agent-passport-system-mcp 2.27.0 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +5 -5
  2. package/build/index.js +107 -737
  3. package/package.json +3 -3
package/README.md CHANGED
@@ -12,13 +12,13 @@ Enforcement and accountability layer for AI agents. Bring your own identity. 20
12
12
  APS_PROFILE=essential npx agent-passport-system-mcp
13
13
  ```
14
14
 
15
- `essential` is the default profile — the 154 tools 90% of integrations need. Set `APS_PROFILE=full` for all 154 tools.
15
+ `essential` is the default profile — the 20 tools 90% of integrations need. Set `APS_PROFILE=full` for all 154 tools.
16
16
 
17
17
  Available profiles: essential (default), identity, governance, coordination, commerce, data, gateway, comms, minimal, full.
18
18
 
19
19
  > **For AI agents:** visit [aeoess.com/llms.txt](https://aeoess.com/llms.txt) for machine-readable documentation or [llms-full.txt](https://aeoess.com/llms-full.txt) for the complete technical reference. MCP discovery: [.well-known/mcp.json](https://aeoess.com/.well-known/mcp.json).
20
20
 
21
- Works with any MCP client: Claude Desktop, Claude Code, Cursor, Windsurf, and more. Full surface area under `APS_PROFILE=full`: 154 tools across 122 modules (84 core + 38 v2 constitutional governance). Independently cited by [PDR in Production (Nanook & Gerundium, UBC)](https://doi.org/10.5281/zenodo.19323172).
21
+ Works with any MCP client: Claude Desktop, Claude Code, Cursor, Windsurf, and more. Full surface area under `APS_PROFILE=full`: 154 tools across 123 modules (84 core + 39 v2 constitutional governance). Independently cited by [PDR in Production (Nanook & Gerundium, UBC)](https://doi.org/10.5281/zenodo.19323172).
22
22
 
23
23
  ## Quick Start
24
24
 
@@ -69,7 +69,7 @@ Or for remote SSE:
69
69
  ```
70
70
  </details>
71
71
 
72
- ## Tools (132)
72
+ ## Tools (154)
73
73
 
74
74
  ### Identity (Layer 1) — 5 tools
75
75
 
@@ -216,8 +216,8 @@ Layer 1 — Agent Passport Protocol (Ed25519 identity)
216
216
 
217
217
  ## Links
218
218
 
219
- - npm SDK: [agent-passport-system](https://www.npmjs.com/package/agent-passport-system) (v1.46.0, 2972 tests)
220
- - Python SDK: [agent-passport-system](https://pypi.org/project/agent-passport-system/) (v0.13.0)
219
+ - npm SDK: [agent-passport-system](https://www.npmjs.com/package/agent-passport-system) (v2.0.0, 2326 tests)
220
+ - Python SDK: [agent-passport-system](https://pypi.org/project/agent-passport-system/) (v0.15.0)
221
221
  - Paper (Protocol): [doi.org/10.5281/zenodo.18749779](https://doi.org/10.5281/zenodo.18749779)
222
222
  - Paper (Faceted Narrowing): [doi.org/10.5281/zenodo.19260073](https://doi.org/10.5281/zenodo.19260073)
223
223
  - Paper (Behavioral Derivation Rights): [doi.org/10.5281/zenodo.19476002](https://doi.org/10.5281/zenodo.19476002)
package/build/index.js CHANGED
@@ -18,9 +18,7 @@ import { readFileSync, writeFileSync, existsSync } from "node:fs";
18
18
  import { join, resolve } from "node:path";
19
19
  import {
20
20
  // Identity + Crypto
21
- joinSocialContract, generateKeyPair, delegate, sign, countersignPassport, verifyIssuerSignature, isIssuerVerified,
22
- // Agent Context (enforcement middleware)
23
- createAgentContext,
21
+ joinSocialContract, generateKeyPair, sign, countersignPassport, verifyIssuerSignature, isIssuerVerified,
24
22
  // Coordination (Layer 6)
25
23
  createTaskBrief, assignTask, acceptTask, submitEvidence, reviewEvidence, handoffEvidence, submitDeliverable, completeTask, createTaskUnit, getTaskStatus, validateTaskUnit,
26
24
  // Delegation (Layer 1)
@@ -30,35 +28,28 @@ createAgoraMessage, createFeed, appendToFeed, getThread, getByTopic, getTopics,
30
28
  // Values/Policy (Layer 2 + 5)
31
29
  loadFloor, attestFloor, createActionIntent, evaluateIntent, FloorValidatorV1,
32
30
  // Commerce (Layer 8)
33
- commercePreflight, createCommerceDelegation, getSpendSummary, requestHumanApproval, coordinationToAgora,
31
+ commercePreflight, createCommerceDelegation, getSpendSummary, requestHumanApproval,
34
32
  // Principal Identity
35
33
  createPrincipalIdentity, endorseAgent, verifyEndorsement, revokeEndorsement, createDisclosure, createFleet, addToFleet, getFleetStatus, revokeFromFleet,
36
34
  // Reputation-Gated Authority (Layer 9)
37
- computeEffectiveScore, createScopedReputation, resolveAuthorityTier, checkTierForIntent, advisoryTierPrecheck, createPromotionReview, updateReputationFromResult, DEFAULT_TIERS, createProxyGateway,
38
- // Intent Network (Agent-Mediated Matching) — card creation only, API handles persistence
39
- createIntentCard,
35
+ computeEffectiveScore, createScopedReputation, resolveAuthorityTier, checkTierForIntent, advisoryTierPrecheck, createPromotionReview, updateReputationFromResult, DEFAULT_TIERS,
40
36
  // v2: Constitutional Governance Extensions
41
37
  createPolicyContext, createArtifactProvenance,
42
38
  // v2: Delegation Versioning
43
39
  createV2Delegation, supersedeV2Delegation,
44
40
  // v2: Outcome Registration
45
41
  createV2OutcomeRecord, addV2PrincipalReport, getV2EffectiveDivergence,
46
- // v2: Anomaly Detection
47
- recordV2Action, checkV2FirstMaxAuthority, computeV2ConcentrationMetrics,
48
42
  // v2: Emergency Pathways
49
- defineV2EmergencyPathway, activateV2Emergency,
50
- // v2: Migration
51
- requestV2Migration,
52
- // v2: Attestation
53
- createV2Attestation, assessV2AttestationQuality, } from "agent-passport-system";
43
+ defineV2EmergencyPathway, activateV2Emergency, } from "agent-passport-system";
54
44
  // Agent Attestation Architecture (Phase 1 — Consilium Build)
55
45
  import { createIssuanceContext, bindAttestation, createEmptyEvidenceRecord, PASSPORT_GRADE_LABELS,
56
46
  // v1.33.0 — action_ref + freshness + evidence-based grade
57
47
  computeActionRef, isEvidenceFresh, computeEvidenceAge, classifyEvidenceQuality, evidenceQualityToGrade,
58
48
  // key rotation
59
49
  createDIDDocument, verifyRotationChain, isKeyActive, rotateAndInvalidate, } from "agent-passport-system";
60
- // Data Governance (Modules 36A, 38, 39 + Enforcement Gate + Training Attribution)
61
- import { registerSelfAttestedSource, createContributionLedger, queryContributions, getSourceMetrics, getAgentDataFootprint, generateSettlement, verifySettlement, generateDataComplianceReport, DataEnforcementGate, createTrainingAttribution, verifyTrainingAttribution, createTrainingLedger, recordTrainingAttribution, getModelDataSources, } from "agent-passport-system";
50
+ // Data Governance (Modules 36A, 38, 39 protocol primitives only;
51
+ // ContributionLedger/DataEnforcementGate/settlement generation moved to gateway.)
