agent-passport-system-mcp 2.4.3 → 2.4.4

package/README.md

@@ -1,12 +1,33 @@
 # Agent Passport System MCP Server
 
+<!-- mcp-name: io.github.aeoess/agent-passport-mcp -->
+
+<a href="https://glama.ai/mcp/servers/@aeoess/agent-passport-system-mcp">
+  <img width="380" height="200" src="https://glama.ai/mcp/servers/@aeoess/agent-passport-system-mcp/badge" />
+</a>
+
 MCP server for the [Agent Passport System](https://github.com/aeoess/agent-passport-system) — cryptographic identity, delegation, governance, and commerce for AI agents.
 
-**38 tools** across all 8 protocol layers. Works with any MCP client: Claude Desktop, Cursor, Windsurf, and more.
+**44 tools** across all 8 protocol layers. Works with any MCP client: Claude Desktop, Cursor, Windsurf, and more.
 
 ## Quick Start
 
-### Claude Desktop
+### Remote (no install)
+
+Connect directly via SSE — works with any MCP client:
+
+```json
+{
+  "mcpServers": {
+    "agent-passport": {
+      "type": "sse",
+      "url": "https://mcp.aeoess.com/sse"
+    }
+  }
+}
+```
+
+### Claude Desktop (local)
 
 Add to `~/Library/Application Support/Claude/claude_desktop_config.json`:
 
@@ -116,6 +137,17 @@ Add to your MCP config:
 | `execute_with_context` | Execute action through policy enforcement (intent → evaluate → verdict) |
 | `complete_action` | Complete action and get full proof chain (intent + decision + receipt) |
 
