agent-passport-system-mcp 2.13.0 → 2.15.0

package/README.md

@@ -10,7 +10,7 @@ MCP server for the [Agent Passport System](https://github.com/aeoess/agent-passp
 
 > **🤖 For AI agents:** If you are an agent reading this, visit [aeoess.com/llms.txt](https://aeoess.com/llms.txt) for machine-readable documentation or [llms-full.txt](https://aeoess.com/llms-full.txt) for the complete technical reference. This README is designed for humans.
 
-**102 tools** across 42 core modules + 32 v2 constitutional governance modules (separation of powers, circuit breakers, approval fatigue detection, and more). Works with any MCP client: Claude Desktop, Cursor, Windsurf, and more.
+**108 tools** across 42 core modules + 32 v2 constitutional governance modules (separation of powers, circuit breakers, approval fatigue detection, and more). Works with any MCP client: Claude Desktop, Cursor, Windsurf, and more.
 
 ## Quick Start
 
@@ -29,7 +29,7 @@ npm install -g agent-passport-system-mcp
 npx agent-passport-system-mcp setup
 ```
 
-Auto-configures Claude Desktop and Cursor. Restart your AI client. 102 tools ready.
+Auto-configures Claude Desktop and Cursor. Restart your AI client. 108 tools ready.
 
 <details>
 <summary>Manual config (if setup doesn't detect your client)</summary>
@@ -206,7 +206,7 @@ Layer 1 — Agent Passport Protocol (Ed25959 identity)
 
 ## Links
 
-- npm SDK: [agent-passport-system](https://www.npmjs.com/package/agent-passport-system) (v1.22.0, 1421 tests)
+- npm SDK: [agent-passport-system](https://www.npmjs.com/package/agent-passport-system) (v1.24.0, 1445 tests)
 - Python SDK: [agent-passport-system](https://pypi.org/project/agent-passport-system/) (v0.5.1)
 - Paper: [doi.org/10.5281/zenodo.18749779](https://doi.org/10.5281/zenodo.18749779)
 - Docs: [aeoess.com/llms-full.txt](https://aeoess.com/llms-full.txt)

package/build/index.js

@@ -54,7 +54,7 @@ createV2Attestation, assessV2AttestationQuality, } from "agent-passport-system";
 // Data Governance (Modules 36A, 38, 39 + Enforcement Gate + Training Attribution)
 import { registerSelfAttestedSource, createContributionLedger, queryContributions, getSourceMetrics, getAgentDataFootprint, generateSettlement, verifySettlement, generateDataComplianceReport, DataEnforcementGate, createTrainingAttribution, verifyTrainingAttribution, createTrainingLedger, recordTrainingAttribution, getModelDataSources, } from "agent-passport-system";
 // Data Lifecycle Governance (Modules 43+)
-import { createDerivationReceipt, resolveExtendedLineage, evaluateRevocationImpact, createDecisionLineageReceipt, isPurposePermitted, purposeCategory, isRetentionExpired, checkAggregateConstraints, isTransferPermitted, computeGovernanceTaint, fileDispute, checkCombinationPermitted, createAccessSnapshot, resolveRightsPropagation, DEFAULT_RIGHTS_PROPAGATION, detectPurposeDrift, declareReidentificationRisk, verifyGovernanceBlock, parseGovernanceBlockFromHTML, isUsagePermitted, embedGovernance, } from "agent-passport-system";
+import { createDerivationReceipt, resolveExtendedLineage, evaluateRevocationImpact, createDecisionLineageReceipt, isPurposePermitted, purposeCategory, isRetentionExpired, checkAggregateConstraints, isTransferPermitted, computeGovernanceTaint, fileDispute, checkCombinationPermitted, createAccessSnapshot, resolveRightsPropagation, DEFAULT_RIGHTS_PROPAGATION, detectPurposeDrift, declareReidentificationRisk, verifyGovernanceBlock, parseGovernanceBlockFromHTML, isUsagePermitted, embedGovernance, generateApsTxt, verifyApsTxt, resolveTermsForPath, createChainedGovernanceBlock, createAccessReceipt, governanceLoop360, } from "agent-passport-system";
 // ═══════════════════════════════════════
 // State Management
 // ═══════════════════════════════════════
@@ -3548,6 +3548,97 @@ server.tool("check_usage_permitted", "Check if a specific usage type is permitte
     return { content: [{ type: "text", text: `${result.permitted ? '✅' : '❌'} Usage "${p.usage}": ${result.condition}` }] };