52
+ import { registerSelfAttestedSource, } from "agent-passport-system";
62
53
  // Data Lifecycle Governance (Modules 43+)
63
54
  import { createDerivationReceipt, resolveExtendedLineage, evaluateRevocationImpact, createDecisionLineageReceipt, isPurposePermitted, purposeCategory, isRetentionExpired, checkAggregateConstraints, isTransferPermitted, computeGovernanceTaint, fileDispute, checkCombinationPermitted, createAccessSnapshot, resolveRightsPropagation, DEFAULT_RIGHTS_PROPAGATION, detectPurposeDrift, declareReidentificationRisk, verifyGovernanceBlock, parseGovernanceBlockFromHTML, isUsagePermitted, embedGovernance, generateApsTxt, verifyApsTxt, resolveTermsForPath, createChainedGovernanceBlock, createAccessReceipt, governanceLoop360, } from "agent-passport-system";
64
55
  // Rome-Complete: Charter, Approval, Time, Reserve, Federation
@@ -144,7 +135,6 @@ const state = {
144
135
  floorYaml: null,
145
136
  commerceSpendLog: [],
146
137
  intents: new Map(),
147
- agentContext: null,
148
138
  floor: null,
149
139
  pendingActions: new Map(),
150
140
  principal: null,
@@ -153,12 +143,7 @@ const state = {
153
143
  fleet: null,
154
144
  reputations: new Map(),
155
145
  promotionHistory: [],
156
- gateway: null,
157
- gatewayKeys: null,
158
- dataEnforcementGate: null,
159
- contributionLedger: createContributionLedger(),
160
146
  sourceReceipts: new Map(),
161
- trainingLedger: createTrainingLedger(),
162
147
  derivationStore: new Map(),
163
148
  sessionAgent: null,
164
149
  charters: new Map(),
@@ -320,28 +305,11 @@ function persistAgoraFeed() {
320
305
  // Non-fatal: coordination still works even if persistence fails
321
306
  }
322
307
  }
323
- function emitAgoraEvent(event, taskId, detail) {
324
- // Skip if no identity can't sign messages
325
- if (!state.agentKey || !state.privateKey)
326
- return;
327
- try {
328
- const result = coordinationToAgora({
329
- event,
330
- taskId,
331
- agentId: state.agentId || 'anonymous',
332
- agentName: getAgentName(),
333
- publicKey: state.agentKey,
334
- privateKey: state.privateKey,
335
- feed: state.agoraFeed,
336
- registry: state.agoraRegistry,
337
- detail,
338
- });
339
- state.agoraFeed = result.feed;
340
- persistAgoraFeed();
341
- }
342
- catch {
343
- // Non-fatal: coordination still works even if Agora post fails
344
- }
308
+ // Coordination→Agora bridge moved to gateway in v3.0.0.
309
+ // Task-lifecycle events still happen locally; cross-agent broadcast is a
310
+ // gateway concern now.
311
+ function emitAgoraEvent(_event, _taskId, _detail) {
312
+ // No-op in protocol-only MCP. Gateway callers handle Agora propagation.
345
313
  }
346
314
  function loadAgentsRegistry() {
347
315
  if (!existsSync(AGENTS_PATH))
@@ -365,6 +333,26 @@ async function signMessage(content) {
365
333
  }
366
334
  }
367
335
  // ═══════════════════════════════════════
336
+ // Gateway Deprecation Helper (v3.0.0)
337
+ // ═══════════════════════════════════════
338
+ // Tools that required product-layer code (ProxyGateway, DataEnforcementGate,
339
+ // ContributionLedger, AgentContext) now live in the private gateway product.
340
+ // Stubs preserve discoverability so callers learn where to migrate.
341
+ function movedToGateway(toolName) {
342
+ return {
343
+ content: [{
344
+ type: "text",
345
+ text: JSON.stringify({
346
+ error: `[deprecated in MCP v3.0.0] This tool (${toolName}) was removed because it required product-layer code that now lives in the private gateway. Use the gateway.aeoess.com REST API for this functionality, or stay on agent-passport-system-mcp@2.27.0 (pins to agent-passport-system@^1.46.0) if you need the old tools.`,
347
+ migration: "https://gateway.aeoess.com/docs",
348
+ deprecated_in: "3.0.0",
349
+ last_working_mcp: "2.27.0",
350
+ }),
351
+ }],
352
+ isError: true,
353
+ };
354
+ }
355
+ // ═══════════════════════════════════════
368
356
  // Server Setup
369
357
  // ═══════════════════════════════════════
370
358
  const server = new McpServer({
@@ -397,9 +385,9 @@ const TOOL_PROFILES = {
397
385
  'create_delegation', 'verify_delegation', 'revoke_delegation',
398
386
  'create_charter', 'sign_charter', 'verify_charter',
399
387
  'evaluate_threshold', 'create_approval_request', 'add_approval_signature',
400
- 'create_attestation', 'create_outcome_record', 'add_principal_report',
401
- 'check_anomaly', 'activate_emergency', 'define_emergency_pathway',
402
- 'request_migration', 'create_artifact_provenance', 'create_policy_context',
388
+ 'create_outcome_record', 'add_principal_report',
389
+ 'activate_emergency', 'define_emergency_pathway',
390
+ 'create_artifact_provenance', 'create_policy_context',
403
391
  'generate_governance_block', 'verify_governance_block',
404
392
  'parse_governance_block_html', 'governance_360',
405
393
  'generate_aps_txt', 'verify_aps_txt', 'resolve_path_terms',
@@ -418,10 +406,8 @@ const TOOL_PROFILES = {
418
406
  ]),
419
407
  data: new Set([
420
408
  'identify', 'generate_keys', 'create_principal',
421
- 'register_data_source', 'create_data_enforcement_gate', 'check_data_access',
422
- 'query_contributions', 'get_source_metrics', 'get_agent_data_footprint',
423
- 'generate_settlement', 'generate_compliance_report',
424
- 'record_training_use', 'get_model_data_sources',
409
+ 'register_data_source', 'create_data_enforcement_gate',
410
+ 'query_contributions', 'generate_settlement',
425
411
  'create_access_receipt', 'create_access_snapshot',
426
412
  'create_derivation_receipt', 'create_decision_lineage_receipt',
427
413
  'resolve_lineage', 'evaluate_revocation_impact',
@@ -433,8 +419,8 @@ const TOOL_PROFILES = {
433
419
  ]),
434
420
  gateway: new Set([
435
421
  'identify', 'generate_keys', 'create_principal',
436
- 'create_gateway', 'register_gateway_agent',
437
- 'gateway_process_tool_call', 'gateway_approve', 'gateway_execute_approval',
422
+ 'create_gateway',
423
+ 'gateway_process_tool_call', 'gateway_approve',
438
424
  'gateway_stats', 'create_delegation', 'load_values_floor', 'attest_to_floor',
439
425
  'create_hybrid_timestamp', 'compare_timestamps', 'validate_temporal_rights',
440
426
  'create_reserve_attestation', 'vouch_reputation', 'apply_reputation_downgrade',
@@ -445,7 +431,7 @@ const TOOL_PROFILES = {
445
431
  'post_agora_message', 'get_agora_topics', 'get_agora_thread',
446
432
  'get_agora_by_topic', 'register_agora_agent',
447
433
  'send_message', 'check_messages', 'broadcast', 'list_agents',
448
- 'publish_intent_card', 'remove_intent_card', 'search_matches',
434
+ 'remove_intent_card', 'search_matches',
449
435
  'request_intro', 'respond_to_intro', 'get_digest',
450
436
  'register_agora_public',
451
437
  ]),
@@ -573,13 +559,10 @@ const TOOL_SCOPE_MAP = {
573
559
  'execute_with_context': 'governance',
574
560
  'complete_action': 'governance',
575
561
  'create_policy_context': 'governance',
576
- 'create_attestation': 'governance',
577
562
  'create_outcome_record': 'governance',
578
563
  'add_principal_report': 'governance',
579
- 'check_anomaly': 'governance',
580
564
  'define_emergency_pathway': 'governance',
581
565
  'activate_emergency': 'governance',
582
- 'request_migration': 'governance',
583
566
  'create_artifact_provenance': 'governance',
584
567
  'create_charter': 'governance',
585
568
  'verify_charter': 'governance',
@@ -603,14 +586,8 @@ const TOOL_SCOPE_MAP = {
603
586
  // Data tools → 'data'
604
587
  'register_data_source': 'data',
605
588
  'create_data_enforcement_gate': 'data',
606
- 'check_data_access': 'data',
607
589
  'query_contributions': 'data',
608
- 'get_source_metrics': 'data',
609
- 'get_agent_data_footprint': 'data',
610
590
  'generate_settlement': 'data',
611
- 'generate_compliance_report': 'data',
612
- 'record_training_use': 'data',
613
- 'get_model_data_sources': 'data',
614
591
  'create_access_receipt': 'data',
615
592
  'create_access_snapshot': 'data',
616
593
  'create_derivation_receipt': 'data',
@@ -629,13 +606,10 @@ const TOOL_SCOPE_MAP = {
629
606
  'check_usage_permitted': 'data',
630
607
  // Gateway tools → 'gateway'
631
608
  'create_gateway': 'gateway',
632
- 'register_gateway_agent': 'gateway',
633
609
  'gateway_process_tool_call': 'gateway',
634
610
  'gateway_approve': 'gateway',
635
- 'gateway_execute_approval': 'gateway',
636
611
  'gateway_stats': 'gateway',
637
612
  // Network tools → 'network'
638
- 'publish_intent_card': 'network',
639
613
  'search_matches': 'network',
640
614
  'get_digest': 'network',
641
615
  'request_intro': 'network',
@@ -1013,7 +987,7 @@ server.tool("get_behavioral_sequence", "Get the post-issuance behavioral sequenc
1013
987
  }
1014
988
  // Classify the behavioral pattern
1015
989
  const toolNames = sequence.map(s => s.tool);
1016
