package/dist/tools/suggest.js +174 -0
- package/dist/tools/suggest.js.map +1 -0
- package/dist/tools/trust.d.ts +33 -0
- package/dist/tools/trust.d.ts.map +1 -0
- package/dist/tools/trust.js +209 -0
- package/dist/tools/trust.js.map +1 -0
- package/dist/tools/violation.d.ts +20 -0
- package/dist/tools/violation.d.ts.map +1 -0
- package/dist/tools/violation.js +97 -0
- package/dist/tools/violation.js.map +1 -0
- package/dist/tools/witness.d.ts +6 -1
- package/dist/tools/witness.d.ts.map +1 -1
- package/dist/tools/witness.js +19 -5
- package/dist/tools/witness.js.map +1 -1
- package/package.json +25 -2
package/README.md
CHANGED
|
@@ -121,7 +121,7 @@ Returns a browser URL. Complete signup there, copy your API key, add it to your
|
|
|
121
121
|
| `SWT3_ENDPOINT` | `https://sovereign.tenova.io` | Witness endpoint |
|
|
122
122
|
| `SWT3_CLEARING_LEVEL` | `1` | Data clearing (0=analytics, 1=standard, 2=sensitive, 3=classified) |
|
|
123
123
|
| `SWT3_AGENT_ID` | | Agent identity for AI-ID.1 |
|
|
124
|
-
| `SWT3_SIGNING_KEY` | | HMAC-SHA256 signing key |
|
|
124
|
+
| `SWT3_SIGNING_KEY` | | HMAC-SHA256 signing key (register server-side for validation) |
|
|
125
125
|
|
|
126
126
|
## Clearing levels
|
|
127
127
|
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* SWT3 MCP Server: Anchor-Chain Verifier.
|
|
3
|
+
*
|
|
4
|
+
* Validates an agent's anchor chain before tool execution. Queries
|
|
5
|
+
* Redis reader (fast path) first, falls back to Supabase ledger (cold path).
|
|
6
|
+
* Integrates with the density policy engine for enforcement.
|
|
7
|
+
*
|
|
8
|
+
* Flow:
|
|
9
|
+
* 1. Query Redis in-memory index by agent_id / cycle_id
|
|
10
|
+
* 2. If insufficient, query ledger via AxiomClient
|
|
11
|
+
* 3. Check each anchor: not revoked, verdict=PASS, within gap limit
|
|
12
|
+
* 4. Evaluate density policy
|
|
13
|
+
* 5. Return structured result
|
|
14
|
+
*
|
|
15
|
+
* Patent coverage: PPA #5, PPA #7, PPA #9
|
|
16
|
+
*/
|
|
17
|
+
import type { McpConfig } from "./config.js";
|
|
18
|
+
import type { AxiomClient } from "./client.js";
|
|
19
|
+
import { type DensityPolicy, type PolicyViolation } from "./density-policy.js";
|
|
20
|
+
export interface ChainVerifyResult {
|
|
21
|
+
valid: boolean;
|
|
22
|
+
anchorCount: number;
|
|
23
|
+
gaps: ChainGap[];
|
|
24
|
+
revoked: string[];
|
|
25
|
+
policyViolations: PolicyViolation[];
|
|
26
|
+
source: "redis" | "ledger" | "none";
|
|
27
|
+
reason?: string;
|
|
28
|
+
}
|
|
29
|
+
export interface ChainGap {
|
|
30
|
+
fromEpoch: number;
|
|
31
|
+
toEpoch: number;
|
|
32
|
+
gapSeconds: number;
|
|
33
|
+
}
|
|
34
|
+
/**
|
|
35
|
+
* Verify an agent's anchor chain. Called by the gatekeeper before tool execution.
|
|
36
|
+
*
|
|
37
|
+
* @param agentId - The presenting agent's ID
|
|
38
|
+
* @param cycleId - The active chain's cycle_id (optional)
|
|
39
|
+
* @param config - MCP config (for maxChainGapSeconds)
|
|
40
|
+
* @param client - AxiomClient for ledger fallback
|
|
41
|
+
* @param policy - Active density policy
|
|
42
|
+
* @param agentTokenCount - Total tokens reported by agent (optional)
|
|
43
|
+
* @param agentTrustLevel - Trust level from prior verify_agent_trust (optional)
|
|
44
|
+
*/
|
|
45
|
+
export declare function verifyAnchorChain(agentId: string | undefined, cycleId: string | undefined, config: McpConfig, client: AxiomClient, policy: DensityPolicy, agentTokenCount?: number, agentTrustLevel?: number): Promise<ChainVerifyResult>;
|
|
46
|
+
//# sourceMappingURL=chain-verifier.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"chain-verifier.d.ts","sourceRoot":"","sources":["../src/chain-verifier.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAG/C,OAAO,EAEL,KAAK,aAAa,EAElB,KAAK,eAAe,EACrB,MAAM,qBAAqB,CAAC;AAI7B,MAAM,WAAW,iBAAiB;IAChC,KAAK,EAAE,OAAO,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,QAAQ,EAAE,CAAC;IACjB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,gBAAgB,EAAE,eAAe,EAAE,CAAC;IACpC,MAAM,EAAE,OAAO,GAAG,QAAQ,GAAG,MAAM,CAAC;IACpC,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,QAAQ;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;CACpB;AAkBD;;;;;;;;;;GAUG;AACH,wBAAsB,iBAAiB,CACrC,OAAO,EAAE,MAAM,GAAG,SAAS,EAC3B,OAAO,EAAE,MAAM,GAAG,SAAS,EAC3B,MAAM,EAAE,SAAS,EACjB,MAAM,EAAE,WAAW,EACnB,MAAM,EAAE,aAAa,EACrB,eAAe,CAAC,EAAE,MAAM,EACxB,eAAe,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,iBAAiB,CAAC,CAyC5B"}
|
|
@@ -0,0 +1,210 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* SWT3 MCP Server: Anchor-Chain Verifier.
|
|
3
|
+
*
|
|
4
|
+
* Validates an agent's anchor chain before tool execution. Queries
|
|
5
|
+
* Redis reader (fast path) first, falls back to Supabase ledger (cold path).
|
|
6
|
+
* Integrates with the density policy engine for enforcement.
|
|
7
|
+
*
|
|
8
|
+
* Flow:
|
|
9
|
+
* 1. Query Redis in-memory index by agent_id / cycle_id
|
|
10
|
+
* 2. If insufficient, query ledger via AxiomClient
|
|
11
|
+
* 3. Check each anchor: not revoked, verdict=PASS, within gap limit
|
|
12
|
+
* 4. Evaluate density policy
|
|
13
|
+
* 5. Return structured result
|
|
14
|
+
*
|
|
15
|
+
* Patent coverage: PPA #5, PPA #7, PPA #9
|
|
16
|
+
*/
|
|
17
|
+
import { queryAnchors } from "./redis-reader.js";
|
|
18
|
+
import { signPayload } from "./fingerprint.js";
|
|
19
|
+
import { evaluatePolicy, } from "./density-policy.js";
|
|
20
|
+
// ── Main Verification Function ────────────────────────────────────────
|
|
21
|
+
/**
|
|
22
|
+
* Verify an agent's anchor chain. Called by the gatekeeper before tool execution.
