agent-passport-system-mcp 3.2.4 → 3.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/LICENSE CHANGED
@@ -175,7 +175,7 @@
175
175
 
176
176
  END OF TERMS AND CONDITIONS
177
177
 
178
- Copyright 2024-2026 Tymofii Pidlisnyi
178
+ Copyright 2026 Tymofii Pidlisnyi
179
179
 
180
180
  Licensed under the Apache License, Version 2.0 (the "License");
181
181
  you may not use this file except in compliance with the License.
package/README.md CHANGED
@@ -6,19 +6,19 @@
6
6
  <img width="380" height="200" src="https://glama.ai/mcp/servers/@aeoess/agent-passport-system-mcp/badge" />
7
7
  </a>
8
8
 
9
- Enforcement and accountability layer for AI agents. Bring your own identity. 20 essential tools by default: identity, delegation, enforcement, commerce, reputation.
9
+ Enforcement and accountability layer for AI agents. Bring your own identity. 150 tools by default across identity, delegation, enforcement, commerce, reputation, governance, coordination, and data.
10
10
 
11
11
  ```bash
12
- APS_PROFILE=essential npx agent-passport-system-mcp
12
+ npx agent-passport-system-mcp
13
13
  ```
14
14
 
15
- `essential` is the default profile — the 20 tools 90% of integrations need. Set `APS_PROFILE=full` for all 150 tools.
15
+ The default profile is `full` all 150 tools. Set `APS_PROFILE=essential` for a 26-tool slim profile covering the primitives most integrations need (identity, delegation, enforcement, commerce, reputation).
16
16
 
17
- Available profiles: essential (default), identity, governance, coordination, commerce, data, gateway, comms, minimal, full.
17
+ Available profiles: full (default), essential, identity, governance, coordination, commerce, data, gateway, comms, minimal.
18
18
 
19
- > **For AI agents:** visit [aeoess.com/llms.txt](https://aeoess.com/llms.txt) for machine-readable documentation or [llms-full.txt](https://aeoess.com/llms-full.txt) for the complete technical reference. MCP discovery: [.well-known/mcp.json](https://aeoess.com/.well-known/mcp.json).
19
+ > **For AI agents:** visit [agent-passport.org/llms.txt](https://agent-passport.org/llms.txt) for machine-readable documentation or [llms-full.txt](https://agent-passport.org/llms-full.txt) for the complete technical reference. MCP discovery: [.well-known/mcp.json](https://agent-passport.org/.well-known/mcp.json).
20
20
 
21
- Works with any MCP client: Claude Desktop, Claude Code, Cursor, Windsurf, and more. Full surface area under `APS_PROFILE=full`: 150 tools across the protocol surface, including Wave 1 accountability primitives (Ed25519 ActionReceipt, AuthorityBoundaryReceipt, CustodyReceipt, ContestabilityReceipt, APSBundle, strict RFC 8785 JCS for interop-facing receipts, byte-match across implementations). Independently cited by [PDR in Production preprint (Nanook & Gerundium)](https://doi.org/10.5281/zenodo.19323172).
21
+ Works with any MCP client: Claude Desktop, Claude Code, Cursor, Windsurf, and more. Full surface area (the default): 150 tools across the protocol surface, including Wave 1 accountability primitives (Ed25519 ActionReceipt, AuthorityBoundaryReceipt, CustodyReceipt, ContestabilityReceipt, APSBundle, strict RFC 8785 JCS for interop-facing receipts, byte-match across implementations). Independently cited by [PDR in Production preprint (Nanook & Gerundium)](https://doi.org/10.5281/zenodo.19323172).
22
22
 