- const hasWork = toolNames.some(t => ['submit_evidence', 'publish_intent_card', 'create_agora_message', 'submit_deliverable'].includes(t));
990
+ const hasWork = toolNames.some(t => ['submit_evidence', 'create_agora_message', 'submit_deliverable'].includes(t));
1017
991
  const hasExtraction = toolNames.some(t => ['commerce_preflight', 'create_checkout'].includes(t));
1018
992
  const pattern = hasWork ? 'productive' : hasExtraction ? 'extractive' : 'neutral';
1019
993
  return {
@@ -2309,7 +2283,7 @@ server.tool("commerce_preflight", "Run preflight checks before a purchase. Valid
2309
2283
  const actualSpendLimit = sessionDel?.spendLimit ?? 1000;
2310
2284
  const hasCommerceScope = sessionDel
2311
2285
  ? sessionDel.scope.some((s) => s === 'commerce' || s === 'commerce:checkout' || s.startsWith('commerce'))
2312
- : (state.agentContext ? true : false); // fallback to context if no delegation found
2286
+ : false; // no delegation no commerce scope (agent-context fallback removed with gateway move)
2313
2287
  // Use session agent if available (created by identify), fallback to throwaway
2314
2288
  const agent = state.sessionAgent || joinSocialContract({
2315
2289
  name: args.agent_id,
@@ -2394,161 +2368,24 @@ server.tool("request_human_approval", "Request human approval for a high-value p
2394
2368
  // ═══════════════════════════════════════
2395
2369
  // AGENT CONTEXT — Enforcement Middleware
2396
2370
  // ═══════════════════════════════════════
2397
- server.tool("create_agent_context", "Create an enforcement context that automatically runs every action through the 3-signature policy chain. Without this, policy checks are opt-in. With this, agents physically cannot skip enforcement.", {
2371
+ server.tool("create_agent_context", "[deprecated in v3.0.0 — use gateway.aeoess.com REST API] Create an enforcement context that automatically runs every action through the 3-signature policy chain.", {
2398
2372
  name: z.string().describe("Agent name"),
2399
2373
  mission: z.string().describe("Agent mission statement"),
2400
- enforcement: z.enum(["auto", "manual", "strict"]).default("auto").describe("Enforcement level: auto (every action checked), manual (tracking only), strict (auto + additional constraints)"),
2401
- delegated_scopes: z.array(z.string()).default([]).describe("Scopes to delegate (e.g. ['data:read', 'api:fetch', 'commerce:checkout'])"),
2374
+ enforcement: z.enum(["auto", "manual", "strict"]).default("auto").describe("Enforcement level"),
2375
+ delegated_scopes: z.array(z.string()).default([]).describe("Scopes to delegate"),
2402
2376
  spend_limit: z.number().default(1000).describe("Maximum spend allowed"),
2403
- }, async (args) => {
2404
- const keyErr = requireKey();
2405
- if (keyErr)
2406
- return { content: [{ type: "text", text: keyErr }], isError: true };
2407
- if (!state.floorYaml) {
2408
- return { content: [{ type: "text", text: 'No floor loaded. Use load_values_floor first.' }], isError: true };
2409
- }
2410
- try {
2411
- const floor = loadFloor(state.floorYaml);
2412
- // Create the agent with floor attestation
2413
- const agent = joinSocialContract({
2414
- name: args.name,
2415
- mission: args.mission,
2416
- owner: 'mcp-session',
2417
- capabilities: args.delegated_scopes,
2418
- platform: 'node',
2419
- models: ['mcp'],
2420
- floor,
2421
- });
2422
- // Create the enforced context
2423
- const ctx = createAgentContext(agent, floor, {
2424
- enforcement: args.enforcement,
2425
- });
2426
- // Add delegation if scopes provided
2427
- if (args.delegated_scopes.length > 0) {
2428
- const principal = joinSocialContract({
2429
- name: 'mcp-principal',
2430
- mission: 'MCP session principal',
2431
- owner: 'human',
2432
- capabilities: ['admin'],
2433
- platform: 'node',
2434
- models: ['mcp'],
2435
- floor,
2436
- });
2437
- const del = delegate({
2438
- from: principal,
2439
- toPublicKey: agent.publicKey,
2440
- scope: args.delegated_scopes,
2441
- spendLimit: args.spend_limit,
2442
- maxDepth: 3,
2443
- expiresInHours: 24,
2444
- });
2445
- ctx.addDelegation(del);
2446
- }
2447
- state.agentContext = ctx;
2448
- state.floor = floor;
2449
- // F-4 fix: also register in state.agents so gateway and other tools can find this agent
2450
- state.agents.set(agent.agentId, agent);
2451
- return {
2452
- content: [{
2453
- type: "text",
2454
- text: JSON.stringify({
2455
- created: true,
2456
- enforcement: args.enforcement,
2457
- agentId: agent.agentId,
2458
- scopes: args.delegated_scopes,
2459
- spendLimit: args.spend_limit,
2460
- note: `Agent Context active (${args.enforcement} mode). Use execute_with_context to run actions through the 3-signature chain.`,
2461
- }, null, 2),
2462
- }],
2463
- };
2464
- }
2465
- catch (e) {
2466
- return { content: [{ type: "text", text: safeError("Failed to create context", e) }], isError: true };
2467
- }
2468
- });
2469
- server.tool("execute_with_context", "Execute an action through the enforcement context. Automatically runs the 3-signature chain: creates intent (sig 1), evaluates against floor + delegation (sig 2), returns verdict. Action is DENIED if outside delegated scope.", {
2377
+ }, async (_args) => movedToGateway("create_agent_context"));
2378
+ server.tool("execute_with_context", "[deprecated in v3.0.0 — use gateway.aeoess.com REST API] Execute an action through the enforcement context.", {
2470
2379
  action_type: z.string().describe("Action type (e.g. 'api:fetch', 'data:write', 'commerce:checkout')"),
2471
2380
  target: z.string().describe("Target of the action (e.g. URL, file path, resource ID)"),
2472
2381
  scope: z.string().describe("Required scope for this action (must match a delegated scope)"),
2473
2382
  estimated_spend: z.number().optional().describe("Estimated spend for commerce actions"),
2474
- }, async (args) => {
2475
- if (!state.agentContext) {
2476
- return { content: [{ type: "text", text: 'No agent context. Use create_agent_context first.' }], isError: true };
2477
- }
2478
- try {
2479
- const result = state.agentContext.execute({
2480
- type: args.action_type,
2481
- target: args.target,
2482
- scope: args.scope,
2483
- spend: args.estimated_spend ? { amount: args.estimated_spend, currency: 'USD' } : undefined,
2484
- });
2485
- // Store for later completion
2486
- if (result.permitted && result.intent) {
2487
- state.pendingActions.set(result.intent.intentId, result);
2488
- }
2489
- return {
2490
- content: [{
2491
- type: "text",
2492
- text: JSON.stringify({
2493
- permitted: result.permitted,
2494
- verdict: result.verdict,
2495
- intentId: result.intent?.intentId,
2496
- evaluatorId: result.decision?.evaluatorId,
2497
- reason: result.reason,
2498
- stats: state.agentContext.stats,
2499
- note: result.permitted
2500
- ? `Action PERMITTED. Call complete_action with intent_id="${result.intent.intentId}" when done.`
2501
- : `Action DENIED: ${result.reason}`,
2502
- }, null, 2),
2503
- }],
2504
- };
2505
- }
2506
- catch (e) {
2507
- return { content: [{ type: "text", text: safeError("Execute failed", e) }], isError: true };
2508
- }
2509
- });
2510
- server.tool("complete_action", "Complete a permitted action and get the full 3-signature proof chain (intent + decision + receipt + policy receipt). Call this after successfully executing the action.", {
2383
+ }, async (_args) => movedToGateway("execute_with_context"));
2384
+ server.tool("complete_action", "[deprecated in v3.0.0 — use gateway.aeoess.com REST API] Complete a permitted action and get the full 3-signature proof chain.", {
2511
2385
  intent_id: z.string().describe("Intent ID from execute_with_context result"),
2512
2386
  status: z.enum(["success", "failure", "partial"]).describe("Outcome of the action"),
2513
2387
  summary: z.string().describe("Brief description of what was accomplished"),
2514
- }, async (args) => {
2515
- if (!state.agentContext) {
2516
- return { content: [{ type: "text", text: 'No agent context. Use create_agent_context first.' }], isError: true };
2517
- }
2518
- // Find the pending execute result
2519
- const executeResult = state.pendingActions.get(args.intent_id);
2520
- if (!executeResult) {
2521
- return { content: [{ type: "text", text: `No pending action found for intent ${args.intent_id}. Was it permitted?` }], isError: true };
2522
- }
2523
- try {
2524
- const completed = state.agentContext.complete(executeResult, {
2525
- status: args.status,
2526
- summary: args.summary,
2527
- });
2528
- // Clean up
2529
- state.pendingActions.delete(args.intent_id);
2530
- return {
2531
- content: [{
2532
- type: "text",
2533
- text: JSON.stringify({
2534
- completed: true,
2535
- receiptId: completed.receipt.receiptId,
2536
- policyReceiptId: completed.policyReceipt?.receiptId,