|
|
23
|
+
*
|
|
24
|
+
* @param agentId - The presenting agent's ID
|
|
25
|
+
* @param cycleId - The active chain's cycle_id (optional)
|
|
26
|
+
* @param config - MCP config (for maxChainGapSeconds)
|
|
27
|
+
* @param client - AxiomClient for ledger fallback
|
|
28
|
+
* @param policy - Active density policy
|
|
29
|
+
* @param agentTokenCount - Total tokens reported by agent (optional)
|
|
30
|
+
* @param agentTrustLevel - Trust level from prior verify_agent_trust (optional)
|
|
31
|
+
*/
|
|
32
|
+
export async function verifyAnchorChain(agentId, cycleId, config, client, policy, agentTokenCount, agentTrustLevel) {
|
|
33
|
+
// No identity to verify against
|
|
34
|
+
if (!agentId && !cycleId) {
|
|
35
|
+
return {
|
|
36
|
+
valid: false,
|
|
37
|
+
anchorCount: 0,
|
|
38
|
+
gaps: [],
|
|
39
|
+
revoked: [],
|
|
40
|
+
policyViolations: [],
|
|
41
|
+
source: "none",
|
|
42
|
+
reason: "no_agent_id_or_cycle_id",
|
|
43
|
+
};
|
|
44
|
+
}
|
|
45
|
+
// Step 1: Try Redis in-memory index (fast path)
|
|
46
|
+
const redisAnchors = queryAnchors(agentId, cycleId);
|
|
47
|
+
if (redisAnchors.length > 0) {
|
|
48
|
+
return evaluateChain(redisAnchors, "redis", config, policy, agentTokenCount, agentTrustLevel);
|
|
49
|
+
}
|
|
50
|
+
// Step 2: Fallback to ledger query
|
|
51
|
+
try {
|
|
52
|
+
const ledgerAnchors = await queryLedger(agentId, cycleId, config, client);
|
|
53
|
+
if (ledgerAnchors.length > 0) {
|
|
54
|
+
return evaluateChain(ledgerAnchors, "ledger", config, policy, agentTokenCount, agentTrustLevel);
|
|
55
|
+
}
|
|
56
|
+
}
|
|
57
|
+
catch {
|
|
58
|
+
// Ledger unavailable -- fail closed
|
|
59
|
+
}
|
|
60
|
+
// No anchors found anywhere
|
|
61
|
+
return {
|
|
62
|
+
valid: false,
|
|
63
|
+
anchorCount: 0,
|
|
64
|
+
gaps: [],
|
|
65
|
+
revoked: [],
|
|
66
|
+
policyViolations: [],
|
|
67
|
+
source: "none",
|
|
68
|
+
reason: "no_anchors_found",
|
|
69
|
+
};
|
|
70
|
+
}
|
|
71
|
+
// ── Chain Evaluation ──────────────────────────────────────────────────
|
|
72
|
+
function evaluateChain(anchors, source, config, policy, agentTokenCount, agentTrustLevel) {
|
|
73
|
+
// Sort by epoch ascending
|
|
74
|
+
const sorted = [...anchors].sort((a, b) => a.anchor_epoch - b.anchor_epoch);
|
|
75
|
+
// Check for revocations (AI-REV.1 anchors targeting chain members)
|
|
76
|
+
const revoked = [];
|
|
77
|
+
for (const anchor of sorted) {
|
|
78
|
+
if (anchor.procedure_id === "AI-REV.1") {
|
|
79
|
+
// This IS a revocation anchor -- extract target from observations or context
|
|
80
|
+
const obs = anchor.observations;
|
|
81
|
+
const target = obs?.revocation_target;
|
|
82
|
+
if (target)
|
|
83
|
+
revoked.push(target);
|
|
84
|
+
}
|
|
85
|
+
}
|
|
86
|
+
// Check for FAIL verdicts
|
|
87
|
+
const failAnchors = sorted.filter((a) => {
|
|
88
|
+
const verdict = "verdict" in a ? a.verdict : undefined;
|
|
89
|
+
return verdict === "FAIL" && a.procedure_id !== "AI-REV.1";
|
|
90
|
+
});
|
|
91
|
+
// Check chain gaps
|
|
92
|
+
const maxGap = config.maxChainGapSeconds ?? 60;
|
|
93
|
+
const gaps = [];
|
|
94
|
+
for (let i = 1; i < sorted.length; i++) {
|
|
95
|
+
const gap = sorted[i].anchor_epoch - sorted[i - 1].anchor_epoch;
|
|
96
|
+
if (gap > maxGap) {
|
|
97
|
+
gaps.push({
|
|
98
|
+
fromEpoch: sorted[i - 1].anchor_epoch,
|
|
99
|
+
toEpoch: sorted[i].anchor_epoch,
|
|
100
|
+
gapSeconds: gap,
|
|
101
|
+
});
|
|
102
|
+
}
|
|
103
|
+
}
|
|
104
|
+
// Check anchor freshness (most recent anchor must be within maxGap of now)
|
|
105
|
+
const nowEpoch = Math.floor(Date.now() / 1000);
|
|
106
|
+
const newestAnchor = sorted[sorted.length - 1];
|
|
107
|
+
const staleness = nowEpoch - newestAnchor.anchor_epoch;
|
|
108
|
+
if (staleness > maxGap) {
|
|
109
|
+
gaps.push({
|
|
110
|
+
fromEpoch: newestAnchor.anchor_epoch,
|
|
111
|
+
toEpoch: nowEpoch,
|
|
112
|
+
gapSeconds: staleness,
|
|
113
|
+
});
|
|
114
|
+
}
|
|
115
|
+
// Verify HMAC signatures when signing key is available and policy requires it
|
|
116
|
+
let signatureFailures = 0;
|
|
117
|
+
if (policy.require_signing_key && config.signingKey) {
|
|
118
|
+
for (const anchor of sorted) {
|
|
119
|
+
if (anchor.procedure_id === "AI-REV.1")
|
|
120
|
+
continue;
|
|
121
|
+
if (!anchor.payload_signature) {
|
|
122
|
+
signatureFailures++;
|
|
123
|
+
continue;
|
|
124
|
+
}
|
|
125
|
+
// Recompute HMAC and compare (same-tenant verification)
|
|
126
|
+
const agentId = "agent_id" in anchor ? anchor.agent_id : undefined;
|
|
127
|
+
const expected = signPayload(config.signingKey, anchor.anchor_fingerprint, agentId);
|
|
128
|
+
if (anchor.payload_signature !== expected) {
|
|
129
|
+
signatureFailures++;
|
|
130
|
+
}
|
|
131
|
+
}
|
|
132
|
+
}
|
|
133
|
+
// Convert to ChainAnchor for policy evaluation
|
|
134
|
+
const chainAnchors = sorted
|
|
135
|
+
.filter((a) => a.procedure_id !== "AI-REV.1")
|
|
136
|
+
.map((a) => ({
|
|
137
|
+
anchor_epoch: a.anchor_epoch,
|
|
138
|
+
provider: a.provider,
|
|
139
|
+
payload_signature: a.payload_signature,
|
|
140
|
+
ai_input_tokens: a.ai_input_tokens,
|
|
141
|
+
ai_output_tokens: a.ai_output_tokens,
|
|
142
|
+
}));
|
|
143
|
+
// Evaluate density policy
|
|
144
|
+
const policyResult = evaluatePolicy(policy, chainAnchors, agentTokenCount, agentTrustLevel);
|
|
145
|
+
// Determine validity
|
|
146
|
+
const valid = revoked.length === 0 &&
|
|
147
|
+
failAnchors.length === 0 &&
|
|
148
|
+
gaps.length === 0 &&
|
|
149
|
+
signatureFailures === 0 &&
|
|
150
|
+
policyResult.compliant;
|
|
151
|
+
let reason;
|
|
152
|
+
if (!valid) {
|
|
153
|
+
if (revoked.length > 0)
|
|
154
|
+