 });
 // ═══════════════════════════════════════
+// aps.txt + HTTP Headers + Chained Blocks
+// ═══════════════════════════════════════
+server.tool("generate_aps_txt", "Generate a signed aps.txt file for site-wide governance. Like robots.txt but cryptographically signed with terms, revocation endpoint, and MCP upgrade path.", {
+    domain: z.string().describe("Domain this declaration covers (e.g. theagenttimes.com)"),
+    publisherName: z.string().describe("Human-readable publisher name"),
+    publicKey: z.string().describe("Publisher's Ed25519 public key (hex)"),
+    privateKey: z.string().describe("Publisher's Ed25519 private key (hex)"),
+    inference: z.enum(["permitted", "prohibited", "compensation_required", "attribution_required"]).optional(),
+    training: z.enum(["permitted", "prohibited", "compensation_required", "attribution_required"]).optional(),
+    redistribution: z.enum(["permitted", "prohibited", "compensation_required", "attribution_required"]).optional(),
+    mcpEndpoint: z.string().optional(),
+    revocationEndpoint: z.string().optional(),
+}, async (p) => {
+    const doc = generateApsTxt({
+        domain: p.domain, publisherName: p.publisherName,
+        publicKey: p.publicKey, privateKey: p.privateKey,
+        defaultTerms: { inference: p.inference, training: p.training, redistribution: p.redistribution },
+        mcpEndpoint: p.mcpEndpoint, revocationEndpoint: p.revocationEndpoint,
+    });
+    const serialized = JSON.stringify(doc, null, 2);
+    return { content: [{ type: "text", text: `📄 aps.txt Generated\n\nDomain: ${doc.domain}\nDID: ${doc.publisher_did}\nMCP: ${doc.mcp_endpoint || 'none'}\n\nServe at: ${p.domain}/.well-known/aps.txt\n\n${serialized}` }] };
+});
+server.tool("verify_aps_txt", "Verify a signed aps.txt file — checks signature and DID consistency.", {
+    content: z.string().describe("aps.txt JSON content"),
+    publicKey: z.string().describe("Publisher's Ed25519 public key (hex)"),
+}, async (p) => {
+    const doc = JSON.parse(p.content);
+    const result = verifyApsTxt(doc, p.publicKey);
+    return { content: [{ type: "text", text: `${result.valid ? '✅' : '❌'} aps.txt Verification: ${result.valid ? 'VALID' : 'INVALID'}${result.errors.length ? '\nErrors: ' + result.errors.join('; ') : ''}` }] };
+});
+server.tool("resolve_path_terms", "Resolve governance terms for a specific URL path using aps.txt path overrides.", {
+    apsTxt: z.string().describe("aps.txt JSON content"),
+    path: z.string().describe("URL path to resolve (e.g. /blog/my-article)"),
+}, async (p) => {
+    const doc = JSON.parse(p.apsTxt);
+    const terms = resolveTermsForPath(doc, p.path);
+    return { content: [{ type: "text", text: `📋 Terms for "${p.path}":\n${JSON.stringify(terms, null, 2)}` }] };
+});
+server.tool("create_chained_governance_block", "Create a governance block for derivative content that references the original publisher's block. Preserves the chain of provenance.", {
+    content: z.string().describe("Derivative content"),
+    publicKey: z.string().describe("Derivative agent's Ed25519 public key (hex)"),
+    privateKey: z.string().describe("Derivative agent's Ed25519 private key (hex)"),
+    parentBlock: z.string().describe("Original governance block JSON string"),
+    derivationType: z.string().describe("Type: summary, embedding, rag_chunk, translation, etc."),
+    inference: z.enum(["permitted", "prohibited", "compensation_required", "attribution_required"]).optional(),
+    training: z.enum(["permitted", "prohibited", "compensation_required", "attribution_required"]).optional(),
+}, async (p) => {
+    const parent = JSON.parse(p.parentBlock);
+    const chained = createChainedGovernanceBlock({
+        content: p.content, publicKey: p.publicKey, privateKey: p.privateKey,
+        terms: { inference: p.inference, training: p.training },