2537
- signatures: {
2538
- intent: '✓ (agent declared intent)',
2539
- decision: '✓ (policy engine evaluated)',
2540
- receipt: '✓ (execution recorded)',
2541
- },
2542
- stats: state.agentContext.stats,
2543
- auditTrail: state.agentContext.auditLog.length + ' entries',
2544
- }, null, 2),
2545
- }],
2546
- };
2547
- }
2548
- catch (e) {
2549
- return { content: [{ type: "text", text: safeError("Complete failed", e) }], isError: true };
2550
- }
2551
- });
2388
+ }, async (_args) => movedToGateway("complete_action"));
2552
2389
  // ═══════════════════════════════════════
2553
2390
  // PRINCIPAL IDENTITY TOOLS
2554
2391
  // ═══════════════════════════════════════
@@ -2897,226 +2734,34 @@ server.tool("get_promotion_history", "Get the promotion review history for this
2897
2734
  };
2898
2735
  });
2899
2736
  // ═══════════════════════════════════════
2900
- // Proxy Gateway (Enforcement Boundary)
2737
+ // Proxy Gateway (moved to gateway product in v3.0.0)
2901
2738
  // ═══════════════════════════════════════
2902
- server.tool("create_gateway", "Create a ProxyGateway enforcement boundary. The gateway validates identity, delegation scope, policy compliance, and provides replay protection for every tool call. Returns gateway ID and public key.", {
2903
- gatewayId: z.string().optional().describe("Custom gateway ID (auto-generated if omitted)"),
2904
- approvalTTLSeconds: z.number().optional().describe("Two-phase approval timeout in seconds (default: 300)"),
2905
- maxPendingPerAgent: z.number().optional().describe("Max pending approvals per agent (default: 10)"),
2906
- }, async ({ gatewayId, approvalTTLSeconds, maxPendingPerAgent }) => {
2907
- const keys = generateKeyPair();
2908
- const id = gatewayId || `gateway-${Date.now().toString(36)}`;
2909
- if (!state.floor) {
2910
- return { content: [{ type: "text", text: "Error: Load a Values Floor first (load_values_floor)" }] };
2911
- }
2912
- const config = {
2913
- gatewayId: id,
2914
- gatewayPublicKey: keys.publicKey,
2915
- gatewayPrivateKey: keys.privateKey,
2916
- floor: state.floor,
2917
- approvalTTLSeconds: approvalTTLSeconds ?? 300,
2918
- maxPendingPerAgent: maxPendingPerAgent ?? 10,
2919
- recheckRevocationOnExecute: true,
2920
- };
2921
- // Default executor echoes tool calls — real execution is done by MCP client
2922
- const executor = async (tool, params) => {
2923
- return { success: true, result: { tool, params, executedVia: 'mcp-gateway' } };
2924
- };
2925
- state.gateway = createProxyGateway(config, executor);
2926
- state.gatewayKeys = keys;
2927
- return {
2928
- content: [{
2929
- type: "text",
2930
- text: JSON.stringify({
2931
- created: true,
2932
- gatewayId: id,
2933
- publicKey: keys.publicKey,
2934
- approvalTTLSeconds: config.approvalTTLSeconds,
2935
- maxPendingPerAgent: config.maxPendingPerAgent,
2936
- note: "Gateway ready. Register agents with register_gateway_agent, then process calls with gateway_process_tool_call.",
2937
- }, null, 2),
2938
- }],
2939
- };
2940
- });
2941
- server.tool("register_gateway_agent", "Register an agent with the gateway. The agent must have a valid passport and floor attestation. Delegations define what scopes the agent can use through the gateway.", {
2942
- agentId: z.string().describe("Agent ID to register"),
2943
- }, async ({ agentId }) => {
2944
- if (!state.gateway) {
2945
- return { content: [{ type: "text", text: "Error: Create gateway first (create_gateway)" }] };
2946
- }
2947
- // F-4 fix: check both state.agents AND state.agentContext for agent data
2948
- let agent = state.agents.get(agentId);
2949
- if (!agent && state.agentContext && state.agentId === agentId) {
2950
- // Agent was created via create_agent_context, bridge to gateway
2951
- const ctx = state.agentContext;
2952
- agent = {
2953
- passport: ctx.agent?.passport || ctx.passport,
2954
- publicKey: state.agentKey,
2955
- agentId: state.agentId,
2956
- attestation: ctx.agent?.attestation || ctx.attestation,
2957
- };
2958
- }
2959
- if (!agent) {
2960
- return { content: [{ type: "text", text: `Error: Agent "${agentId}" not found in session. Join social contract or create_agent_context first.` }] };
2961
- }
2962
- const agentDelegations = Array.from(state.delegations.values()).filter(d => d.delegatedTo === agent.publicKey);
2963
- if (agentDelegations.length === 0) {
2964
- return { content: [{ type: "text", text: `Error: No delegations found for agent "${agentId}". Create a delegation first.` }] };
2965
- }
2966
- if (!agent.attestation) {
2967
- return { content: [{ type: "text", text: `Error: Agent "${agentId}" has no floor attestation. Attest to floor first.` }] };
2968
- }
2969
- state.gateway.registerAgent(agent.passport, agent.attestation, agentDelegations);
2970
- return {
2971
- content: [{
2972
- type: "text",
2973
- text: JSON.stringify({
2974
- registered: true,
2975
- agentId,
2976
- delegationCount: agentDelegations.length,
2977
- scopes: agentDelegations.flatMap(d => d.scope),
2978
- }, null, 2),
2979
- }],
2980
- };
2981
- });
2982
- server.tool("gateway_process_tool_call", "Process a tool call through the gateway enforcement boundary. Validates identity, delegation, policy, and replay protection in a single atomic operation. Returns execution result with full 3-signature proof chain.", {
2983
- agentId: z.string().describe("ID of the requesting agent"),
2984
- tool: z.string().describe("Tool name to execute"),
2985
- params: z.record(z.unknown()).optional().describe("Tool parameters"),
2986
- scopeRequired: z.string().describe("Delegation scope needed for this tool"),
2987
- spendAmount: z.number().optional().describe("Spend amount if commerce action"),
2988
- spendCurrency: z.string().optional().describe("Currency code (e.g. USD)"),
2989
- context: z.string().optional().describe("Human-readable context for audit"),
2990
- }, async ({ agentId, tool, params, scopeRequired, spendAmount, spendCurrency, context }) => {
2991
- if (!state.gateway) {
2992
- return { content: [{ type: "text", text: "Error: Create gateway first (create_gateway)" }] };
2993
- }
2994
- const agent = state.agents.get(agentId);
2995
- if (!agent) {
2996
- return { content: [{ type: "text", text: `Error: Agent "${agentId}" not found in session.` }] };
2997
- }
2998
- const { canonicalize } = await import("agent-passport-system");
2999
- const requestId = `mcp-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
3000
- const payload = canonicalize({ requestId, agentId, tool, params: params || {}, scopeRequired, spend: spendAmount ? { amount: spendAmount, currency: spendCurrency || 'USD' } : undefined });
3001
- const request = {
3002
- requestId,
3003
- agentId,
3004
- agentPublicKey: agent.publicKey,
3005
- signature: sign(payload, agent.keyPair.privateKey),
3006
- tool,
3007
- params: params || {},
3008
- scopeRequired,
3009
- spend: spendAmount ? { amount: spendAmount, currency: spendCurrency || 'USD' } : undefined,
3010
- context,
3011
- };
3012
- const result = await state.gateway.processToolCall(request);
3013
- return {
3014
- content: [{
3015
- type: "text",
3016
- text: JSON.stringify({
3017
- executed: result.executed,
3018
- requestId: result.requestId,
3019
- result: result.result ?? undefined,
3020
- denialReason: result.denialReason ?? undefined,
3021
- toolError: result.toolError ?? undefined,
3022
- ...(result.decision && { verdict: result.decision.verdict, reason: result.decision.reason }),
3023
- ...(result.proof && {
3024
- proof: {
3025
- hasRequestSignature: !!result.proof.requestSignature,
3026
- hasDecisionSignature: !!result.proof.decisionSignature,
3027
- hasReceiptSignature: !!result.proof.receiptSignature,
3028
- policyReceiptId: result.proof.policyReceipt?.policyReceiptId,
3029
- },
3030
- }),
3031
- ...(result.receipt && {
3032
- receipt: {
3033
- receiptId: result.receipt.receiptId,
3034
- agentId: result.receipt.agentId,
3035
- action: result.receipt.action,
3036
- },
3037
- }),
3038
- }, null, 2),
3039
- }],
3040
- };
3041
- });
3042
- server.tool("gateway_approve", "Two-phase execution: approve a tool call without executing it. Returns an approval ID that can be executed later with gateway_execute_approval. Useful for human-in-the-loop workflows.", {
3043
- agentId: z.string().describe("ID of the requesting agent"),
3044
- tool: z.string().describe("Tool name to approve"),
3045
- params: z.record(z.unknown()).optional().describe("Tool parameters"),
3046
- scopeRequired: z.string().describe("Delegation scope needed"),
3047
- context: z.string().optional().describe("Human-readable context"),
3048
- }, async ({ agentId, tool, params, scopeRequired, context }) => {
3049
- if (!state.gateway) {
3050
- return { content: [{ type: "text", text: "Error: Create gateway first (create_gateway)" }] };