reason = "revoked_anchors";
|
|
155
|
+
else if (failAnchors.length > 0)
|
|
156
|
+
reason = "fail_verdicts_in_chain";
|
|
157
|
+
else if (gaps.length > 0)
|
|
158
|
+
reason = "chain_gap_exceeded";
|
|
159
|
+
else if (signatureFailures > 0)
|
|
160
|
+
reason = "signature_verification_failed";
|
|
161
|
+
else if (!policyResult.compliant)
|
|
162
|
+
reason = "density_policy_violation";
|
|
163
|
+
}
|
|
164
|
+
return {
|
|
165
|
+
valid,
|
|
166
|
+
anchorCount: sorted.length,
|
|
167
|
+
gaps,
|
|
168
|
+
revoked,
|
|
169
|
+
policyViolations: policyResult.violations,
|
|
170
|
+
source,
|
|
171
|
+
reason,
|
|
172
|
+
};
|
|
173
|
+
}
|
|
174
|
+
// ── Ledger Query (HTTP fallback) ──────────────────────────────────────
|
|
175
|
+
//
|
|
176
|
+
// OPEN CORE BOUNDARY: This function queries the Axiom Engine's
|
|
177
|
+
// proprietary chain verification endpoint. The endpoint performs
|
|
178
|
+
// authoritative verification against the sovereign witness ledger
|
|
179
|
+
// (multi-tenant, RLS-enforced, revocation-aware). This is the paywall:
|
|
180
|
+
// local Redis verification is best-effort; ledger verification is
|
|
181
|
+
// authoritative. Do NOT implement local ledger storage or self-contained
|
|
182
|
+
// verification that would bypass this boundary.
|
|
183
|
+
//
|
|
184
|
+
async function queryLedger(agentId, cycleId, config, client) {
|
|
185
|
+
const params = new URLSearchParams();
|
|
186
|
+
if (agentId)
|
|
187
|
+
params.set("agent_id", agentId);
|
|
188
|
+
if (cycleId)
|
|
189
|
+
params.set("cycle_id", cycleId);
|
|
190
|
+
params.set("limit", "100");
|
|
191
|
+
params.set("recent", "true");
|
|
192
|
+
const url = `/api/v1/ai-witness/chain?${params.toString()}`;
|
|
193
|
+
try {
|
|
194
|
+
const response = await fetch(`${config.endpoint}${url}`, {
|
|
195
|
+
headers: {
|
|
196
|
+
"Content-Type": "application/json",
|
|
197
|
+
Authorization: `Bearer ${config.apiKey}`,
|
|
198
|
+
},
|
|
199
|
+
signal: AbortSignal.timeout(5000),
|
|
200
|
+
});
|
|
201
|
+
if (!response.ok)
|
|
202
|
+
return [];
|
|
203
|
+
const data = (await response.json());
|
|
204
|
+
return data.anchors || [];
|
|
205
|
+
}
|
|
206
|
+
catch {
|
|
207
|
+
return [];
|
|
208
|
+
}
|
|
209
|
+
}
|
|
210
|
+
//# sourceMappingURL=chain-verifier.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"chain-verifier.js","sourceRoot":"","sources":["../src/chain-verifier.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAIH,OAAO,EAAE,YAAY,EAAoB,MAAM,mBAAmB,CAAC;AACnE,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EACL,cAAc,GAIf,MAAM,qBAAqB,CAAC;AAkC7B,yEAAyE;AAEzE;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,OAA2B,EAC3B,OAA2B,EAC3B,MAAiB,EACjB,MAAmB,EACnB,MAAqB,EACrB,eAAwB,EACxB,eAAwB;IAExB,gCAAgC;IAChC,IAAI,CAAC,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC;QACzB,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,WAAW,EAAE,CAAC;YACd,IAAI,EAAE,EAAE;YACR,OAAO,EAAE,EAAE;YACX,gBAAgB,EAAE,EAAE;YACpB,MAAM,EAAE,MAAM;YACd,MAAM,EAAE,yBAAyB;SAClC,CAAC;IACJ,CAAC;IAED,gDAAgD;IAChD,MAAM,YAAY,GAAG,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAEpD,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,OAAO,aAAa,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,eAAe,CAAC,CAAC;IAChG,CAAC;IAED,mCAAmC;IACnC,IAAI,CAAC;QACH,MAAM,aAAa,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;QAC1E,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC7B,OAAO,aAAa,CAAC,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,eAAe,CAAC,CAAC;QAClG,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,oCAAoC;IACtC,CAAC;IAED,4BAA4B;IAC5B,OAAO;QACL,KAAK,EAAE,KAAK;QACZ,WAAW,EAAE,CAAC;QACd,IAAI,EAAE,EAAE;QACR,OAAO,EAAE,EAAE;QACX,gBAAgB,EAAE,EAAE;QACpB,MAAM,EAAE,MAAM;QACd,MAAM,EAAE,kBAAkB;KAC3B,CAAC;AACJ,CAAC;AAED,yEAAyE;AAEzE,SAAS,aAAa,CACpB,OAA0C,EAC1C,MAA0B,EAC1B,MAAiB,EACjB,MAAqB,EACrB,eAAwB,EACxB,eAAwB;IAExB,0BAA0B;IAC1B,MAAM,MAAM,GAAG,CAAC,GAAG,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,GAAG,CAAC,CAAC,YAAY,CAAC,CAAC;IAE5E,mEAAmE;IACnE,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,KAAK,MAAM,MAAM,IAAI,MAAM,EAAE,CAAC;QAC5B,IAAI,MAAM,CAAC,YAAY,KAAK,UAAU,EAAE,CAAC;YACvC,6EAA6E;YAC7E,MAAM,GAAG,GAAI,MAAuB,CAAC,YAAY,CAAC;YAClD,MAAM,MAAM,GAAG,GAAG,EAAE,iBAAuC,CAAC;YAC5D,IAAI,MAAM;gBAAE,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IAED,0BAA0B;IAC1B,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QACtC,MAAM,OAAO,GAAG,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;QACvD,OAAO,OAAO,KAAK,MAAM,IAAI,CAAC,CAAC,YAAY,KAAK,UAAU,CAAC;IAC7D,CAAC,CAAC,CAAC;IAEH,mBAAmB;IACnB,MAAM,MAAM,GAAG,MAAM,CAAC,kBAAkB,IAAI,EAAE,CAAC;IAC/C,MAAM,IAAI,GAAe,EAAE,CAAC;IAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,YAAY,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC;QAChE,IAAI,GAAG,GAAG,MAAM,EAAE,CAAC;YACjB,IAAI,CAAC,IAAI,CAAC;gBACR,SAAS,EAAE,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,YAAY;gBACrC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,YAAY;gBAC/B,UAAU,EAAE,GAAG;aAChB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,2EAA2E;IAC3E,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC/C,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC/C,MAAM,SAAS,GAAG,QAAQ,GAAG,YAAY,CAAC,YAAY,CAAC;IACvD,IAAI,SAAS,GAAG,MAAM,EAAE,CAAC;QACvB,IAAI,CAAC,IAAI,CAAC;YACR,SAAS,EAAE,YAAY,CAAC,YAAY;YACpC,OAAO,EAAE,QAAQ;YACjB,UAAU,EAAE,SAAS;SACtB,CAAC,CAAC;IACL,CAAC;IAED,8EAA8E;IAC9E,IAAI,iBAAiB,GAAG,CAAC,CAAC;IAC1B,IAAI,MAAM,CAAC,mBAAmB,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QACpD,KAAK,MAAM,MAAM,IAAI,MAAM,EAAE,CAAC;YAC5B,IAAI,MAAM,CAAC,YAAY,KAAK,UAAU;gBAAE,SAAS;YACjD,