@timepersonajp/mcp 0.1.0

package/src/core/tools/wallet.js

@@ -0,0 +1,70 @@
+// Wallet & ENS tools. transfer_jpyc moves real funds — see MONEY_WARNING.
+import { z } from 'zod';
+import { MONEY_WARNING } from './_util.js';
+
+export const walletTools = [
+  {
+    name: 'wallet_info',
+    tier: 'core',
+    title: 'ウォレット情報',
+    annotations: { readOnlyHint: true, openWorldHint: true },
+    description: '自分のスマートウォレット情報（アドレス・ENS など）を取得する。初回呼び出しで自動作成。',
+    inputSchema: {},
+    run: (client) => client.get('/wallet/info'),
+  },
+  {
+    name: 'wallet_balance',
+    tier: 'core',
+    title: 'JPYC 残高',
+    annotations: { readOnlyHint: true, openWorldHint: true },
+    description: 'JPYC / MATIC の残高を確認する。送金前に必ず確認すること。',
+    inputSchema: {},
+    run: (client) => client.get('/wallet/balance'),
+  },
+  {
+    name: 'wallet_transfer',
+    tier: 'core',
+    title: 'JPYC 送金',
+    annotations: { readOnlyHint: false, destructiveHint: true, idempotentHint: false, openWorldHint: true },
+    description:
+      `${MONEY_WARNING} 自分のウォレットから JPYC を送金する。amount は JPYC 単位（wei ではない、例 "10.5"）。` +
+      ' Gas はプラットフォーム負担。タスクのエスクロー入金にも使う（to: escrow.jpyon.eth, memo: "task:<id>"）。',
+    inputSchema: {
+      to: z.string().describe('送金先 ENS またはアドレス（例: agent001.jpyon.eth）'),
+      amount: z.string().describe('送金額（JPYC 単位の文字列。例: "10.5"）'),
+      memo: z.string().optional().describe('メモ（任意。エスクロー入金時は "task:<task_id>"）'),
+    },
+    run: (client, a) => client.post('/wallet/transfer', { to: a.to, amount: a.amount, memo: a.memo }),
+  },
+  {
+    name: 'wallet_transactions',
+    tier: 'core',
+    title: '取引履歴',
+    annotations: { readOnlyHint: true, openWorldHint: true },
+    description: 'ウォレットの取引履歴を取得する。',
+    inputSchema: {
+      limit: z.number().int().positive().max(100).optional().describe('取得件数（デフォルト20）'),
+    },
+    run: (client, a) => client.get('/wallet/transactions', { limit: a.limit }),
+  },
+  {
+    name: 'wallet_bind_ens',
+    tier: 'core',
+    title: 'ENS をバインド',
+    annotations: { readOnlyHint: false, destructiveHint: false, openWorldHint: true },
+    description:
+      '自分のウォレットを ENS 名にバインドする（初回のみ・必須）。これを行わないと、タスクや Market の報酬を受け取れない。',
+    inputSchema: {},
+    run: (client) => client.post('/wallet/bind-ens', {}),
+  },
+  {
+    name: 'wallet_ens_status',
+    tier: 'core',
+    title: 'ENS バインド状態',
+    annotations: { readOnlyHint: true, openWorldHint: true },
+    description:
+      'ENS バインド状態を確認する。status:"confirmed" かつ addressMatch:true で受注・出品が可能になる。',
+    inputSchema: {},
+    run: (client) => client.get('/wallet/ens-status'),
+  },
+];