3051
- }
3052
- const agent = state.agents.get(agentId);
3053
- if (!agent) {
3054
- return { content: [{ type: "text", text: `Error: Agent "${agentId}" not found in session.` }] };
3055
- }
3056
- const { canonicalize } = await import("agent-passport-system");
3057
- const requestId = `mcp-approve-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
3058
- const payload = canonicalize({ requestId, agentId, tool, params: params || {}, scopeRequired, spend: undefined });
3059
- const request = {
3060
- requestId,
3061
- agentId,
3062
- agentPublicKey: agent.publicKey,
3063
- signature: sign(payload, agent.keyPair.privateKey),
3064
- tool,
3065
- params: params || {},
3066
- scopeRequired,
3067
- context,
3068
- };
3069
- const result = state.gateway.approve(request);
3070
- return {
3071
- content: [{
3072
- type: "text",
3073
- text: JSON.stringify({
3074
- approved: result.approved,
3075
- ...(result.approval && {
3076
- approvalId: result.approval.approvalId,
3077
- expiresAt: result.approval.expiresAt,
3078
- nonce: result.approval.nonce,
3079
- }),
3080
- ...(result.denial && { denial: result.denial }),
3081
- }, null, 2),
3082
- }],
3083
- };
3084
- });
3085
- server.tool("gateway_execute_approval", "Execute a previously approved tool call. Rechecks delegation validity before execution — if delegation was revoked since approval, execution is denied.", {
3086
- approvalId: z.string().describe("Approval ID from gateway_approve"),
3087
- }, async ({ approvalId }) => {
3088
- if (!state.gateway) {
3089
- return { content: [{ type: "text", text: "Error: Create gateway first (create_gateway)" }] };
3090
- }
3091
- const result = await state.gateway.executeApproval(approvalId);
3092
- return {
3093
- content: [{
3094
- type: "text",
3095
- text: JSON.stringify({
3096
- executed: result.executed,
3097
- requestId: result.requestId,
3098
- result: result.result ?? undefined,
3099
- denialReason: result.denialReason ?? undefined,
3100
- ...(result.proof && {
3101
- proof: {
3102
- policyReceiptId: result.proof.policyReceipt?.policyReceiptId,
3103
- },
3104
- }),
3105
- }, null, 2),
3106
- }],
3107
- };
3108
- });
3109
- server.tool("gateway_stats", "Get gateway statistics: total requests, permits, denials, replay attempts blocked, active agents, and pending approvals.", {}, async () => {
3110
- if (!state.gateway) {
3111
- return { content: [{ type: "text", text: "Error: Create gateway first (create_gateway)" }] };
3112
- }
3113
- return {
3114
- content: [{
3115
- type: "text",
3116
- text: JSON.stringify(state.gateway.getStats(), null, 2),
3117
- }],
3118
- };
3119
- });
2739
+ // ProxyGateway is a product-layer enforcement runtime. The primitives it
2740
+ // was built on (delegation verification, policy evaluation, replay nonces)
2741
+ // remain in the SDK rebuild a gateway locally from those, or use the
2742
+ // hosted gateway at gateway.aeoess.com.
2743
+ server.tool("create_gateway", "[deprecated in v3.0.0 use gateway.aeoess.com REST API] Create a ProxyGateway enforcement boundary.", {
2744
+ gatewayId: z.string().optional().describe("Custom gateway ID"),
2745
+ approvalTTLSeconds: z.number().optional().describe("Two-phase approval timeout"),
2746
+ maxPendingPerAgent: z.number().optional().describe("Max pending approvals per agent"),
2747
+ }, async (_args) => movedToGateway("create_gateway"));
2748
+ server.tool("gateway_process_tool_call", "[deprecated in v3.0.0 — use gateway.aeoess.com REST API] Process a tool call through the gateway enforcement boundary.", {
2749
+ agentId: z.string(),
2750
+ tool: z.string(),
2751
+ params: z.record(z.unknown()).optional(),
2752
+ scopeRequired: z.string(),
2753
+ spendAmount: z.number().optional(),
2754
+ spendCurrency: z.string().optional(),
2755
+ context: z.string().optional(),
2756
+ }, async (_args) => movedToGateway("gateway_process_tool_call"));
2757
+ server.tool("gateway_approve", "[deprecated in v3.0.0 — use gateway.aeoess.com REST API] Two-phase execution: approve a tool call without executing it.", {
2758
+ agentId: z.string(),
2759
+ tool: z.string(),
2760
+ params: z.record(z.unknown()).optional(),
2761
+ scopeRequired: z.string(),
2762
+ context: z.string().optional(),
2763
+ }, async (_args) => movedToGateway("gateway_approve"));
2764
+ server.tool("gateway_stats", "[deprecated in v3.0.0 — use gateway.aeoess.com REST API] Get gateway statistics.", {}, async (_args) => movedToGateway("gateway_stats"));
3120
2765
  // ═══════════════════════════════════════
3121
2766
  // Intent Network (Agent-Mediated Matching)
3122
2767
  // Calls the hosted API at api.aeoess.com
@@ -3129,83 +2774,9 @@ async function intentApiFetch(path, opts) {
3129
2774
  });
3130
2775
  return res.json();
3131
2776
  }
3132
- server.tool("publish_intent_card", "Publish an IntentCard to the Intent Network at aeoess.com. Your card is visible to all agents on the network. Cards are Ed25519 signed, scoped, and expire automatically.", {
3133
- principal_alias: z.string().describe("Human's display name or alias"),
3134
- needs: z.array(z.object({
3135
- category: z.string().describe("Category (e.g. 'engineering', 'design', 'funding')"),
3136
- description: z.string().describe("What is needed"),
3137
- priority: z.enum(["critical", "high", "medium", "low"]).default("medium"),
3138
- tags: z.array(z.string()).optional(),
3139
- budget_amount: z.number().optional(),
3140
- budget_currency: z.string().optional(),
3141
- })).optional().describe("What the human needs"),
3142
- offers: z.array(z.object({
3143
- category: z.string().describe("Category of what's offered"),
3144
- description: z.string().describe("What is offered"),
3145
- priority: z.enum(["critical", "high", "medium", "low"]).default("medium"),
3146
- tags: z.array(z.string()).optional(),
3147
- budget_amount: z.number().optional(),
3148
- budget_currency: z.string().optional(),
3149
- })).optional().describe("What the human offers"),
3150
- open_to: z.array(z.string()).optional().describe("Categories open to (e.g. ['introductions', 'partnerships'])"),
3151
- not_open_to: z.array(z.string()).optional().describe("Categories explicitly not open to"),
3152
- approval_required: z.array(z.string()).optional().describe("What needs human approval before sharing"),
3153
- visibility: z.enum(["public", "verified", "minimal"]).default("public"),
3154
- ttl_hours: z.number().default(24).describe("Hours until card expires"),
3155
- }, async (args) => {
3156
- recordBehavior('publish_intent_card');
3157
- const keyErr = requireKey();
3158
- if (keyErr)
3159
- return { content: [{ type: "text", text: keyErr }], isError: true };
3160
- const mapItem = (item) => ({
3161
- category: item.category,
3162
- description: item.description,
3163
- priority: item.priority || 'medium',
3164
- tags: item.tags || [],
3165
- budget: item.budget_amount ? { amount: item.budget_amount, currency: item.budget_currency || 'USD' } : undefined,
3166
- visibility: 'public',
3167
- });
3168
- const card = createIntentCard({
3169
- agentId: state.agentId || 'anonymous',
3170
- principalAlias: args.principal_alias,
3171
- publicKey: state.agentKey,
3172
- privateKey: state.privateKey,
3173
- needs: (args.needs || []).map(mapItem),
3174
- offers: (args.offers || []).map(mapItem),
3175
- openTo: args.open_to || [],
3176
- notOpenTo: args.not_open_to || [],
3177
- approvalRequired: args.approval_required || [],
3178
- ttlSeconds: (args.ttl_hours || 24) * 3600,
3179
- });
3180
- try {
3181
- const result = await intentApiFetch('/api/cards', {
3182
- method: 'POST',
3183
- body: JSON.stringify({ ...card, publicKey: state.agentKey, signature: card.signature }),
3184
- });
3185
- if (result.error) {
3186
- return { content: [{ type: "text", text: `Failed to publish: ${result.error}` }], isError: true };
3187
- }
3188
- return {
3189
- content: [{
3190
- type: "text",
3191
- text: JSON.stringify({
3192
- published: true,
3193
- cardId: result.cardId,
3194
- agentId: card.agentId,
3195
- principalAlias: card.principalAlias,
3196
- needs: card.needs.length,
3197
- offers: card.offers.length,
3198
- expiresAt: result.expiresAt,
3199
- networkSize: result.networkSize,
3200
- note: 'Card published to Intent Network (api.aeoess.com). Other agents worldwide can now discover matches.',
3201
- }, null, 2),
3202
- }],
3203
- };
3204
- }
3205
- catch (e) {
3206
- return { content: [{ type: "text", text: safeError("API error", e) }], isError: true };
3207
- }
3208
- });
2777
+ // publish_intent_card removed in v3.0.0: createIntentCard was gateway-side
2778
+ // signing glue. Cards are still publishable directly via the Intent Network
2779
+ // REST API at api.aeoess.com/api/cards — sign with your agent private key.