23
23
  ## Quick Start
24
24
 
@@ -215,9 +215,9 @@ Layer 1 — Agent Passport Protocol (Ed25519 identity)
215
215
 
216
216
  ## Links
217
217
 
218
- - npm SDK: [agent-passport-system](https://www.npmjs.com/package/agent-passport-system) (v2.9.0, 3,881 tests)
219
- - Python SDK: [agent-passport-system](https://pypi.org/project/agent-passport-system/) (v2.4.0a3 pre-release; v2.3.0 stable)
220
- - Go SDK: [agent-passport-go](https://pkg.go.dev/github.com/aeoess/agent-passport-go) (v0.2.0-alpha.1; `go get github.com/aeoess/agent-passport-go@v0.2.0-alpha.1`)
218
+ - npm SDK: [agent-passport-system](https://www.npmjs.com/package/agent-passport-system) (v3.3.0, 4,097 tests)
219
+ - Python SDK: [agent-passport-system](https://pypi.org/project/agent-passport-system/) (v2.8.0)
220
+ - Go SDK: [agent-passport-go](https://pkg.go.dev/github.com/aeoess/agent-passport-go) (v0.3.0; `go get github.com/aeoess/agent-passport-go@v0.3.0`)
221
221
  - Paper (Social Contract): [doi.org/10.5281/zenodo.18749779](https://doi.org/10.5281/zenodo.18749779)
222
222
  - Paper (Monotonic Narrowing): [doi.org/10.5281/zenodo.18932404](https://doi.org/10.5281/zenodo.18932404)
223
223
  - Paper (Faceted Authority Attenuation): [doi.org/10.5281/zenodo.19260073](https://doi.org/10.5281/zenodo.19260073)
@@ -227,7 +227,7 @@ Layer 1 — Agent Passport Protocol (Ed25519 identity)
227
227
  - Paper (Cognitive Attestation): [doi.org/10.5281/zenodo.19646276](https://doi.org/10.5281/zenodo.19646276)
228
228
  - Paper (The Evidence-Safety Gap): [doi.org/10.5281/zenodo.19914628](https://doi.org/10.5281/zenodo.19914628)
229
229
  - IETF Internet-Draft: `draft-pidlisnyi-aps-01`
230
- - Docs: [aeoess.com/llms-full.txt](https://aeoess.com/llms-full.txt)
230
+ - Docs: [aeoess.com/llms-full.txt](https://agent-passport.org/llms-full.txt)
231
231
  - Agora: [aeoess.com/agora.html](https://aeoess.com/agora.html)
232
232
 
