npm - soulprint-mcp - Versions diffs - 0.1.0 - Mend

soulprint-mcp 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,79 @@
+import { SoulprintToken, TrustLevel, CredentialType } from "soulprint-core";
+export interface SoulprintOptions {
+    /** Trust score minimum (0-100). Default: 40 */
+    minScore?: number;
+    /** Required trust level. If set, overrides minScore for level check. */
+    minLevel?: TrustLevel;
+    /** Required credentials. All must be present. */
+    require?: CredentialType | CredentialType[];
+    /** Custom rejection message */
+    rejectMessage?: string;
+    /** Called when a valid token is found (for logging, analytics, etc.) */
+    onVerified?: (token: SoulprintToken) => void;
+    /** Called when a request is rejected */
+    onRejected?: (reason: string) => void;
+}
+export declare function verifySPT(spt: string | undefined | null, opts?: SoulprintOptions): {
+    allowed: boolean;
+    token?: SoulprintToken;
+    reason?: string;
+};
+/**
+ * soulprint() — MCP middleware for identity verification.
+ *
+ * USAGE (MCP Server SDK):
+ *
+ * ```typescript
+ * import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+ * import { soulprint } from "soulprint-mcp";
+ *
+ * const server = new McpServer({ name: "my-server", version: "1.0" });
+ * server.use(soulprint({ minScore: 60 }));
+ * ```
+ *
+ * The token is read from the MCP client's capabilities:
+ * ```json
+ * { "capabilities": { "identity": { "soulprint": "<SPT>" } } }
+ * ```
+ *
+ * Or from the HTTP header: X-Soulprint: <SPT>
+ */
+export declare function soulprint(opts?: SoulprintOptions): {
+    onCallTool(context: MCPContext, next: () => Promise<any>): Promise<any>;
+};
+/**
+ * verifyRequest() — verify a Soulprint token from any MCP request object.
+ * Use this if you prefer manual verification over middleware.
+ *
+ * ```typescript
+ * const identity = verifyRequest(request, { minScore: 60 });
+ * if (!identity) return { error: "Unverified bot" };
+ * console.log(identity.score, identity.nullifier);
+ * ```
+ */
+export declare function verifyRequest(request: {
+    meta?: any;
+    clientCapabilities?: any;
+}, opts?: SoulprintOptions): SoulprintToken | null;
+/**
+ * getSoulprint() — get the verified token from context (after middleware ran).
+ *
+ * ```typescript
+ * server.tool("my-tool", async (args, context) => {
+ *   const identity = getSoulprint(context);
+ *   console.log(identity.nullifier); // unique per human
+ * });
+ * ```
+ */
+export declare function getSoulprint(context: any): SoulprintToken | undefined;
+interface MCPContext {
+    clientCapabilities?: {
+        identity?: {
+            soulprint?: string;
+        };
+    };
+    meta?: {
+        headers?: Record<string, string>;
+    };
+}
+export { decodeToken, SoulprintToken, TrustLevel, CredentialType } from "soulprint-core";