3209
2780
  server.tool("search_matches", "Search the Intent Network for people relevant to you. Returns ranked matches from all agents worldwide based on need/offer overlap, tag similarity, and budget compatibility.", {
3210
2781
  min_score: z.number().optional().describe("Minimum relevance score 0-1 (default: 0.1)"),
3211
2782
  max_results: z.number().optional().describe("Maximum results to return (default: 10)"),
@@ -3281,7 +2852,7 @@ server.tool("get_digest", "Get a personalized digest from the Intent Network: re
3281
2852
  message: intro.message,
3282
2853
  status: intro.status,
3283
2854
  })),
3284
- note: !digest.hasCard ? 'No card published yet. Use publish_intent_card to join the network.' : undefined,
2855
+ note: !digest.hasCard ? 'No card published yet. POST to api.aeoess.com/api/cards to join the network (publish_intent_card tool removed in v3.0.0).' : undefined,
3285
2856
  }, null, 2),
3286
2857
  }],
3287
2858
  };
@@ -3601,73 +3172,12 @@ server.tool("activate_emergency", "Activate a pre-authorized emergency pathway w
3601
3172
  return { content: [{ type: "text", text: safeError("Emergency activation failed", e) }], isError: true };
3602
3173
  }
3603
3174
  });
3604
- server.tool("create_attestation", "Create a contextual attestation pre-action reasoning record for medium+ risk actions.", {
3605
- action_id: z.string(), delegation_ref: z.string(),
3606
- context_understanding: z.string().describe("Agent's assessment of the situation"),
3607
- factors_considered: z.array(z.string()).describe("Key decision factors"),
3608
- alternatives_rejected: z.array(z.object({ alternative: z.string(), reason: z.string() })).default([]),
3609
- expected_outcome: z.string(),
3610
- confidence: z.number().min(0).max(1),
3611
- semantic_uncertainty: z.enum(["low", "medium", "high", "critical"]),
3612
- required: z.boolean().default(true),
3613
- valid_until: z.string(), trust_epoch: z.number().default(1),
3614
- }, async (args) => {
3615
- const keyErr = requireKey();
3616
- if (keyErr)
3617
- return { content: [{ type: "text", text: keyErr }], isError: true };
3618
- try {
3619
- const ctx = createPolicyContext({
3620
- policy_version: "2.0.0", values_floor_version: "1.0.0",
3621
- trust_epoch: args.trust_epoch, issuer_id: state.agentKey,
3622
- valid_until: args.valid_until,
3623
- });
3624
- const att = createV2Attestation({
3625
- action_id: args.action_id, agent_id: state.agentKey,
3626
- delegation_ref: args.delegation_ref,
3627
- context_understanding: args.context_understanding,
3628
- factors_considered: args.factors_considered,
3629
- alternatives_rejected: args.alternatives_rejected,
3630
- expected_outcome: args.expected_outcome,
3631
- confidence: args.confidence,
3632
- semantic_uncertainty: args.semantic_uncertainty,
3633
- required: args.required, policy_context: ctx,
3634
- agent_private_key: state.privateKey,
3635
- });
3636
- const quality = assessV2AttestationQuality(att);
3637
- return { content: [{ type: "text", text: JSON.stringify({ attestation: att, quality }, null, 2) }] };
3638
- }
3639
- catch (e) {
3640
- return { content: [{ type: "text", text: safeError("Attestation failed", e) }], isError: true };
3641
- }
3642
- });
3643
- server.tool("request_migration", "Request fork-and-sunset migration when current delegation scope is insufficient.", {
3644
- source_delegation: z.string(),
3645
- limitation: z.string().describe("What the agent cannot do under current scope"),
3646
- requested_scope_change: z.string(),
3647
- justification: z.string(),
3648
- valid_until: z.string(), trust_epoch: z.number().default(1),
3649
- }, async (args) => {
3650
- const keyErr = requireKey();
3651
- if (keyErr)
3652
- return { content: [{ type: "text", text: keyErr }], isError: true };
3653
- try {
3654
- const ctx = createPolicyContext({
3655
- policy_version: "2.0.0", values_floor_version: "1.0.0",
3656
- trust_epoch: args.trust_epoch, issuer_id: state.agentKey,
3657
- valid_until: args.valid_until,
3658
- });
3659
- const req = requestV2Migration({
3660
- source_agent: state.agentKey, source_delegation: args.source_delegation,
3661
- limitation: args.limitation, requested_scope_change: args.requested_scope_change,
3662
- justification: args.justification, agent_private_key: state.privateKey,
3663
- policy_context: ctx,
3664
- });
3665
- return { content: [{ type: "text", text: JSON.stringify(req, null, 2) }] };
3666
- }
3667
- catch (e) {
3668
- return { content: [{ type: "text", text: safeError("Migration request failed", e) }], isError: true };
3669
- }
3670
- });
3175
+ // create_attestation (contextual attestation lifecycle) removed in v3.0.0:
3176
+ // createV2Attestation / getV2AgentAttestationQualityAvg / clearV2AttestationStore
3177
+ // were gateway-side lifecycle helpers. The primitive assessV2AttestationQuality
3178
+ // remains in the SDK for direct use.
3179
+ // request_migration removed in v3.0.0: requestV2Migration / approveV2Migration /
3180
+ // executeV2Migration were gateway-side migration orchestration.
3671
3181
  server.tool("create_artifact_provenance", "Tag an agent-generated artifact with provenance metadata (content hash, risk class, authoring agent).", {
3672
3182
  delegation_ref: z.string(), intended_use: z.string(),
3673
3183
  risk_class: z.enum(["low", "medium", "high", "critical"]),
@@ -3700,39 +3210,10 @@ server.tool("create_artifact_provenance", "Tag an agent-generated artifact with
3700
3210
  return { content: [{ type: "text", text: safeError("Provenance failed", e) }], isError: true };
3701
3211
  }
3702
3212
  });
3703
- server.tool("check_anomaly", "Record an action and check for anomalies (first-max-authority, concentration).", {
3704
- action_id: z.string(), authority_level: z.number(),
3705
- semantic_uncertainty: z.enum(["low", "medium", "high", "critical"]),
3706
- risk_class: z.enum(["low", "medium", "high", "critical"]),
3707
- delegation_ref: z.string(),
3708
- was_delegated: z.boolean().default(false),
3709
- complexity: z.number().min(0).max(1).default(0.5),
3710
- }, async (args) => {
3711
- const keyErr = requireKey();
3712
- if (keyErr)
3713
- return { content: [{ type: "text", text: keyErr }], isError: true };
3714
- try {
3715
- const record = {
3716
- action_id: args.action_id, agent_id: state.agentKey,
3717
- authority_level: args.authority_level,
3718
- semantic_uncertainty: args.semantic_uncertainty,
3719
- risk_class: args.risk_class,
3720
- delegation_ref: args.delegation_ref,
3721
- was_delegated: args.was_delegated,
3722
- complexity: args.complexity,
3723
- timestamp: new Date().toISOString(),
3724
- };
3725
- recordV2Action(record);
3726
- const anomaly = checkV2FirstMaxAuthority(record);
3727
- const concentration = computeV2ConcentrationMetrics(state.agentKey);
3728
- return { content: [{ type: "text", text: JSON.stringify({
3729
- action_recorded: true, anomaly_flag: anomaly, concentration,
3730
- }, null, 2) }] };
3731
- }
3732
- catch (e) {
3733
- return { content: [{ type: "text", text: safeError("Anomaly check failed", e) }], isError: true };
3734
- }
3735
- });
3213
+ // check_anomaly removed in v3.0.0: anomaly detection is a cross-session
3214
+ // product capability (recordV2Action / checkV2FirstMaxAuthority /
3215
+ // computeV2ConcentrationMetrics). The gateway maintains the per-agent action
3216
+ // history; MCP tools operate per-session and cannot supply meaningful trends.