233
233
  ## License
@@ -1,4 +1,4 @@
1
- // Copyright 2024-2026 Tymofii Pidlisnyi. Apache-2.0 license. See LICENSE.
1
+ // Copyright 2026 Tymofii Pidlisnyi. Apache-2.0 license. See LICENSE.
2
2
  // Regression: a capability SinkChallenge carries a signed expires_at that no
3
3
  // verifier enforced, so an expired permit stayed redeemable forever.
4
4
  // verifySinkChallenge / verifyChallengeReceipt now reject an expired challenge.
package/build/index.js CHANGED
@@ -1,5 +1,5 @@
1
1
  #!/usr/bin/env node
2
- // Copyright 2024-2026 Tymofii Pidlisnyi. Apache-2.0 license. See LICENSE.
2
+ // Copyright 2026 Tymofii Pidlisnyi. Apache-2.0 license. See LICENSE.
3
3
  // ══════════════════════════════════════════════════════════════
4
4
  // Agent Passport MCP Server v2.0
5
5
  // ══════════════════════════════════════════════════════════════
@@ -28,7 +28,9 @@ createAgoraMessage, createFeed, appendToFeed, getThread, getByTopic, getTopics,
28
28
  // Values/Policy (Layer 2 + 5)
29
29
  loadFloor, attestFloor, createActionIntent, evaluateIntent, FloorValidatorV1,
30
30
  // Commerce (Layer 8)
31
- commercePreflight, createCommerceDelegation, getSpendSummary, requestHumanApproval,
31
+ // commercePreflight moved to the gateway in agent-passport-system 3.3.0 (throw-only stub);
32
+ // the MCP tool now returns a machine-readable deprecation notice instead of calling it.
33
+ createCommerceDelegation, getSpendSummary, requestHumanApproval,
32
34
  // Principal Identity
33
35
  createPrincipalIdentity, endorseAgent, verifyEndorsement, revokeEndorsement, createDisclosure, createFleet, addToFleet, getFleetStatus, revokeFromFleet,
34
36
  // Reputation-Gated Authority (Layer 9)
@@ -368,7 +370,7 @@ function movedToGateway(toolName) {
368
370
  // ═══════════════════════════════════════
369
371
  const server = new McpServer({
370
372
  name: "agent-passport-mcp",
371
- version: "2.0.0",
373
+ version: "3.3.0",
372
374
  });
373
375
  // Track server start time for Tier 0 connection timing
374
376
  globalThis.__mcpStartTime = Date.now();
@@ -452,12 +454,13 @@ const TOOL_PROFILES = {
452
454
  'create_intent', 'evaluate_intent', 'list_profiles',
453
455
  ]),
454
456
  essential: new Set([
457
+ 'identify',
455
458
  'generate_keys', 'issue_passport', 'get_passport_grade',
456
459
  'create_delegation', 'verify_delegation', 'revoke_delegation', 'sub_delegate',
457
460
  'load_values_floor', 'attest_to_floor',
458
461
  'create_intent', 'evaluate_intent', 'complete_action',
459
462
  'create_agent_context', 'execute_with_context',
460
- 'commerce_preflight', 'get_commerce_spend', 'request_human_approval',
463
+ 'get_commerce_spend', 'request_human_approval',
461
464
  'resolve_authority', 'check_tier', 'rotate_key',
462
465
  // v2 boundary primitives — most-used entry points
463
466
  'aps_create_attribution_receipt',
@@ -665,18 +668,24 @@ const TOOL_SCOPE_MAP = {
665
668
  'aps_capability_evaluate_authority': 'capability',
666
669
  'aps_capability_mint_receipt': 'capability',
667
670
  'aps_capability_sign_effect': 'capability',
671
+ // Mutual Authentication v1 (SDK v2.2.0) -> 'mutual-auth' scope
672
+ 'mutualAuthBuildCertificate': 'mutual-auth',
673
+ 'mutualAuthVerifyAttest': 'mutual-auth',
674
+ 'mutualAuthDeriveSession': 'mutual-auth',
675
+ 'mutualAuthVerifyTrustBundle': 'mutual-auth',
668
676
  };
669
677
  // ═══════════════════════════════════════
670
678
  // TOOL: list_profiles
671
679
  // ═══════════════════════════════════════
672
680
  server.tool("list_profiles", "Show available tool profiles. Set APS_PROFILE env var to limit exposed tools (e.g. APS_PROFILE=data).", {}, async () => {
673
681
  const lines = Object.entries(TOOL_PROFILES).map(([name, tools]) => `• ${name} (${tools.size} tools): ${Array.from(tools).slice(0, 6).join(', ')}${tools.size > 6 ? '...' : ''}`);
674
- return { content: [{ type: "text", text: `📋 Tool Profiles (set APS_PROFILE env var):\n\nActive: ${activeProfile} (${activeProfile === 'full' ? '132' : profileFilter?.size || '132'} tools)\n\nRecommended: essential (20 tools) — identity, delegation, enforcement, commerce, reputation.\n\n${lines.join('\n')}\n\n• full (132 tools): All tools exposed (default)` }] };
682
+ const essentialSize = TOOL_PROFILES.essential.size;
683
+ return { content: [{ type: "text", text: `📋 Tool Profiles (set APS_PROFILE env var):\n\nActive: ${activeProfile} (${activeProfile === 'full' ? '150' : profileFilter?.size || '150'} tools)\n\nRecommended: essential (${essentialSize} tools) - identity, delegation, enforcement, commerce, reputation.\n\n${lines.join('\n')}\n\n• full (150 tools): All tools exposed (default)` }] };