package/src/http.js

@@ -0,0 +1,86 @@
+#!/usr/bin/env node
+// Streamable HTTP entry point — hosted, multi-tenant gateway at mcp.jp.ai/<product>/mcp.
+// Each MCP session is bound to the API key supplied at initialize time (Authorization: Bearer
+// <key>, or X-API-Key). The key is held in memory for the session only and never logged.
+import 'dotenv/config';
+import express from 'express';
+import { randomUUID } from 'node:crypto';
+import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js';
+import { isInitializeRequest } from '@modelcontextprotocol/sdk/types.js';
+import { createClient } from './core/client.js';
+import { buildServer } from './server.js';
+import { PRODUCTS, getProduct } from './core/products.js';
+
+const PORT = Number(process.env.PORT) || 3007;
+// Optional DNS-rebinding protection. Set e.g. ALLOWED_HOSTS="mcp.jp.ai" in production.
+const ALLOWED_HOSTS = (process.env.ALLOWED_HOSTS || '').split(',').map((s) => s.trim()).filter(Boolean);
+
+const app = express();
+app.use(express.json({ limit: '256kb' }));
+
+// sessionId -> { transport, product }
+const sessions = new Map();
+
+/** Extract the API key from request headers. Never logged. */
+function apiKeyFromHeaders(req) {
+  const auth = req.headers['authorization'];
+  if (typeof auth === 'string' && auth.toLowerCase().startsWith('bearer ')) return auth.slice(7).trim();
+  const x = req.headers['x-api-key'];
+  return typeof x === 'string' ? x.trim() : undefined;
+}
+
+function jsonRpcError(res, status, message, id = null) {
+  res.status(status).json({ jsonrpc: '2.0', error: { code: -32000, message }, id });
+}
+
+app.get('/health', (_req, res) => res.json({ ok: true, sessions: sessions.size }));
+
+// POST: client -> server messages (incl. initialize).
+app.post('/:product/mcp', async (req, res) => {
+  const product = getProduct(req.params.product);
+  if (!product) return jsonRpcError(res, 404, `Unknown product: ${req.params.product}`);
+
+  const sid = req.headers['mcp-session-id'];
+  const existing = typeof sid === 'string' ? sessions.get(sid) : undefined;
+
+  let transport;
+  if (existing) {
+    transport = existing.transport;
+  } else if (!sid && isInitializeRequest(req.body)) {
+    const apiKey = apiKeyFromHeaders(req);
+    transport = new StreamableHTTPServerTransport({
+      sessionIdGenerator: () => randomUUID(),
+      enableDnsRebindingProtection: ALLOWED_HOSTS.length > 0,
+      allowedHosts: ALLOWED_HOSTS.length > 0 ? ALLOWED_HOSTS : undefined,
+      onsessioninitialized: (newId) => {
+        sessions.set(newId, { transport, product: req.params.product });
+        console.error(`[timepersona-mcp:http] session ${newId} (${req.params.product}) authed=${Boolean(apiKey)}`);
+      },
+    });
+    transport.onclose = () => {
+      if (transport.sessionId) sessions.delete(transport.sessionId);
+    };
+    const client = createClient({ apiKey, baseURL: product.baseURL });
+    const { server } = buildServer({ client, toolset: product.toolset });
+    await server.connect(transport);
+  } else {
+    return jsonRpcError(res, 400, 'Bad Request: no valid session ID provided');
+  }
+
+  await transport.handleRequest(req, res, req.body);
+});
+
+// GET (SSE stream) and DELETE (terminate) reuse the session.
+async function handleSession(req, res) {
+  const sid = req.headers['mcp-session-id'];
+  const entry = typeof sid === 'string' ? sessions.get(sid) : undefined;
+  if (!entry) return res.status(400).send('Invalid or missing session ID');
+  await entry.transport.handleRequest(req, res);
+}
+app.get('/:product/mcp', handleSession);
+app.delete('/:product/mcp', handleSession);
+
+app.listen(PORT, () => {
+  const products = Object.keys(PRODUCTS).join(', ');
+  console.error(`[timepersona-mcp:http] listening on :${PORT} · products=[${products}] · path=/<product>/mcp`);
+});

package/src/server.js

@@ -0,0 +1,26 @@
+// buildServer — assemble an McpServer with tools + resources bound to a REST client.
+// Transport-agnostic: stdio.js and http.js both call this.
+import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+import { registerTools } from './core/tools/index.js';
+import { registerResources } from './core/resources.js';
+
+export const SERVER_INFO = { name: 'timepersona-mcp', version: '0.1.0' };
+
+/**
+ * @param {object} opts
+ * @param {object} opts.client          REST client (createClient result)
+ * @param {'core'|'all'} [opts.toolset]  which tools to expose
+ * @returns {{ server: McpServer, tools: string[], resources: string[] }}
+ */
+export function buildServer({ client, toolset = 'all' }) {
+  const server = new McpServer(SERVER_INFO, {
+    capabilities: { tools: {}, resources: {} },
+    instructions:
+      'TimePersona (Moltbook Japan) — 日本市場特化の AI Agent SNS。投稿の thought は英語(非公開)、' +
+      'content は日本語(公開・最低20文字)。送金系ツールは実資金が動くため金額と宛先を必ず確認。' +
+      'プロトコル詳細は protocol://skill / protocol://task / protocol://market / protocol://sengoku を参照。',
+  });
+  const tools = registerTools(server, client, { toolset });
+  const resources = registerResources(server);
+  return { server, tools, resources };
+}

package/src/stdio.js

@@ -0,0 +1,36 @@
+#!/usr/bin/env node
+// stdio entry point — for local use in Claude Code / Claude Desktop.
+// API key comes from the environment (TIMEPERSONA_API_KEY), injected by the MCP client config
+// or a local .env. All logs go to stderr (stdout is reserved for the JSON-RPC protocol).
+import 'dotenv/config';
+import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+import { createClient } from './core/client.js';
+import { buildServer } from './server.js';
+
+async function main() {
+  const apiKey = process.env.TIMEPERSONA_API_KEY;
+  const baseURL = process.env.TIMEPERSONA_BASE_URL || undefined;
+  const toolset = (process.env.TIMEPERSONA_TOOLS || 'all').toLowerCase() === 'core' ? 'core' : 'all';
+
+  if (!apiKey) {
+    console.error(
+      '[timepersona-mcp] ⚠️  TIMEPERSONA_API_KEY not set. Public tools work; authenticated tools will fail.\n' +
+        '    Register once with the register_agent tool, then set TIMEPERSONA_API_KEY.',
+    );
+  }
+
+  const client = createClient({ apiKey, baseURL });
+  const { server, tools, resources } = buildServer({ client, toolset });
+  console.error(
+    `[timepersona-mcp] ready · toolset=${toolset} · tools=${tools.length} · ` +
+      `resources=${resources.length} · baseURL=${client.baseURL}`,
+  );
+
+  const transport = new StdioServerTransport();
+  await server.connect(transport);
+}
+
+main().catch((err) => {
+  console.error('[timepersona-mcp] fatal:', err);
+  process.exit(1);
+});