3736
3217
  // ═══════════════════════════════════════
3737
3218
  // Data Governance Tools (Modules 36A, 38, 39)
3738
3219
  // ═══════════════════════════════════════
@@ -3777,142 +3258,31 @@ server.tool("register_data_source", "Register a data source with terms for agent
3777
3258
  state.sourceReceipts.set(receipt.sourceReceiptId, receipt);
3778
3259
  return { content: [{ type: "text", text: `✅ Data source registered.\n\nSource Receipt ID: ${receipt.sourceReceiptId}\nDescriptor: ${p.contentDescriptor}\nAllowed purposes: ${p.allowedPurposes.join(', ')}\nCompensation: ${p.compensationType}${p.compensationAmount ? ' $' + p.compensationAmount : ''}\nMax accesses: ${p.maxAccessCount || 'unlimited'}\nDerivative policy: ${p.derivativePolicy}` }] };
3779
3260
  });
3780
- server.tool("create_data_enforcement_gate", "Create a data enforcement gate that checks terms before allowing data access. Modes: enforce (block violations), audit (log only), off.", {
3261
+ server.tool("create_data_enforcement_gate", "[deprecated in v3.0.0 — use gateway.aeoess.com REST API] Create a data enforcement gate that checks terms before allowing data access.", {
3781
3262
  mode: z.enum(["enforce", "audit", "off"]).default("enforce").describe("Enforcement mode"),
3782
- }, async (p) => {
3783
- const kp = generateKeyPair();
3784
- state.dataEnforcementGate = new DataEnforcementGate({
3785
- gatewayId: 'gw_data_' + Date.now().toString(36),
3786
- gatewayPublicKey: kp.publicKey,
3787
- gatewayPrivateKey: kp.privateKey,
3788
- mode: p.mode,
3789
- }, state.contributionLedger);
3790
- // Register all known sources
3791
- for (const [id, receipt] of state.sourceReceipts) {
3792
- state.dataEnforcementGate.registerSource(receipt, receipt.contentDescriptor);
3793
- }
3794
- return { content: [{ type: "text", text: `✅ Data enforcement gate created.\n\nMode: ${p.mode}\nRegistered sources: ${state.sourceReceipts.size}\nContribution ledger: active` }] };
3795
- });
3796
- server.tool("check_data_access", "Check if an agent can access a data source through the enforcement gate. Generates receipt and feeds contribution ledger.", {
3797
- sourceReceiptId: z.string().describe("Source receipt ID to access"),
3798
- declaredPurpose: z.enum(["read", "analyze", "summarize", "generate", "recommend", "train", "embed", "redistribute", "commercial"]).describe("Declared purpose"),
3799
- accessMethod: z.enum(["api_call", "file_read", "database_query", "web_fetch", "memory_retrieval", "embedding_lookup", "stream", "human_provided"]).default("api_call"),
3800
- }, async (p) => {
3801
- if (!state.dataEnforcementGate)
3802
- return { content: [{ type: "text", text: "❌ No enforcement gate. Call create_data_enforcement_gate first." }] };
3803
- if (!state.agentKey)
3804
- return { content: [{ type: "text", text: "❌ Not identified." }] };
3805
- const decision = state.dataEnforcementGate.checkAccess({
3806
- agentId: state.agentId || 'unknown',
3807
- agentPublicKey: state.agentKey,
3808
- principalId: state.principal?.principalId || 'unknown',
3809
- sourceReceiptId: p.sourceReceiptId,
3810
- declaredPurpose: p.declaredPurpose,
3811
- accessMethod: p.accessMethod,
3812
- accessScope: 'data:' + p.declaredPurpose,
3813
- executionFrameId: 'frame_' + Date.now().toString(36),
3814
- });
3815
- const status = decision.allowed ? '✅ Access ALLOWED' : '❌ Access DENIED';
3816
- let text = `${status}\n\nSource: ${p.sourceReceiptId}\nPurpose: ${p.declaredPurpose}`;
3817
- if (decision.hardViolations.length)
3818
- text += `\nViolations: ${decision.hardViolations.join('; ')}`;
3819
- if (decision.advisoryWarnings.length)
3820
- text += `\nWarnings: ${decision.advisoryWarnings.join('; ')}`;
3821
- if (decision.receipt)
3822
- text += `\nReceipt ID: ${decision.receipt.accessReceiptId}`;
3823
- if (decision.accessesRemaining !== undefined)
3824
- text += `\nAccesses remaining: ${decision.accessesRemaining}`;
3825
- return { content: [{ type: "text", text }] };
3826
- });
3827
- server.tool("query_contributions", "Query the data contribution ledger. Filter by source, agent, principal, purpose, or time range.", {
3263
+ }, async (_args) => movedToGateway("create_data_enforcement_gate"));
3264
+ server.tool("query_contributions", "[deprecated in v3.0.0 — use gateway.aeoess.com REST API] Query the data contribution ledger.", {
3828
3265
  sourceReceiptId: z.string().optional(),
3829
3266
  agentId: z.string().optional(),
3830
3267
  principalId: z.string().optional(),
3831
3268
  purpose: z.string().optional(),
3832
3269
  minAccessCount: z.number().optional(),
3833
- }, async (p) => {
3834
- const records = queryContributions(state.contributionLedger, p);
3835
- if (records.length === 0)
3836
- return { content: [{ type: "text", text: "No contributions found matching query." }] };
3837
- const lines = records.map(r => `• ${r.sourceDescriptor || r.sourceReceiptId}: ${r.accessCount} accesses by ${r.agentId}, purposes: ${r.purposes.join('/')}, owed: $${r.compensationAccrued.totalOwed.toFixed(4)}`);
3838
- return { content: [{ type: "text", text: `📊 ${records.length} contribution records:\n\n${lines.join('\n')}` }] };
3839
- });
3840
- server.tool("get_source_metrics", "Get aggregate metrics for a data source: total accesses, unique agents, compensation owed.", {
3841
- sourceReceiptId: z.string().describe("Source receipt ID"),
3842
- }, async (p) => {
3843
- const metrics = getSourceMetrics(state.contributionLedger, p.sourceReceiptId);
3844
- if (!metrics)
3845
- return { content: [{ type: "text", text: "No data found for this source." }] };
3846
- return { content: [{ type: "text", text: `📊 Source Metrics: ${metrics.sourceDescriptor}\n\nTotal accesses: ${metrics.totalAccesses}\nUnique agents: ${metrics.uniqueAgents}\nUnique principals: ${metrics.uniquePrincipals}\nCompensation owed: $${metrics.compensationOwed.totalOwed.toFixed(4)} ${metrics.compensationOwed.currency}\nPurpose breakdown: ${JSON.stringify(metrics.purposeBreakdown)}\nTop agents: ${metrics.topAgents.map(a => `${a.agentId} (${a.accessCount})`).join(', ')}` }] };
3847
- });
3848
- server.tool("get_agent_data_footprint", "Show every data source an agent has accessed, with compensation status.", {
3849
- agentId: z.string().describe("Agent ID to check"),
3850
- }, async (p) => {
3851
- const footprint = getAgentDataFootprint(state.contributionLedger, p.agentId);
3852
- if (!footprint)
3853
- return { content: [{ type: "text", text: "No data access found for this agent." }] };
3854
- const sources = footprint.sourcesAccessed.map(s => `• ${s.sourceDescriptor || s.sourceReceiptId}: ${s.accessCount} accesses, purposes: ${s.purposes.join('/')}, status: ${s.compensationStatus}`);
3855
- return { content: [{ type: "text", text: `🔍 Agent Data Footprint: ${p.agentId}\n\nTotal sources: ${footprint.totalSources}\nTotal accesses: ${footprint.totalAccesses}\nTotal compensation accrued: $${footprint.totalCompensationAccrued.toFixed(4)} ${footprint.currency}\n\nSources:\n${sources.join('\n')}` }] };
3856
- });
3857
- server.tool("generate_settlement", "Generate a Merkle-committed, signed settlement record for a period. Shows what's owed to each data source.", {
3270
+ }, async (_args) => movedToGateway("query_contributions"));
3271
+ server.tool("generate_settlement", "[deprecated in v3.0.0 — use gateway.aeoess.com REST API] Generate a Merkle-committed, signed settlement record for a period.", {
3858
3272
  startDate: z.string().describe("Period start (YYYY-MM-DD)"),
3859
3273
  endDate: z.string().describe("Period end (YYYY-MM-DD)"),
3860
3274