675
684
  });
676
685
  // ═══════════════════════════════════════
677
686
  // TOOL: list_tools_for_scope (Primitive #9: Tool Pool Assembly)
678
687
  // ═══════════════════════════════════════
679
- server.tool("list_tools_for_scope", "List available MCP tools filtered by delegation scope. Pass your delegation scopes to see which tools you can use. Scopes: identity, delegation, principal, reputation, coordination, communication, governance, commerce, data, gateway, network, temporal, attribution. Use ['*'] for all tools.", {
688
+ server.tool("list_tools_for_scope", "List available MCP tools filtered by delegation scope. Pass your delegation scopes to see which tools you can use. Scopes: identity, delegation, principal, reputation, coordination, communication, governance, commerce, data, gateway, network, temporal, attribution, settlement, capability, mutual-auth. Use ['*'] for all tools.", {
680
689
  scopes: z.array(z.string()).describe("Your delegation scopes, e.g. ['identity', 'delegation', 'commerce']"),
681
690
  }, async ({ scopes }) => {
682
691
  const allTools = Object.entries(TOOL_SCOPE_MAP);
@@ -2283,63 +2292,29 @@ server.tool("evaluate_intent", "[OPERATOR] Evaluate an intent against the Values
2283
2292
  // ═══════════════════════════════════════
2284
2293
  // COMMERCE TOOLS (Layer 8)
2285
2294
  // ═══════════════════════════════════════
2286
- server.tool("commerce_preflight", "Run preflight checks before a purchase. Validates passport, delegation, merchant, and spend limits.", {
2295
+ server.tool("commerce_preflight", "[moved to gateway in SDK 3.3.0] The 6-gate commerce preflight orchestration moved out of the SDK and MCP into the AEOESS gateway. This tool no longer runs the pipeline locally; it returns a machine-readable deprecation notice pointing to the gateway commerce endpoint. Compose the pure gate predicates from the SDK yourself, or call the gateway.", {
2287
2296
  merchant_name: z.string().describe("Merchant to purchase from"),
2288
2297
  amount: z.number().describe("Purchase amount"),
2289
2298
  currency: z.string().default("usd").describe("Currency code"),
2290
2299
  delegation_id: z.string().describe("Commerce delegation ID"),
2291
2300
  agent_id: z.string().describe("Agent making the purchase"),
2292
- }, async (args) => {
2301
+ }, async (_args) => {
2293
2302
  recordBehavior('commerce_preflight');
2294
- const keyErr = requireKey();
2295
- if (keyErr)
2296
- return { content: [{ type: "text", text: keyErr }], isError: true };
2297
- // F-1 fix: look up actual delegation from session state for real scope/spend
2298
- const sessionDel = state.delegations.get(args.delegation_id);
2299
- const actualSpendLimit = sessionDel?.spendLimit ?? 1000;
2300
- const hasCommerceScope = sessionDel
2301
- ? sessionDel.scope.some((s) => s === 'commerce' || s === 'commerce:checkout' || s.startsWith('commerce'))
2302
- : false; // no delegation → no commerce scope (agent-context fallback removed with gateway move)
2303
- // Use session agent if available (created by identify), fallback to throwaway
2304
- const agent = state.sessionAgent || joinSocialContract({
2305
- name: args.agent_id,
2306
- mission: 'Commerce operation',
2307
- owner: 'mcp-session',
2308
- capabilities: hasCommerceScope ? ['commerce:checkout', 'commerce:browse'] : [],
2309
- platform: 'node',
2310
- models: ['mcp'],
2311
- });
2312
- // Look up or create commerce delegation using actual scope/spend.
2313
- // Reflect spend already recorded on the session delegation instead of the hardcoded 0 that
2314
- // createCommerceDelegation returns, so the spend gate is not a structural no-op that always
2315
- // sees the full limit remaining. NOTE: nothing in the MCP yet INCREMENTS sessionDel.spentAmount
2316
- // (a spend-record path is a metering decision flagged for Tima), so cumulative enforcement here
2317
- // is only as complete as the session state that feeds it.
2318
- const commerceDel = {
2319
- ...createCommerceDelegation({
2320
- agentId: args.agent_id,
2321
- delegationId: args.delegation_id,
2322
- spendLimit: actualSpendLimit,
2323
- approvedMerchants: [], // Empty = all merchants allowed
2324
- }),
2325
- spentAmount: sessionDel?.spentAmount ?? 0,
2326
- };
2327
- const result = commercePreflight({
2328
- signedPassport: agent.passport,
2329
- delegation: commerceDel,
2330
- merchantName: args.merchant_name,
2331
- estimatedTotal: { amount: args.amount, currency: args.currency },