+        parentBlock: parent, derivationType: p.derivationType,
+    });
+    return { content: [{ type: "text", text: `🔗 Chained Block Created\n\nOriginal publisher: ${chained.source_did}\nDerivative agent: ${chained.derivative_agent_did}\nDerivation: ${chained.derivation_type}\nParent hash: ${chained.parent_block_hash}\nContent hash: ${chained.content_hash}` }] };
+});
+// ═══════════════════════════════════════
+// Governance Consumer (agent-side 360 loop)
+// ═══════════════════════════════════════
+server.tool("governance_360", "Execute the full governance 360 loop on HTML content: extract governance block → verify signature + content hash → check usage terms → create signed access receipt. This is what an agent calls on every page it reads.", {
+    html: z.string().describe("Full HTML of the page"),
+    contentBody: z.string().describe("Article text content (for hash verification)"),
+    publisherPublicKey: z.string().describe("Publisher's Ed25519 public key (hex)"),
+    agentPublicKey: z.string().describe("Your agent's Ed25519 public key (hex)"),
+    agentPrivateKey: z.string().describe("Your agent's Ed25519 private key (hex)"),
+    intendedUsage: z.enum(["inference", "training", "redistribution", "derivative", "caching"]),
+    sourceUrl: z.string().describe("URL of the page"),
+}, async (p) => {
+    const result = governanceLoop360({
+        html: p.html, contentBody: p.contentBody,
+        publisherPublicKey: p.publisherPublicKey,
+        agentPublicKey: p.agentPublicKey, agentPrivateKey: p.agentPrivateKey,
+        intendedUsage: p.intendedUsage, sourceUrl: p.sourceUrl,
+    });
+    return { content: [{ type: "text", text: `🔄 Governance 360 Loop\n\n${result.summary}\n\n${result.receipt ? `Receipt ID: ${result.receipt.receiptId}\nAccessed: ${result.receipt.accessed_at}` : 'No receipt (ungoverned content)'}` }] };
+});
+server.tool("create_access_receipt", "Create a signed access receipt — cryptographic proof that your agent consumed content under specific terms. The receipt captures terms and revocation policy at access time.", {
+    agentPublicKey: z.string().describe("Your agent's Ed25519 public key (hex)"),
+    agentPrivateKey: z.string().describe("Your agent's Ed25519 private key (hex)"),
+    block: z.string().describe("Governance block JSON string"),
+    sourceUrl: z.string().describe("URL where content was accessed"),
+    intendedUsage: z.string().describe("How you intend to use this content"),
+}, async (p) => {
+    const parsed = JSON.parse(p.block);
+    const receipt = createAccessReceipt({
+        agentPublicKey: p.agentPublicKey, agentPrivateKey: p.agentPrivateKey,
+        block: parsed, sourceUrl: p.sourceUrl, intendedUsage: p.intendedUsage,
+        governanceVerified: true,
+    });
+    return { content: [{ type: "text", text: `📝 Access Receipt Created\n\nID: ${receipt.receiptId}\nAgent: ${receipt.agent_did}\nPublisher: ${receipt.publisher_did}\nUsage: ${receipt.intended_usage}\nTerms: training=${receipt.terms_at_access.training || 'N/A'}\nRevocation: cached=${receipt.revocation_policy_at_access.cached_copy}` }] };
+});
+// ═══════════════════════════════════════
 // MCP Prompts — Role-Specific
 // ═══════════════════════════════════════
 server.prompt("coordination_role", "Get instructions for your assigned coordination role", {}, async () => {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agent-passport-system-mcp",
-  "version": "2.13.0",
+  "version": "2.15.0",
   "mcpName": "io.github.aeoess/agent-passport-mcp",
   "description": "MCP server for Agent Passport System — cryptographic identity, delegation, governance, and deliberation for AI agents",
   "type": "module",
@@ -49,7 +49,7 @@
   "homepage": "https://github.com/aeoess/agent-passport-mcp",
   "dependencies": {
     "@modelcontextprotocol/sdk": "^1.27.1",
-    "agent-passport-system": "^1.22.0",
+    "agent-passport-system": "^1.24.0",
     "zod": "^3.25.76"
   },
   "devDependencies": {