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;gBAC9B,iBAAiB,EAAE,CAAC;gBACpB,SAAS;YACX,CAAC;YACD,wDAAwD;YACxD,MAAM,OAAO,GAAG,UAAU,IAAI,MAAM,CAAC,CAAC,CAAE,MAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YACpF,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,kBAAkB,EAAE,OAAO,CAAC,CAAC;YACpF,IAAI,MAAM,CAAC,iBAAiB,KAAK,QAAQ,EAAE,CAAC;gBAC1C,iBAAiB,EAAE,CAAC;YACtB,CAAC;QACH,CAAC;IACH,CAAC;IAED,+CAA+C;IAC/C,MAAM,YAAY,GAAkB,MAAM;SACvC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,KAAK,UAAU,CAAC;SAC5C,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACX,YAAY,EAAE,CAAC,CAAC,YAAY;QAC5B,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,iBAAiB,EAAE,CAAC,CAAC,iBAAiB;QACtC,eAAe,EAAE,CAAC,CAAC,eAAe;QAClC,gBAAgB,EAAE,CAAC,CAAC,gBAAgB;KACrC,CAAC,CAAC,CAAC;IAEN,0BAA0B;IAC1B,MAAM,YAAY,GAAG,cAAc,CAAC,MAAM,EAAE,YAAY,EAAE,eAAe,EAAE,eAAe,CAAC,CAAC;IAE5F,qBAAqB;IACrB,MAAM,KAAK,GACT,OAAO,CAAC,MAAM,KAAK,CAAC;QACpB,WAAW,CAAC,MAAM,KAAK,CAAC;QACxB,IAAI,CAAC,MAAM,KAAK,CAAC;QACjB,iBAAiB,KAAK,CAAC;QACvB,YAAY,CAAC,SAAS,CAAC;IAEzB,IAAI,MAA0B,CAAC;IAC/B,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC;YAAE,MAAM,GAAG,iBAAiB,CAAC;aAC9C,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC;YAAE,MAAM,GAAG,wBAAwB,CAAC;aAC9D,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC;YAAE,MAAM,GAAG,oBAAoB,CAAC;aACnD,IAAI,iBAAiB,GAAG,CAAC;YAAE,MAAM,GAAG,+BAA+B,CAAC;aACpE,IAAI,CAAC,YAAY,CAAC,SAAS;YAAE,MAAM,GAAG,0BAA0B,CAAC;IACxE,CAAC;IAED,OAAO;QACL,KAAK;QACL,WAAW,EAAE,MAAM,CAAC,MAAM;QAC1B,IAAI;QACJ,OAAO;QACP,gBAAgB,EAAE,YAAY,CAAC,UAAU;QACzC,MAAM;QACN,MAAM;KACP,CAAC;AACJ,CAAC;AAED,yEAAyE;AACzE,EAAE;AACF,+DAA+D;AAC/D,iEAAiE;AACjE,kEAAkE;AAClE,uEAAuE;AACvE,kEAAkE;AAClE,yEAAyE;AACzE,gDAAgD;AAChD,EAAE;AAEF,KAAK,UAAU,WAAW,CACxB,OAA2B,EAC3B,OAA2B,EAC3B,MAAiB,EACjB,MAAmB;IAEnB,MAAM,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;IACrC,IAAI,OAAO;QAAE,MAAM,CAAC,GAAG,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IAC7C,IAAI,OAAO;QAAE,MAAM,CAAC,GAAG,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IAC7C,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAC3B,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAE7B,MAAM,GAAG,GAAG,4BAA4B,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;IAE5D,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,MAAM,CAAC,QAAQ,GAAG,GAAG,EAAE,EAAE;YACvD,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,aAAa,EAAE,UAAU,MAAM,CAAC,MAAM,EAAE;aACzC;YACD,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC;SAClC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE;YAAE,OAAO,EAAE,CAAC;QAE5B,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiC,CAAC;QACrE,OAAO,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC;IAC5B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC"}
|
package/dist/client.d.ts
CHANGED
|
@@ -25,6 +25,10 @@ export interface WitnessPayload {
|
|
|
25
25
|
cycle_id?: string;
|
|
26
26
|
payload_signature?: string;
|
|
27
27
|
policy_version_hash?: string;
|
|
28
|
+
jurisdiction?: string;
|
|
29
|
+
legal_basis?: string;
|
|
30
|
+
purpose_class?: string;
|
|
31
|
+
witness_source?: string;
|
|
28
32
|
}
|
|
29
33
|
export interface WitnessReceipt {
|
|
30
34
|
ok: boolean;
|
package/dist/client.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAE7C,MAAM,WAAW,cAAc;IAC7B,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;IACvB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,YAAY,EAAE,MAAM,CAAC;IACrB,wBAAwB,EAAE,MAAM,CAAC;IACjC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,mBAAmB,CAAC,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAE7C,MAAM,WAAW,cAAc;IAC7B,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;IACvB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,YAAY,EAAE,MAAM,CAAC;IACrB,wBAAwB,EAAE,MAAM,CAAC;IACjC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,OAAO,CAAC;IACZ,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,YAAY,EAAE,MAAM,CAAC;IACrB,gBAAgB,EAAE,MAAM,CAAC;IACzB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAClC;AAED,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAChC;AAED,qBAAa,WAAW;IACtB,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,gBAAgB,CAAuB;gBAEnC,MAAM,EAAE,SAAS,EAAE,OAAO,GAAE,MAAc;IAMtD;;OAEG;IACH,mBAAmB,IAAI,MAAM,GAAG,IAAI;YAItB,OAAO;IAqCf,WAAW,CAAC,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,cAAc,CAAC;IAO7D,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC;IAOpD,SAAS,IAAI,OAAO,CAAC,cAAc,CAAC;IAapC,UAAU,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAI9C,aAAa,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAaxD"}
|
package/dist/client.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA;;;;GAIG;
|
|
1
|
+
{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AA0DH,MAAM,OAAO,WAAW;IACd,OAAO,CAAS;IAChB,MAAM,CAAS;IACf,OAAO,CAAS;IAChB,gBAAgB,GAAkB,IAAI,CAAC;IAE/C,YAAY,MAAiB,EAAE,UAAkB,KAAK;QACpD,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC;QAC/B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;QAC5B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED;;OAEG;IACH,mBAAmB;QACjB,OAAO,IAAI,CAAC,gBAAgB,CAAC;IAC/B,CAAC;IAEO,KAAK,CAAC,OAAO,CACnB,IAAY,EACZ,UAAuB,EAAE;QAEzB,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,GAAG,IAAI,EAAE,CAAC;QACrC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QAEjE,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;gBAChC,GAAG,OAAO;gBACV,MAAM,EAAE,UAAU,CAAC,MAAM;gBACzB,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,aAAa,EAAE,UAAU,IAAI,CAAC,MAAM,EAAE;oBACtC,GAAG,OAAO,CAAC,OAAO;iBACnB;aACF,CAAC,CAAC;YAEH,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAgD,CAAC;YAEjF,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