z-zero-mcp-server 1.2.1 → 1.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/index.js +42 -4
  2. package/dist/version.d.ts +1 -1
  3. package/dist/version.js +4 -3
  4. package/dist/wdk_backend.js +2 -2
  5. package/package.json +2 -1
package/dist/index.js CHANGED
@@ -524,7 +524,46 @@ server.tool("set_api_key", "Activate a new Passport Key instantly, no restart ne
524
524
  .string()
525
525
  .describe("The new Passport Key to activate. Must start with 'zk_live_' or 'zk_test_'. Get from: https://www.clawcard.store/dashboard/agents"),
526
526
  }, async ({ api_key }) => {
527
- const result = (0, key_store_js_1.setPassportKey)(api_key);
527
+ // Step 1: Format validation
528
+ const trimmed = api_key.trim();
529
+ if (!trimmed.startsWith("zk_live_") && !trimmed.startsWith("zk_test_")) {
530
+ return {
531
+ content: [{ type: "text", text: `❌ Invalid key format — must start with "zk_live_" or "zk_test_".` }],
532
+ isError: true,
533
+ };
534
+ }
535
+ // Step 2: Validate new key against Dashboard API before swapping
536
+ const ZZERO_API = process.env.Z_ZERO_API_BASE || "https://www.clawcard.store";
537
+ try {
538
+ const resp = await fetch(`${ZZERO_API}/api/wdk/balance`, {
539
+ headers: {
540
+ "Authorization": `Bearer ${trimmed}`,
541
+ "x-mcp-version": version_js_2.CURRENT_MCP_VERSION,
542
+ },
543
+ signal: AbortSignal.timeout(8000),
544
+ });
545
+ if (resp.status === 401) {
546
+ return {
547
+ content: [{ type: "text", text: `❌ Key rejected by server — invalid or deactivated. Please check your key at https://www.clawcard.store/dashboard/agents` }],
548
+ isError: true,
549
+ };
550
+ }
551
+ // 426 = version outdated, but key itself could be valid — allow swap
552
+ if (!resp.ok && resp.status !== 426) {
553
+ return {
554
+ content: [{ type: "text", text: `❌ Could not validate key (server returned ${resp.status}). Try again later.` }],
555
+ isError: true,
556
+ };
557
+ }
558
+ }
559
+ catch (err) {
560
+ return {
561
+ content: [{ type: "text", text: `❌ Could not reach server to validate key: ${err?.message || 'timeout'}. Try again later.` }],
562
+ isError: true,
563
+ };
564
+ }
565
+ // Step 3: Swap key in RAM (old key is soft-revoked — just forgotten)
566
+ const result = (0, key_store_js_1.setPassportKey)(trimmed);
528
567
  if (!result.ok) {
529
568
  return {
530
569
  content: [{ type: "text", text: `❌ ${result.message}` }],
@@ -537,8 +576,8 @@ server.tool("set_api_key", "Activate a new Passport Key instantly, no restart ne
537
576
  text: JSON.stringify({
538
577
  status: "SUCCESS",
539
578
  message: `✅ ${result.message}`,
540
- active_key_prefix: api_key.slice(0, 12) + "...",
541
- note: "All subsequent API calls will use this key. No restart needed.",
579
+ active_key_prefix: trimmed.slice(0, 12) + "...",
580
+ note: "All subsequent API calls will use this key. Previous key removed from this session (soft revoke).",
542
581
  }, null, 2),
543
582
  }],
544
583
  };
@@ -555,7 +594,6 @@ server.tool("show_api_key_status", "Check if Passport Key is configured. Shows p
555
594
  text: JSON.stringify({
556
595
  configured: hasKey,
557
596
  key_prefix: hasKey ? key.slice(0, 12) + "..." : null,
558
- wallet_mode: process.env.Z_ZERO_WALLET_MODE || "custodial",
559
597
  note: hasKey
560
598
  ? "Key is active. Call set_api_key to update it."
561
599
  : "No key configured. Call set_api_key with your Passport Key from https://www.clawcard.store/dashboard/agents",
package/dist/version.d.ts CHANGED
@@ -1 +1 @@
1
- export declare const CURRENT_MCP_VERSION = "1.1.2";
1
+ export declare const CURRENT_MCP_VERSION: string;
package/dist/version.js CHANGED
@@ -1,6 +1,7 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.CURRENT_MCP_VERSION = void 0;
4
- // Single source of truth for MCP version
5
- // Imported by both index.ts and wdk_backend.ts to avoid circular dependency
6
- exports.CURRENT_MCP_VERSION = "1.1.2";
4
+ // Single source of truth: reads version from package.json at runtime
5
+ // No need to manually sync just run `npm version patch` and publish
6
+ // eslint-disable-next-line @typescript-eslint/no-var-requires
7
+ exports.CURRENT_MCP_VERSION = require("../package.json").version;
package/dist/wdk_backend.js CHANGED
@@ -48,7 +48,7 @@ async function apiRequest(endpoint, method = 'GET', body = null) {
48
48
  });
49
49
  if (!res.ok) {
50
50
  const err = await res.json().catch(() => ({ error: res.statusText }));
51
- return { error: "API_ERROR", message: err.error || res.statusText };
51
+ return { error: err.error || "API_ERROR", message: err.message || err.error || res.statusText };
52
52
  }
53
53
  return await res.json();
54
54
  }
@@ -74,7 +74,7 @@ async function internalApiRequest(endpoint, method, body) {
74
74
  });
75
75
  if (!res.ok) {
76
76
  const err = await res.json().catch(() => ({ error: res.statusText }));
77
- return { error: "API_ERROR", message: err.error || res.statusText };
77
+ return { error: err.error || "API_ERROR", message: err.message || err.error || res.statusText };
78
78
  }
79
79
  return await res.json();
80
80
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "z-zero-mcp-server",
3
- "version": "1.2.1",
3
+ "version": "1.2.3",
4
4
  "description": "Z-ZERO MCP Server — Secure JIT Virtual Card Payment tools for AI Agents (Claude, Cursor, AutoGPT) — Real Single-Use Visa Cards",
5
5
  "main": "dist/index.js",
6
6
  "bin": "dist/index.js",
@@ -8,6 +8,7 @@
8
8
  "build": "tsc",
9
9
  "start": "node dist/index.js",
10
10
  "dev": "npx tsx src/index.ts",
11
+ "prepublishOnly": "npm run build",
11
12
  "postinstall": "echo 'IMPORTANT: Run \"npx playwright install chromium\" to enable automated checkouts.'"
12
13
  },
13
14
  "keywords": [