+### Principal Identity — 6 tools
+
+| Tool | Description |
+|------|-------------|
+| `create_principal` | Create principal identity (human/org behind agents) with Ed25519 keypair |
+| `endorse_agent` | Endorse an agent — cryptographic chain: principal → agent |
+| `verify_endorsement` | Verify a principal's endorsement signature |
+| `revoke_endorsement` | Revoke endorsement ("I no longer authorize this agent") |
+| `create_disclosure` | Selective disclosure of principal identity (public/verified-only/minimal) |
+| `get_fleet_status` | Status of all agents endorsed by the current principal |
+
 ## Architecture
 
 ```
@@ -131,7 +163,8 @@ Layer 1 — Agent Passport Protocol (Ed25519 identity)
 
 ## Links
 
-- npm SDK: [agent-passport-system](https://www.npmjs.com/package/agent-passport-system) (v1.9.1, 264 tests)
+- npm SDK: [agent-passport-system](https://www.npmjs.com/package/agent-passport-system) (v1.10.1, 329 tests)
+- Python SDK: [agent-passport-system](https://pypi.org/project/agent-passport-system/) (v0.4.0, 86 tests)
 - Paper: [doi.org/10.5281/zenodo.18749779](https://doi.org/10.5281/zenodo.18749779)
 - Docs: [aeoess.com/llms-full.txt](https://aeoess.com/llms-full.txt)
 - Agora: [aeoess.com/agora.html](https://aeoess.com/agora.html)

package/build/index.js

@@ -29,7 +29,9 @@ createAgoraMessage, createFeed, appendToFeed, getThread, getByTopic, getTopics,
 // Values/Policy (Layer 2 + 5)
 loadFloor, attestFloor, createActionIntent, evaluateIntent, FloorValidatorV1, 
 // Commerce (Layer 8)
-commercePreflight, createCommerceDelegation, getSpendSummary, requestHumanApproval, coordinationToAgora, } from "agent-passport-system";
+commercePreflight, createCommerceDelegation, getSpendSummary, requestHumanApproval, coordinationToAgora, 
+// Principal Identity
+createPrincipalIdentity, endorseAgent, verifyEndorsement, revokeEndorsement, createDisclosure, createFleet, addToFleet, getFleetStatus, revokeFromFleet, } from "agent-passport-system";
 // ═══════════════════════════════════════
 // State Management
 // ═══════════════════════════════════════
@@ -54,6 +56,10 @@ const state = {
     agentContext: null,
     floor: null,
     pendingActions: new Map(),
+    principal: null,
+    principalPrivateKey: null,
+    endorsements: new Map(),
+    fleet: null,
 };
 // Load persisted task state
 function loadTasks() {
@@ -1761,6 +1767,159 @@ server.tool("complete_action", "Complete a permitted action and get the full 3-s
     }
 });
 // ═══════════════════════════════════════
+// PRINCIPAL IDENTITY TOOLS
+// ═══════════════════════════════════════
+server.tool("create_principal", "Create a principal identity (human or org behind agents). Gets its own Ed25519 keypair.", {
+    display_name: z.string().describe("Human-readable name (e.g. 'Tima', 'Acme Corp')"),
+    domain: z.string().optional().describe("Verifiable domain (e.g. 'aeoess.com')"),
+    jurisdiction: z.string().optional().describe("Legal jurisdiction (e.g. 'US', 'EU')"),
+    contact_channel: z.string().optional().describe("Contact method (e.g. 'telegram:@aeoess')"),
+    disclosure_level: z.enum(["public", "verified-only", "minimal"]).default("public").describe("How much identity to reveal"),
+}, async (args) => {
+    const { principal, keyPair } = createPrincipalIdentity({
+        displayName: args.display_name,
+        domain: args.domain,
+        jurisdiction: args.jurisdiction,
+        contactChannel: args.contact_channel,
+        disclosureLevel: args.disclosure_level,
+    });
+    state.principal = principal;
+    state.principalPrivateKey = keyPair.privateKey;
+    state.fleet = createFleet(principal);
+    return {
+        content: [{
+                type: "text",
+                text: JSON.stringify({
+                    principalId: principal.principalId,
+                    displayName: principal.displayName,
+                    publicKey: principal.publicKey.slice(0, 16) + '...',
+                    privateKey: keyPair.privateKey.slice(0, 16) + '... (store securely)',
+                    domain: principal.domain,
+                    disclosureLevel: principal.disclosureLevel,
+                    note: 'Principal created. Use endorse_agent to sign off on agents.',
+                }, null, 2),
+            }],
+    };
+});
+server.tool("endorse_agent", "Endorse an agent as a principal. Creates a cryptographic chain: principal → agent.", {
+    agent_id: z.string().describe("Agent ID to endorse"),
+    agent_public_key: z.string().describe("Agent's Ed25519 public key"),
+    scope: z.array(z.string()).describe("What the agent can do on principal's behalf"),
+    relationship: z.enum(["creator", "operator", "employer", "sponsor"]).describe("How principal relates to agent"),
+    expires_in_days: z.number().default(365).describe("Days until endorsement expires"),
+}, async (args) => {
+    if (!state.principal || !state.principalPrivateKey) {
+        return { content: [{ type: "text", text: 'No principal identity. Call create_principal first.' }], isError: true };
+    }
+    const endorsement = endorseAgent({
+        principal: state.principal,
+        principalPrivateKey: state.principalPrivateKey,
+        agentId: args.agent_id,
+        agentPublicKey: args.agent_public_key,
+        scope: args.scope,
+        relationship: args.relationship,
+        expiresInDays: args.expires_in_days,
+    });
+    state.endorsements.set(endorsement.endorsementId, endorsement);