,GAAG,GAAG,IAAI,EAAE,KAAK,IAAI,QAAQ,CAAC,UAAU,CAAC;gBAC/C,MAAM,IAAI,KAAK,CAAC,GAAG,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC,CAAC;YAChD,CAAC;YAED,4DAA4D;YAC5D,IAAI,IAAI,EAAE,SAAS,IAAI,OAAO,IAAI,CAAC,SAAS,KAAK,QAAQ,EAAE,CAAC;gBAC1D,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,SAAS,CAAC;YACzC,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;gBAAS,CAAC;YACT,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;IACH,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,OAAuB;QACvC,OAAO,IAAI,CAAC,OAAO,CAAiB,iBAAiB,EAAE;YACrD,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;SAC9B,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,KAAa;QAC9B,MAAM,OAAO,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC;QAC1C,OAAO,IAAI,CAAC,OAAO,CACjB,+BAA+B,OAAO,EAAE,CACzC,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,SAAS;QACb,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,gBAAgB,CAAC;QAC5C,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QAEjE,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;YACjE,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAmB,CAAC;QACnD,CAAC;gBAAS,CAAC;YACT,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;IACH,CAAC;IAED,KAAK,CAAC,UAAU;QACd,OAAO,IAAI,CAAC,OAAO,CAA0B,oBAAoB,CAAC,CAAC;IACrE,CAAC;IAED,KAAK,CAAC,aAAa;QACjB,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,6BAA6B,CAAC;QACzD,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QAEjE,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;YACjE,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA4B,CAAC;QAC5D,CAAC;gBAAS,CAAC;YACT,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;IACH,CAAC;CAEF"}
|
package/dist/config.d.ts
CHANGED
|
@@ -14,6 +14,14 @@ export interface McpConfig {
|
|
|
14
14
|
agentId?: string;
|
|
15
15
|
signingKey?: string;
|
|
16
16
|
demo: boolean;
|
|
17
|
+
/** Enable chain verification gatekeeper before tool execution. */
|
|
18
|
+
chainVerify: boolean;
|
|
19
|
+
/** Redis URL for stream reader (chain verification fast path). */
|
|
20
|
+
redisUrl: string;
|
|
21
|
+
/** Redis stream name for anchor consumption. */
|
|
22
|
+
redisStream: string;
|
|
23
|
+
/** Maximum seconds between consecutive anchors in a chain. */
|
|
24
|
+
maxChainGapSeconds: number;
|
|
17
25
|
}
|
|
18
26
|
export declare function loadConfig(): McpConfig;
|
|
19
27
|
//# sourceMappingURL=config.d.ts.map
|
package/dist/config.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,MAAM,WAAW,SAAS;IACxB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,MAAM,WAAW,SAAS;IACxB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,OAAO,CAAC;IACd,kEAAkE;IAClE,WAAW,EAAE,OAAO,CAAC;IACrB,kEAAkE;IAClE,QAAQ,EAAE,MAAM,CAAC;IACjB,gDAAgD;IAChD,WAAW,EAAE,MAAM,CAAC;IACpB,8DAA8D;IAC9D,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAED,wBAAgB,UAAU,IAAI,SAAS,CA0CtC"}
|
package/dist/config.js
CHANGED
|
@@ -13,6 +13,10 @@ export function loadConfig() {
|
|
|
13
13
|
const rawLevel = process.env.SWT3_CLEARING_LEVEL;
|
|
14
14
|
const agentId = process.env.SWT3_AGENT_ID || undefined;
|
|
15
15
|
const signingKey = process.env.SWT3_SIGNING_KEY || undefined;
|
|
16
|
+
const chainVerify = process.env.SWT3_CHAIN_VERIFY === "true";
|
|
17
|
+
const redisUrl = process.env.SWT3_REDIS_URL || "redis://localhost:6379";
|
|
18
|
+
const redisStream = process.env.SWT3_REDIS_STREAM || "swt3:anchors";
|
|
19
|
+
const maxChainGapSeconds = parseInt(process.env.SWT3_MAX_CHAIN_GAP || "60", 10);
|
|
16
20
|
// Demo mode: no API key set
|
|
17
21
|
const demo = !apiKey;
|
|
18
22
|
// Validate API key format if provided
|
|
@@ -35,6 +39,10 @@ export function loadConfig() {
|
|
|
35
39
|
agentId,
|
|
36
40
|
signingKey,
|
|
37
41
|
demo,
|
|
42
|
+
chainVerify: demo ? false : chainVerify,
|
|
43
|
+
redisUrl,
|
|
44
|
+
redisStream,
|
|
45
|
+
maxChainGapSeconds,
|
|
38
46
|
};
|
|
39
47
|
}
|
|
40
48
|
//# sourceMappingURL=config.js.map
|
package/dist/config.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAoBH,MAAM,UAAU,UAAU;IACxB,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,6BAA6B,CAAC;IAC5E,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,EAAE,CAAC;IAC9C,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,EAAE,CAAC;IAClD,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;IACjD,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,SAAS,CAAC;IACvD,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,SAAS,CAAC;IAC7D,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,KAAK,MAAM,CAAC;IAC7D,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,wBAAwB,CAAC;IACxE,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,cAAc,CAAC;IACpE,MAAM,kBAAkB,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,IAAI,EAAE,EAAE,CAAC,CAAC;IAEhF,4BAA4B;IAC5B,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC;IAErB,sCAAsC;IACtC,IAAI,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IACzD,CAAC;IAED,IAAI,aAAa,GAAkB,CAAC,CAAC;IACrC,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC3B,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QACtC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC/D,CAAC;QACD,aAAa,GAAG,MAAuB,CAAC;IAC1C,CAAC;IAED,OAAO;QACL,QAAQ,EAAE,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC;QACtC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,MAAM;QACxC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,QAAQ;QACxC,aAAa;QACb,OAAO;QACP,UAAU;QACV,IAAI;QACJ,WAAW,EAAE,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,WAAW;QACvC,QAAQ;QACR,WAAW;QACX,kBAAkB;KACnB,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* SWT3 MCP Server: Anchor Density Policy Engine.