  periodLabel: z.string().describe("Label (e.g. '2026-Q1', '2026-03')"),
3861
- }, async (p) => {
3862
- const kp = generateKeyPair();
3863
- const settlement = generateSettlement(state.contributionLedger, { startDate: p.startDate, endDate: p.endDate, periodLabel: p.periodLabel }, kp.publicKey, kp.privateKey);
3864
- const verification = verifySettlement(settlement);
3865
- const lines = settlement.lineItems.map(li => `• ${li.sourceDescriptor || li.sourceReceiptId}: ${li.accessCount} accesses, $${li.amount.toFixed(4)} (${li.compensationModel})`);
3866
- return { content: [{ type: "text", text: `📋 Settlement Record: ${settlement.settlementId}\n\nPeriod: ${p.periodLabel}\nTotal: $${settlement.totalAmount.toFixed(4)} ${settlement.currency}\nTotal accesses: ${settlement.totalAccesses}\nUnique sources: ${settlement.uniqueSources}\nUnique payers: ${settlement.uniquePayers}\nMerkle root: ${settlement.merkleRoot.slice(0, 16)}...\nVerification: ${verification.valid ? '✅ VALID' : '❌ INVALID'}\n\nLine items:\n${lines.join('\n')}` }] };
3867
- });
3868
- server.tool("generate_compliance_report", "Generate a GDPR Article 30 / EU AI Act Article 10 / SOC 2 compliance report.", {
3869
- reportType: z.enum(["gdpr_article30", "euai_article10", "soc2_data", "general"]).describe("Report type"),
3870
- startDate: z.string().describe("Period start"),
3871
- endDate: z.string().describe("Period end"),
3872
- periodLabel: z.string().describe("Label"),
3873
- agentId: z.string().optional().describe("Filter by agent"),
3874
- principalId: z.string().optional().describe("Filter by principal"),
3875
- }, async (p) => {
3876
- const kp = generateKeyPair();
3877
- const report = generateDataComplianceReport(state.contributionLedger, { startDate: p.startDate, endDate: p.endDate, periodLabel: p.periodLabel }, p.reportType, kp.privateKey, { agentId: p.agentId, principalId: p.principalId });
3878
- return { content: [{ type: "text", text: `📋 Compliance Report: ${report.reportId}\n\nType: ${p.reportType}\nPeriod: ${p.periodLabel}\nTotal data accesses: ${report.summary.totalDataAccesses}\nUnique data sources: ${report.summary.uniqueDataSources}\nPurpose breakdown: ${JSON.stringify(report.summary.purposeBreakdown)}\nCompensation: $${report.summary.compensationSummary.total.toFixed(4)} (pending: $${report.summary.compensationSummary.pending.toFixed(4)})\nTerms violations: ${report.summary.termsViolations}\nAdvisory warnings: ${report.summary.advisoryWarnings}\nSigned: ✅` }] };
3879
- });
3880
- server.tool("record_training_use", "Record that agent output derived from data sources was used for training/fine-tuning/embedding. Creates a signed training attribution receipt.", {
3881
- trainingUseType: z.enum(["fine_tune", "lora_adapter", "embedding", "rag_index", "distillation", "evaluation", "synthetic_data"]).describe("Type of training use"),
3882
- modelId: z.string().describe("Model being trained"),
3883
- sourceAccessReceiptIds: z.array(z.string()).describe("Access receipt IDs of source data used"),
3884
- outputContentHash: z.string().describe("SHA-256 of the output used for training"),
3885
- contributionWeights: z.record(z.number()).optional().describe("Fractional weights per source (sum to 1.0)"),
3886
- datasetSize: z.number().optional().describe("Number of training examples"),
3887
- }, async (p) => {
3888
- if (!state.agentKey || !state.privateKey)
3889
- return { content: [{ type: "text", text: "❌ Not identified." }] };
3890
- const receipt = createTrainingAttribution({
3891
- trainingUseType: p.trainingUseType,
3892
- modelId: p.modelId,
3893
- trainerId: state.agentId || 'unknown',
3894
- trainerPublicKey: state.agentKey,
3895
- trainerPrivateKey: state.privateKey,
3896
- sourceAccessReceiptIds: p.sourceAccessReceiptIds,
3897
- executionFrameId: 'frame_train_' + Date.now().toString(36),
3898
- outputContentHash: p.outputContentHash,
3899
- inputDataHashes: p.sourceAccessReceiptIds.map(id => id), // simplified
3900
- contributionWeights: p.contributionWeights,
3901
- datasetSize: p.datasetSize,
3902
- });
3903
- recordTrainingAttribution(state.trainingLedger, receipt);
3904
- const v = verifyTrainingAttribution(receipt);
3905
- return { content: [{ type: "text", text: `✅ Training attribution recorded.\n\nReceipt: ${receipt.trainingReceiptId}\nType: ${p.trainingUseType}\nModel: ${p.modelId}\nSources: ${p.sourceAccessReceiptIds.length}\nDataset size: ${p.datasetSize || 'N/A'}\nWeights: ${p.contributionWeights ? JSON.stringify(p.contributionWeights) : 'equal'}\nVerification: ${v.valid ? '✅' : '❌'}` }] };
3906
- });
3907
- server.tool("get_model_data_sources", "Show which data sources contributed to a model's training, with fractional weights.", {
3908
- modelId: z.string().describe("Model ID to check"),
3909
- }, async (p) => {
3910
- const sources = getModelDataSources(state.trainingLedger, p.modelId);
3911
- if (sources.length === 0)
3912
- return { content: [{ type: "text", text: "No training data found for this model." }] };
3913
- const lines = sources.map(s => `• ${s.accessReceiptId}: weight ${s.weight.toFixed(4)}, type: ${s.trainingUseType}`);
3914
- return { content: [{ type: "text", text: `🧠 Model Training Sources: ${p.modelId}\n\n${sources.length} data sources contributed:\n${lines.join('\n')}` }] };
3915
- });
3275
+ }, async (_args) => movedToGateway("generate_settlement"));
3276
+ // Removed in v3.0.0 (moved to gateway product — no stub to keep tool count bounded):
3277
+ // check_data_access (DataEnforcementGate.checkAccess)
3278
+ // get_source_metrics (cross-agent ledger aggregation)
3279
+ // get_agent_data_footprint (cross-agent ledger aggregation)
3280
+ // generate_compliance_report (generateDataComplianceReport)
3281
+ // record_training_use (createTrainingAttribution + ledger)
3282
+ // get_model_data_sources (training ledger aggregation)
3283
+ // All of these required ContributionLedger / TrainingAttributionLedger
3284
+ // (ledger classes are gateway-product). The underlying primitives
3285
+ // (access receipts, settlement signing) remain in the SDK at aps_* tools.
3916
3286
  // ═══════════════════════════════════════
3917
3287
  // Data Lifecycle Governance Tools
3918
3288
  // ═══════════════════════════════════════
package/package.json CHANGED
@@ -1,8 +1,8 @@
1
1
  {
2
2
  "name": "agent-passport-system-mcp",
3
- "version": "2.27.0",
3
+ "version": "3.0.0",
4
4
  "mcpName": "io.github.aeoess/agent-passport-mcp",
5
- "description": "MCP server for the Agent Passport System — enforcement infrastructure for the agent economy. 154 tools across 123 modules. Policy eval <2ms. Identity, delegation, reputation, enforcement, attestation, feeless Nano wallet, commerce, attribution primitive, attribution settlement. Tracks SDK v1.46.0 (2,972 tests).",
5
+ "description": "MCP server for the Agent Passport System — protocol-layer tools only. 142 tools (132 protocol + 10 gateway deprecation stubs). Identity, delegation, reputation, attestation, coordination, commerce, attribution primitive, attribution settlement. Tracks SDK v2.0.0. For gateway-runtime tools (ProxyGateway, AgentContext, DataEnforcementGate), use gateway.aeoess.com REST API or pin to v2.27.0.",
6
6
  "type": "module",
7
7
  "bin": {
8
8
  "agent-passport-system-mcp": "./build/bin.js",
@@ -50,7 +50,7 @@
50
50
  "homepage": "https://github.com/aeoess/agent-passport-mcp",
51
51
  "dependencies": {
52
52
  "@modelcontextprotocol/sdk": "^1.27.1",
53
- "agent-passport-system": "^1.46.0",
53
+ "agent-passport-system": "^2.0.0-beta.0",
54
54
  "zod": "^3.25.76"
55
55
  },
56
56
  "devDependencies": {