+    if (state.fleet) {
+        state.fleet = addToFleet(state.fleet, endorsement);
+    }
+    return {
+        content: [{
+                type: "text",
+                text: JSON.stringify({
+                    endorsementId: endorsement.endorsementId,
+                    principalId: endorsement.principalId,
+                    agentId: endorsement.agentId,
+                    relationship: endorsement.relationship,
+                    scope: endorsement.scope,
+                    expiresAt: endorsement.expiresAt,
+                    note: 'Agent endorsed. The endorsement signature can be embedded in the agent\'s passport via endorse_passport.',
+                }, null, 2),
+            }],
+    };
+});
+server.tool("verify_endorsement", "Verify a principal's endorsement of an agent. Checks cryptographic signature.", {
+    endorsement_id: z.string().describe("Endorsement ID to verify"),
+}, async (args) => {
+    const endorsement = state.endorsements.get(args.endorsement_id);
+    if (!endorsement) {
+        return { content: [{ type: "text", text: `Endorsement ${args.endorsement_id} not found in session.` }], isError: true };
+    }
+    const result = verifyEndorsement(endorsement);
+    return {
+        content: [{
+                type: "text",
+                text: JSON.stringify({
+                    valid: result.valid,
+                    expired: result.expired,
+                    revoked: result.revoked,
+                    principalId: result.principalId,
+                    agentId: result.agentId,
+                    errors: result.errors,
+                }, null, 2),
+            }],
+    };
+});
+server.tool("revoke_endorsement", "Revoke a principal's endorsement of an agent. 'I no longer authorize this agent.'", {
+    endorsement_id: z.string().describe("Endorsement ID to revoke"),
+    reason: z.string().describe("Why the endorsement is being revoked"),
+}, async (args) => {
+    const endorsement = state.endorsements.get(args.endorsement_id);
+    if (!endorsement) {
+        return { content: [{ type: "text", text: `Endorsement ${args.endorsement_id} not found.` }], isError: true };
+    }
+    const revoked = revokeEndorsement(endorsement, args.reason);
+    state.endorsements.set(args.endorsement_id, revoked);
+    if (state.fleet) {
+        state.fleet = revokeFromFleet(state.fleet, revoked.agentId);
+    }
+    return {
+        content: [{
+                type: "text",
+                text: JSON.stringify({
+                    revoked: true,
+                    endorsementId: revoked.endorsementId,
+                    agentId: revoked.agentId,
+                    reason: revoked.revokedReason,
+                    revokedAt: revoked.revokedAt,
+                }, null, 2),
+            }],
+    };
+});
+server.tool("create_disclosure", "Create a selective disclosure of principal identity. Controls how much info is revealed.", {
+    level: z.enum(["public", "verified-only", "minimal"]).describe("Disclosure level: public (everything), verified-only (id+key+domain), minimal (hash+DID only)"),
+}, async (args) => {
+    if (!state.principal || !state.principalPrivateKey) {
+        return { content: [{ type: "text", text: 'No principal identity. Call create_principal first.' }], isError: true };
+    }
+    const disclosure = createDisclosure(state.principal, state.principalPrivateKey, args.level);
+    return {
+        content: [{
+                type: "text",
+                text: JSON.stringify({
+                    disclosureId: disclosure.disclosureId,
+                    level: disclosure.level,
+                    revealedFields: disclosure.revealedFields,
+                    proof: disclosure.proof.slice(0, 16) + '...',
+                    note: 'Share this disclosure with other agents. They can verify it with verify_disclosure.',
+                }, null, 2),
+            }],
+    };
+});
+server.tool("get_fleet_status", "Get status of all agents endorsed by the current principal.", {}, async () => {
+    if (!state.fleet) {
+        return { content: [{ type: "text", text: 'No fleet. Call create_principal first.' }], isError: true };
+    }
+    const status = getFleetStatus(state.fleet);
+    return {
+        content: [{
+                type: "text",
+                text: JSON.stringify(status, null, 2),
+            }],
+    };
+});
+// ═══════════════════════════════════════
 // MCP Prompts — Role-Specific
 // ═══════════════════════════════════════
 server.prompt("coordination_role", "Get instructions for your assigned coordination role", {}, async () => {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agent-passport-system-mcp",
-  "version": "2.4.3",
+  "version": "2.4.4",
   "mcpName": "io.github.aeoess/agent-passport-mcp",
   "description": "MCP server for Agent Passport System — cryptographic identity, delegation, governance, and deliberation for AI agents",
   "type": "module",
@@ -45,11 +45,11 @@
   "homepage": "https://github.com/aeoess/agent-passport-mcp",
   "dependencies": {
     "@modelcontextprotocol/sdk": "^1.12.0",
-    "agent-passport-system": "^1.9.0",
+    "agent-passport-system": "file:../agent-passport-system/agent-passport-system-1.10.1.tgz",
     "zod": "^3.25.0"
   },
   "devDependencies": {
-    "@types/node": "^25.3.2",
+    "@types/node": "^25.3.5",
     "typescript": "^5.9.3"
   },
   "peerDependencies": {