|
|
3
|
+
*
|
|
4
|
+
* Configurable rules that enforce minimum anchor frequency, provider
|
|
5
|
+
* requirements, chain gap limits, and signing enforcement. Agents that
|
|
6
|
+
* fail policy checks are denied tool execution by the chain verifier.
|
|
7
|
+
*
|
|
8
|
+
* Patent coverage: PPA #7, PPA #9, PPA #11
|
|
9
|
+
*/
|
|
10
|
+
export interface DensityPolicy {
|
|
11
|
+
/** Minimum anchors per 1,000 tokens generated. Default: 1 */
|
|
12
|
+
min_anchors_per_1000_tokens: number;
|
|
13
|
+
/** Required anchor providers (e.g. ["vllm-native", "nvidia-triton"]). Default: [] */
|
|
14
|
+
required_providers: string[];
|
|
15
|
+
/** Maximum seconds between consecutive anchors in a chain. Default: 60 */
|
|
16
|
+
max_chain_gap_seconds: number;
|
|
17
|
+
/** Require all anchors to have payload_signature. Default: false */
|
|
18
|
+
require_signing_key: boolean;
|
|
19
|
+
/** Minimum trust level for the presenting agent. Default: 1 */
|
|
20
|
+
min_trust_level: number;
|
|
21
|
+
}
|
|
22
|
+
export interface PolicyViolation {
|
|
23
|
+
rule: string;
|
|
24
|
+
message: string;
|
|
25
|
+
actual?: number | string;
|
|
26
|
+
required?: number | string;
|
|
27
|
+
}
|
|
28
|
+
export interface PolicyResult {
|
|
29
|
+
compliant: boolean;
|
|
30
|
+
violations: PolicyViolation[];
|
|
31
|
+
}
|
|
32
|
+
/** Minimal anchor shape needed for policy evaluation. */
|
|
33
|
+
export interface ChainAnchor {
|
|
34
|
+
anchor_epoch: number;
|
|
35
|
+
provider?: string;
|
|
36
|
+
payload_signature?: string;
|
|
37
|
+
ai_input_tokens?: number;
|
|
38
|
+
ai_output_tokens?: number;
|
|
39
|
+
trust_level?: number;
|
|
40
|
+
}
|
|
41
|
+
/**
|
|
42
|
+
* Load density policy from environment.
|
|
43
|
+
* Priority: SWT3_DENSITY_POLICY (inline JSON) > SWT3_DENSITY_POLICY_FILE (path) > defaults
|
|
44
|
+
*/
|
|
45
|
+
export declare function loadDensityPolicy(): DensityPolicy;
|
|
46
|
+
/**
|
|
47
|
+
* Evaluate an anchor chain against the density policy.
|
|
48
|
+
*
|
|
49
|
+
* @param policy - The active density policy
|
|
50
|
+
* @param anchors - Chain anchors sorted by epoch ascending
|
|
51
|
+
* @param agentTokenCount - Total tokens produced by the agent (optional, skips density check if absent)
|
|
52
|
+
* @param agentTrustLevel - Trust level of the presenting agent (from verify_agent_trust)
|
|
53
|
+
*/
|
|
54
|
+
export declare function evaluatePolicy(policy: DensityPolicy, anchors: ChainAnchor[], agentTokenCount?: number, agentTrustLevel?: number): PolicyResult;
|
|
55
|
+
//# sourceMappingURL=density-policy.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"density-policy.d.ts","sourceRoot":"","sources":["../src/density-policy.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAMH,MAAM,WAAW,aAAa;IAC5B,6DAA6D;IAC7D,2BAA2B,EAAE,MAAM,CAAC;IACpC,qFAAqF;IACrF,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,0EAA0E;IAC1E,qBAAqB,EAAE,MAAM,CAAC;IAC9B,oEAAoE;IACpE,mBAAmB,EAAE,OAAO,CAAC;IAC7B,+DAA+D;IAC/D,eAAe,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IACzB,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,YAAY;IAC3B,SAAS,EAAE,OAAO,CAAC;IACnB,UAAU,EAAE,eAAe,EAAE,CAAC;CAC/B;AAED,yDAAyD;AACzD,MAAM,WAAW,WAAW;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAcD;;;GAGG;AACH,wBAAgB,iBAAiB,IAAI,aAAa,CAqBjD;AAID;;;;;;;GAOG;AACH,wBAAgB,cAAc,CAC5B,MAAM,EAAE,aAAa,EACrB,OAAO,EAAE,WAAW,EAAE,EACtB,eAAe,CAAC,EAAE,MAAM,EACxB,eAAe,CAAC,EAAE,MAAM,GACvB,YAAY,CA0Ed"}
|
|
@@ -0,0 +1,124 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* SWT3 MCP Server: Anchor Density Policy Engine.
|
|
3
|
+
*
|
|
4
|
+
* Configurable rules that enforce minimum anchor frequency, provider
|
|
5
|
+
* requirements, chain gap limits, and signing enforcement. Agents that
|
|
6
|
+
* fail policy checks are denied tool execution by the chain verifier.
|
|
7
|
+
*
|
|
8
|
+
* Patent coverage: PPA #7, PPA #9, PPA #11
|
|
9
|
+
*/
|
|
10
|
+
import { readFileSync } from "node:fs";
|
|
11
|
+
// ── Defaults ──────────────────────────────────────────────────────────
|
|
12
|
+
const DEFAULT_POLICY = {
|
|
13
|
+
min_anchors_per_1000_tokens: 1,
|
|
14
|
+
required_providers: [],
|
|
15
|
+
max_chain_gap_seconds: 60,
|
|
16
|
+
require_signing_key: false,
|
|
17
|
+
min_trust_level: 1,
|
|
18
|
+
};
|
|
19
|
+
// ── Load Policy ───────────────────────────────────────────────────────
|
|
20
|
+
/**
|
|
21
|
+
* Load density policy from environment.