package/dist/index.js ADDED Viewed

@@ -0,0 +1,149 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.decodeToken = void 0;
+exports.verifySPT = verifySPT;
+exports.soulprint = soulprint;
+exports.verifyRequest = verifyRequest;
+exports.getSoulprint = getSoulprint;
+const soulprint_core_1 = require("soulprint-core");
+const LEVEL_SCORES = {
+    Unverified: 0,
+    EmailVerified: 10,
+    PhoneVerified: 25,
+    KYCLite: 45,
+    KYCFull: 80,
+};
+// ── Core verification logic ───────────────────────────────────────────────────
+function verifySPT(spt, opts = {}) {
+    if (!spt) {
+        const r = { allowed: false, reason: "No Soulprint token provided" };
+        opts.onRejected?.(r.reason);
+        return r;
+    }
+    const token = (0, soulprint_core_1.decodeToken)(spt);
+    if (!token) {
+        const r = { allowed: false, reason: "Invalid or expired Soulprint token" };
+        opts.onRejected?.(r.reason);
+        return r;
+    }
+    const minScore = opts.minScore ?? 40;
+    if (token.score < minScore) {
+        const r = { allowed: false, reason: `Trust score too low: ${token.score} < ${minScore}` };
+        opts.onRejected?.(r.reason);
+        return r;
+    }
+    if (opts.minLevel) {
+        const required = LEVEL_SCORES[opts.minLevel] ?? 0;
+        const actual = LEVEL_SCORES[token.level] ?? 0;
+        if (actual < required) {
+            const r = { allowed: false, reason: `Trust level too low: ${token.level} < ${opts.minLevel}` };
+            opts.onRejected?.(r.reason);
+            return r;
+        }
+    }
+    if (opts.require) {
+        const required = Array.isArray(opts.require) ? opts.require : [opts.require];
+        const missing = required.filter(c => !token.credentials.includes(c));
+        if (missing.length > 0) {
+            const r = { allowed: false, reason: `Missing credentials: ${missing.join(", ")}` };
+            opts.onRejected?.(r.reason);
+            return r;
+        }
+    }
+    opts.onVerified?.(token);
+    return { allowed: true, token };
+}
+// ── MCP Middleware ────────────────────────────────────────────────────────────
+/**
+ * soulprint() — MCP middleware for identity verification.
+ *
+ * USAGE (MCP Server SDK):
+ *
+ * ```typescript
+ * import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+ * import { soulprint } from "soulprint-mcp";
+ *
+ * const server = new McpServer({ name: "my-server", version: "1.0" });
+ * server.use(soulprint({ minScore: 60 }));
+ * ```
+ *
+ * The token is read from the MCP client's capabilities:
+ * ```json
+ * { "capabilities": { "identity": { "soulprint": "<SPT>" } } }
+ * ```
+ *
+ * Or from the HTTP header: X-Soulprint: <SPT>
+ */
+function soulprint(opts = {}) {
+    return {
+        // MCP SDK hook — called before each tool invocation
+        async onCallTool(context, next) {
+            const spt = extractSPT(context);
+            const result = verifySPT(spt, opts);
+            if (!result.allowed) {
+                opts.onRejected?.(result.reason);
+                throw new MCPError(opts.rejectMessage ?? `Soulprint identity required: ${result.reason}`, "FORBIDDEN", { minScore: opts.minScore ?? 40, require: opts.require });
+            }
+            opts.onVerified?.(result.token);
+            // Attach token to context for downstream use
+            context._soulprint = result.token;
+            return next();
+        },
+    };
+}
+function extractSPT(context) {
+    // 1. From MCP capabilities
+    const cap = context?.clientCapabilities?.identity?.soulprint;
+    if (cap)
+        return cap;
+    // 2. From meta/headers
+    const headers = context?.meta?.headers;
+    if (headers?.["x-soulprint"])
+        return headers["x-soulprint"];
+    if (headers?.["X-Soulprint"])
+        return headers["X-Soulprint"];
+    return undefined;
+}
+// ── Standalone verifier ───────────────────────────────────────────────────────
+/**
+ * verifyRequest() — verify a Soulprint token from any MCP request object.
+ * Use this if you prefer manual verification over middleware.
+ *
+ * ```typescript
+ * const identity = verifyRequest(request, { minScore: 60 });
+ * if (!identity) return { error: "Unverified bot" };
+ * console.log(identity.score, identity.nullifier);
+ * ```
+ */
+function verifyRequest(request, opts = {}) {
+    const spt = extractSPT(request);
+    const result = verifySPT(spt, opts);
+    return result.allowed ? result.token : null;
+}
+// ── Helper: get token from current MCP context ────────────────────────────────
+/**
+ * getSoulprint() — get the verified token from context (after middleware ran).
+ *
+ * ```typescript
+ * server.tool("my-tool", async (args, context) => {
+ *   const identity = getSoulprint(context);
+ *   console.log(identity.nullifier); // unique per human
+ * });
+ * ```
+ */
+function getSoulprint(context) {
+    return context?._soulprint;
+}
+class MCPError extends Error {
+    code;
+    details;
+    constructor(message, code, details) {
+        super(message);
+        this.name = "MCPError";
+        this.code = code;
+        this.details = details;
+    }
+}
+// ── Re-exports ────────────────────────────────────────────────────────────────
+var soulprint_core_2 = require("soulprint-core");
+Object.defineProperty(exports, "decodeToken", { enumerable: true, get: function () { return soulprint_core_2.decodeToken; } });

package/package.json ADDED Viewed

@@ -0,0 +1,51 @@
+{
+  "name": "soulprint-mcp",
+  "version": "0.1.0",
+  "description": "Soulprint MCP middleware — protect any MCP server with 3 lines: server.use(soulprint({ minScore: 60 }))",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/manuelariasfz/soulprint",
+    "directory": "packages/mcp"
+  },
+  "homepage": "https://github.com/manuelariasfz/soulprint#readme",
+  "keywords": [
+    "soulprint",
+    "mcp",
+    "model-context-protocol",
+    "kyc",
+    "middleware",
+    "ai-agents",
+    "identity"
+  ],
+  "license": "MIT",
+  "dependencies": {
+    "soulprint-core": "0.1.0"
+  },
+  "peerDependencies": {
+    "@modelcontextprotocol/sdk": ">=1.0.0"
+  },
+  "peerDependenciesMeta": {
+    "@modelcontextprotocol/sdk": {
+      "optional": true
+    }
+  },
+  "devDependencies": {
+    "typescript": "^5.4.0",
+    "@types/node": "^20.0.0"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "scripts": {
+    "build": "tsc"
+  }
+}