2332
- });
2303
+ // commercePreflight() became a throw-only migration stub in agent-passport-system 3.3.0
2304
+ // (the orchestrator moved to the gateway). Rather than let that stub throw, return a clean,
2305
+ // machine-readable deprecation result so tools/list stays honest and calls fail predictably.
2333
2306
  return {
2334
2307
  content: [{
2335
2308
  type: "text",
2336
2309
  text: JSON.stringify({
2337
- permitted: result.permitted,
2338
- checks: result.checks,
2339
- warnings: result.warnings,
2340
- blockedReason: result.blockedReason,
2310
+ permitted: false,
2311
+ error: 'commerce_preflight_moved_to_gateway',
2312
+ reason: 'Commerce preflight orchestration was removed from the SDK and MCP in agent-passport-system 3.3.0. Run the 6-gate preflight via the AEOESS gateway commerce endpoint.',
2313
+ gateway_endpoint: 'https://gateway.aeoess.com',
2314
+ sdk_note: 'The SDK still exports the pure gate predicates (checkPassportGate, checkScopeGate, checkSpendGate, checkMerchantGate, checkWalletGate) and signCommerceReceipt, so callers can compose preflight themselves.',
2341
2315
  }, null, 2),
2342
2316
  }],
2317
+ isError: true,
2343
2318
  };
2344
2319
  });
2345
2320
  server.tool("get_commerce_spend", "Get spend analytics for a commerce delegation.", {
@@ -2347,9 +2322,9 @@ server.tool("get_commerce_spend", "Get spend analytics for a commerce delegation
2347
2322
  delegation_id: z.string().describe("Commerce delegation ID"),
2348
2323
  spend_limit: z.number().describe("Total allowed spend"),
2349
2324
  }, async (args) => {
2350
- // Report spend recorded on the session delegation instead of always reporting 0. Same caveat
2351
- // as commerce_preflight: nothing in the MCP yet increments sessionDel.spentAmount (metering
2352
- // record path flagged for Tima), so this reflects whatever the session state holds.
2325
+ // Report spend recorded on the session delegation instead of always reporting 0. Caveat:
2326
+ // nothing in the MCP yet increments sessionDel.spentAmount (a metering record path is a
2327
+ // decision flagged for Tima), so this reflects whatever the session state holds.
2353
2328
  const sessionDel = state.delegations.get(args.delegation_id);
2354
2329
  const commerceDel = {
2355
2330
  ...createCommerceDelegation({
package/build/setup.js CHANGED
@@ -87,7 +87,7 @@ function setup() {
87
87
  console.log(JSON.stringify({ mcpServers: { "agent-passport": serverConfig } }, null, 2));
88
88
  }
89
89
  else {
90
- console.log(`\n Restart your AI client to activate Agent Passport (83 tools).`);
90
+ console.log(`\n Restart your AI client to activate Agent Passport (150 tools).`);
91
91
  console.log(` Then say: "Create an agent identity" or "Delegate authority"\n`);
92
92
  if (!useRemote) {
93
93
  console.log(` Tip: Use --remote for zero-install SSE mode: npx agent-passport-system-mcp setup --remote\n`);
package/package.json CHANGED
@@ -1,8 +1,8 @@
1
1
  {
2
2
  "name": "agent-passport-system-mcp",
3
- "version": "3.2.4",
3
+ "version": "3.3.1",
4
4
  "mcpName": "io.github.aeoess/agent-passport-mcp",
5
- "description": "MCP server for the Agent Passport System - protocol-layer tools only. 150 tools (132 protocol + 10 gateway deprecation stubs). Identity, delegation, reputation, attestation, coordination, commerce, attribution primitive, attribution settlement. Tracks SDK v2.9.0 (Wave 1 accountability primitives + Phase 4.1 payment rails shipped in SDK; MCP rail-tool exposure deferred). For gateway-runtime tools (ProxyGateway, AgentContext, DataEnforcementGate), use gateway.aeoess.com REST API or pin to v3.1.x.",
5
+ "description": "MCP server for the Agent Passport System - protocol-layer tools only. 150 tools (132 protocol + 10 gateway deprecation stubs). Identity, delegation, reputation, attestation, coordination, commerce, attribution primitive, attribution settlement. Tracks SDK v3.3.0 (Wave 1 accountability primitives + Phase 4.1 payment rails shipped in SDK; MCP rail-tool exposure deferred). For gateway-runtime tools (ProxyGateway, AgentContext, DataEnforcementGate), use gateway.aeoess.com REST API or pin to v3.1.x.",
6
6
  "type": "module",
7
7
  "bin": {
8
8
  "agent-passport-system-mcp": "./build/bin.js",
@@ -50,7 +50,7 @@
50
50
  "homepage": "https://github.com/aeoess/agent-passport-mcp",
51
51
  "dependencies": {
52
52
  "@modelcontextprotocol/sdk": "^1.27.1",
53
- "agent-passport-system": "^2.6.0-alpha",
53
+ "agent-passport-system": "^3.3.1",
54
54
  "zod": "^3.25.76"
55
55
  },
56
56
  "overrides": {