|
|
22
|
+
* Priority: SWT3_DENSITY_POLICY (inline JSON) > SWT3_DENSITY_POLICY_FILE (path) > defaults
|
|
23
|
+
*/
|
|
24
|
+
export function loadDensityPolicy() {
|
|
25
|
+
const inline = process.env.SWT3_DENSITY_POLICY;
|
|
26
|
+
if (inline) {
|
|
27
|
+
try {
|
|
28
|
+
return { ...DEFAULT_POLICY, ...JSON.parse(inline) };
|
|
29
|
+
}
|
|
30
|
+
catch {
|
|
31
|
+
// Fall through to file or defaults
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
const filePath = process.env.SWT3_DENSITY_POLICY_FILE;
|
|
35
|
+
if (filePath) {
|
|
36
|
+
try {
|
|
37
|
+
const raw = readFileSync(filePath, "utf8");
|
|
38
|
+
return { ...DEFAULT_POLICY, ...JSON.parse(raw) };
|
|
39
|
+
}
|
|
40
|
+
catch {
|
|
41
|
+
// Fall through to defaults
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
return { ...DEFAULT_POLICY };
|
|
45
|
+
}
|
|
46
|
+
// ── Evaluate Policy ───────────────────────────────────────────────────
|
|
47
|
+
/**
|
|
48
|
+
* Evaluate an anchor chain against the density policy.
|
|
49
|
+
*
|
|
50
|
+
* @param policy - The active density policy
|
|
51
|
+
* @param anchors - Chain anchors sorted by epoch ascending
|
|
52
|
+
* @param agentTokenCount - Total tokens produced by the agent (optional, skips density check if absent)
|
|
53
|
+
* @param agentTrustLevel - Trust level of the presenting agent (from verify_agent_trust)
|
|
54
|
+
*/
|
|
55
|
+
export function evaluatePolicy(policy, anchors, agentTokenCount, agentTrustLevel) {
|
|
56
|
+
const violations = [];
|
|
57
|
+
// Rule 1: Anchor density (anchors per 1,000 tokens)
|
|
58
|
+
if (agentTokenCount != null && agentTokenCount > 0 && policy.min_anchors_per_1000_tokens > 0) {
|
|
59
|
+
const expectedAnchors = (agentTokenCount / 1000) * policy.min_anchors_per_1000_tokens;
|
|
60
|
+
if (anchors.length < expectedAnchors) {
|
|
61
|
+
violations.push({
|
|
62
|
+
rule: "anchor_density",
|
|
63
|
+
message: `Insufficient anchor density: ${anchors.length} anchors for ${agentTokenCount} tokens (need ${Math.ceil(expectedAnchors)})`,
|
|
64
|
+
actual: anchors.length,
|
|
65
|
+
required: Math.ceil(expectedAnchors),
|
|
66
|
+
});
|
|
67
|
+
}
|
|
68
|
+
}
|
|
69
|
+
// Rule 2: Required providers
|
|
70
|
+
if (policy.required_providers.length > 0) {
|
|
71
|
+
const presentProviders = new Set(anchors.map((a) => a.provider).filter(Boolean));
|
|
72
|
+
for (const required of policy.required_providers) {
|
|
73
|
+
if (!presentProviders.has(required)) {
|
|
74
|
+
violations.push({
|
|
75
|
+
rule: "required_provider",
|
|
76
|
+
message: `Missing required provider: ${required}`,
|
|
77
|
+
actual: [...presentProviders].join(", ") || "none",
|
|
78
|
+
required,
|
|
79
|
+
});
|
|
80
|
+
}
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
// Rule 3: Max chain gap
|
|
84
|
+
if (policy.max_chain_gap_seconds > 0 && anchors.length >= 2) {
|
|
85
|
+
for (let i = 1; i < anchors.length; i++) {
|
|
86
|
+
const gap = anchors[i].anchor_epoch - anchors[i - 1].anchor_epoch;
|
|
87
|
+
if (gap > policy.max_chain_gap_seconds) {
|
|
88
|
+
violations.push({
|
|
89
|
+
rule: "chain_gap",
|
|
90
|
+
message: `Chain gap of ${gap}s exceeds maximum ${policy.max_chain_gap_seconds}s (between anchors ${i - 1} and ${i})`,
|
|
91
|
+
actual: gap,
|
|
92
|
+
required: policy.max_chain_gap_seconds,
|
|
93
|
+
});
|
|
94
|
+
break; // Report first gap only
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
}
|
|
98
|
+
// Rule 4: Signing requirement
|
|
99
|
+
if (policy.require_signing_key) {
|
|
100
|
+
const unsigned = anchors.filter((a) => !a.payload_signature);
|
|
101
|
+
if (unsigned.length > 0) {
|
|
102
|
+
violations.push({
|
|
103
|
+
rule: "signing_required",
|
|
104
|
+
message: `${unsigned.length} of ${anchors.length} anchors missing payload_signature`,
|
|
105
|
+
actual: anchors.length - unsigned.length,
|
|
106
|
+
required: anchors.length,
|
|
107
|
+
});
|
|
108
|
+
}
|
|
109
|
+
}
|
|
110
|
+
// Rule 5: Minimum trust level
|
|
111
|
+
if (agentTrustLevel != null && agentTrustLevel < policy.min_trust_level) {
|
|
112
|
+
violations.push({
|
|
113
|
+
rule: "trust_level",
|
|
114
|
+
message: `Agent trust level ${agentTrustLevel} below minimum ${policy.min_trust_level}`,
|
|
115
|
+
actual: agentTrustLevel,
|
|
116
|
+
required: policy.min_trust_level,
|
|
117
|
+
});
|
|
118
|
+
}
|
|
119
|
+
return {
|
|
120
|
+
compliant: violations.length === 0,
|
|
121
|
+
violations,
|
|
122
|
+
};
|
|
123
|
+
}
|
|
124
|
+
//# sourceMappingURL=density-policy.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"density-policy.js","sourceRoot":"","sources":["../src/density-policy.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAuCvC,yEAAyE;AAEzE,MAAM,cAAc,GAAkB;IACpC,2BAA2B,EAAE,CAAC;IAC9B,kBAAkB,EAAE,EAAE;IACtB,qBAAqB,EAAE,EAAE;IACzB,mBAAmB,EAAE,KAAK;IAC1B,eAAe,EAAE,CAAC;CACnB,CAAC;AAEF,yEAAyE;AAEzE;;;GAGG;AACH,MAAM,UAAU,iBAAiB;IAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;IAC/C,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,CAAC;YACH,OAAO,EAAE,GAAG,cAAc,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;QACtD,CAAC;QAAC,MAAM,CAAC;YACP,mCAAmC;QACrC,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC;IACtD,IAAI,QAAQ,EAAE,CAAC;QACb,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;YAC3C,OAAO,EAAE,GAAG,cAAc,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QACnD,CAAC;QAAC,MAAM,CAAC;YACP,2BAA2B;QAC7B,CAAC;IACH,CAAC;IAED,OAAO,EAAE,GAAG,cAAc,EAAE,CAAC;AAC/B,CAAC;AAED,yEAAyE;AAEzE;;;;;;;GAOG;AACH,MAAM,UAAU,cAAc,CAC5B,MAAqB,EACrB,OAAsB,EACtB,eAAwB,EACxB,eAAwB;IAExB,MAAM,UAAU,GAAsB,EAAE,CAAC;IAEzC,oDAAoD;IACpD,IAAI,eAAe,IAAI,IAAI,IAAI,eAAe,GAAG,CAAC,IAAI,MAAM,CAAC,2BAA2B,GAAG,CAAC,EAAE,CAAC;QAC7F,MAAM,eAAe,GAAG,CAAC,eAAe,GAAG,IAAI,CAAC,GAAG,MAAM,CAAC,2BAA2B,CAAC;QACtF,IAAI,OAAO,CAAC,MAAM,GAAG,eAAe,EAAE,CAAC;YACrC,UAAU,CAAC,IAAI,CAAC;gBACd,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,gCAAgC,OAAO,CAAC,MAAM,gBAAgB,eAAe,iBAAiB,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG;gBACpI,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC;aACrC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,IAAI,MAAM,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzC,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;QACjF,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,kBAAkB,EAAE,CAAC;YACjD,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACpC,UAAU,CAAC,IAAI,CAAC;oBACd,IAAI,EAAE,mBAAmB;oBACzB,OAAO,EAAE,8BAA8B,QAAQ,EAAE;oBACjD,MAAM,EAAE,CAAC,GAAG,gBAAgB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,MAAM;oBAClD,QAAQ;iBACT,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,wBAAwB;IACxB,IAAI,MAAM,CAAC,qBAAqB,GAAG,CAAC,IAAI,OAAO,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QAC5D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACxC,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,YAAY,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC;YAClE,IAAI,GAAG,GAAG,MAAM,CAAC,qBAAqB,EAAE,CAAC;gBACvC,UAAU,CAAC,IAAI,CAAC;oBACd,IAAI,EAAE,WAAW;oBACjB,OAAO,EAAE,gBAAgB,GAAG,qBAAqB,MAAM,CAAC,qBAAqB,sBAAsB,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG;oBACpH,MAAM,EAAE,GAAG;oBACX,QAAQ,EAAE,MAAM,CAAC,qBAAqB;iBACvC,CAAC,CAAC;gBACH,MAAM,CAAC,wBAAwB;YACjC,CAAC;QACH,CAAC;IACH,CAAC;IAED,8BAA8B;IAC9B,IAAI,MAAM,CAAC,mBAAmB,EAAE,CAAC;QAC/B,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC;QAC7D,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,UAAU,CAAC,IAAI,CAAC;gBACd,IAAI,EAAE,kBAAkB;gBACxB,OAAO,EAAE,GAAG,QAAQ,CAAC,MAAM,OAAO,OAAO,CAAC,MAAM,oCAAoC;gBACpF,MAAM,EAAE,OAAO,CAAC,MAAM,GAAG,QAAQ,CAAC,MAAM;gBACxC,QAAQ,EAAE,OAAO,CAAC,MAAM;aACzB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,8BAA8B;IAC9B,IAAI,eAAe,IAAI,IAAI,IAAI,eAAe,GAAG,MAAM,CAAC,eAAe,EAAE,CAAC;QACxE,UAAU,CAAC,IAAI,CAAC;YACd,IAAI,EAAE,aAAa;YACnB,OAAO,EAAE,qBAAqB,eAAe,kBAAkB,MAAM,CAAC,eAAe,EAAE;YACvF,MAAM,EAAE,eAAe;YACvB,QAAQ,EAAE,MAAM,CAAC,eAAe;SACjC,CAAC,CAAC;IACL,CAAC;IAED,OAAO;QACL,SAAS,EAAE,UAAU,CAAC,MAAM,KAAK,CAAC;QAClC,UAAU;KACX,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* SWT3 MCP Server: Redis Stream Reader for real-time anchor freshness.
|
|
3
|
+
*
|
|
4
|
+
* Subscribes to the swt3:anchors Redis stream as a separate consumer group
|
|
5
|
+
* (swt3-mcp-verifiers) and maintains an in-memory index for 0ms lookups.
|
|
6
|
+
* The chain verifier queries this index before falling back to Supabase.
|
|
7
|
+
*
|
|
8
|
+
* Architecture:
|
|
9
|
+
* - Consumer group: swt3-mcp-verifiers (separate from swt3-processors)
|
|
10
|
+
* - XREADGROUP with BLOCK for backpressure-friendly consumption
|
|
11
|
+
* - In-memory index keyed by agent_id and cycle_id
|
|
12
|
+
* - TTL eviction (1 hour) + max entries (10,000 LRU)
|
|
13
|
+
*
|
|
14
|
+
* Patent coverage: PPA #7
|
|
15
|
+
*/
|
|
16
|
+
export interface AnchorEntry {
|
|
17
|
+
messageId: string;
|
|
18
|
+
procedure_id: string;
|
|
19
|
+
anchor_fingerprint: string;
|
|
20
|
+
anchor_epoch: number;
|
|
21
|
+
agent_id?: string;
|
|
22
|
+
cycle_id?: string;
|
|
23
|
+
provider?: string;
|
|
24
|
+
payload_signature?: string;
|
|
25
|
+
verdict?: string;
|
|
26
|
+
ai_input_tokens?: number;
|
|
27
|
+
ai_output_tokens?: number;
|
|
28
|
+
clearing_level?: number;
|
|
29
|
+
receivedAt: number;
|
|
30
|
+
}
|
|
31
|
+
export interface RedisReaderState {
|
|
32
|
+
running: boolean;
|
|
33
|
+
connected: boolean;
|
|
34
|
+
entriesCount: number;
|
|
35
|
+
lastMessageId: string;
|
|
36
|
+
}
|
|
37
|
+
/**
|
|
38
|
+
* Start the Redis stream reader. No-op if already running or ioredis unavailable.
|
|
39
|
+
*/
|
|
40
|
+
export declare function startRedisReader(opts: {
|
|
41
|
+
redisUrl?: string;
|
|
42
|
+
streamName?: string;
|
|
43
|
+
}): Promise<boolean>;
|
|
44
|
+
/**
|
|
45
|
+
* Stop the Redis reader gracefully.
|
|
46
|
+
*/
|
|
47
|
+
export declare function stopRedisReader(): Promise<void>;
|
|
48
|
+
/**
|
|
49
|
+
* Query cached anchors by agent_id and/or cycle_id.
|
|
50
|
+
* Returns empty array if Redis reader not running.
|
|
51
|
+
*/
|
|
52
|
+
export declare function queryAnchors(agentId?: string, cycleId?: string): AnchorEntry[];
|
|
53
|
+
/**
|
|
54
|
+
* Get reader state for health/diagnostics.
|
|
55
|
+
*/
|
|
56
|
+
export declare function getReaderState(): RedisReaderState | null;
|
|
57
|
+
//# sourceMappingURL=redis-reader.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"redis-reader.d.ts","sourceRoot":"","sources":["../src/redis-reader.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAMH,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,EAAE,OAAO,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;CACvB;AAmCD;;GAEG;AACH,wBAAsB,gBAAgB,CAAC,IAAI,EAAE;IAC3C,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,GAAG,OAAO,CAAC,OAAO,CAAC,CAoDnB;AAED;;GAEG;AACH,wBAAsB,eAAe,IAAI,OAAO,CAAC,IAAI,CAAC,CAwBrD;AAED;;;GAGG;AACH,wBAAgB,YAAY,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,WAAW,EAAE,CAc9E;AAED;;GAEG;AACH,wBAAgB,cAAc,IAAI,gBAAgB,GAAG,IAAI,CAQxD"}
|