moss-mcp 0.1.0__tar.gz

moss_mcp-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 MOSS Computing
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

moss_mcp-0.1.0/PKG-INFO

@@ -0,0 +1,137 @@
+Metadata-Version: 2.4
+Name: moss-mcp
+Version: 0.1.0
+Summary: MOSS integration for Model Context Protocol (MCP) - Protocol-level governance for AI agent tools
+Project-URL: Homepage, https://mosscomputing.com
+Project-URL: Documentation, https://docs.mosscomputing.com/sdks/mcp
+Project-URL: Repository, https://github.com/mosscomputing/moss-mcp
+Project-URL: Issues, https://github.com/mosscomputing/moss-mcp/issues
+Author-email: MOSS Computing <support@mosscomputing.com>
+License-Expression: MIT
+License-File: LICENSE
+Keywords: agent-security,ai-governance,compliance,cryptographic-signing,mcp,ml-dsa-44,model-context-protocol,moss
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Security :: Cryptography
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Requires-Python: >=3.9
+Requires-Dist: httpx>=0.24.0
+Provides-Extra: dev
+Requires-Dist: pytest-asyncio>=0.21.0; extra == 'dev'
+Requires-Dist: pytest>=7.0.0; extra == 'dev'
+Description-Content-Type: text/markdown
+
+# moss-mcp
+
+Protocol-level governance for Model Context Protocol (MCP) using ML-DSA-44 post-quantum cryptography.
+
+## Overview
+
+MOSS MCP integration signs ALL MCP tool calls with NIST FIPS 204 post-quantum cryptography. By intercepting at the MCP transport layer, MOSS governs every tool invocation regardless of the agent framework.
+
+| Approach | Coverage | Bypassable? |
+|----------|----------|-------------|
+| Framework SDKs | Per-framework | Yes |
+| **MCP Integration** | **All tools** | **No** |
+
+## Installation
+
+```bash
+pip install moss-mcp
+```
+
+## Quick Start
+
+```python
+from mcp import Client
+from moss_mcp import wrap_mcp_client
+
+# Wrap MCP client - all tool calls are now signed
+moss_client = wrap_mcp_client(client, agent_id="my-agent")
+
+# Use normally - signing happens automatically
+result = await moss_client.call_tool("send_email", {
+    "to": "user@example.com",
+    "body": "Hello"
+})
+```
+
+## Integration Options
+
+### Option 1: Client Wrapper
+
+```python
+from moss_mcp import wrap_mcp_client
+moss_client = wrap_mcp_client(client, agent_id="my-agent")
+```
+
+### Option 2: MCP Server
+
+```python
+from moss_mcp import MOSSMCPServer
+
+server = MOSSMCPServer(agent_id="email-service")
+
+@server.tool()
+async def send_email(to: str, body: str) -> str:
+    return f"Sent to {to}"
+```
+
+### Option 3: Middleware
+
+```python
+from moss_mcp import MOSSMCPMiddleware
+
+middleware = MOSSMCPMiddleware(
+    agent_id="my-service",
+    block_on_policy_violation=True,
+)
+```
+
+## Configuration
+
+| Variable | Description | Default |
+|----------|-------------|---------|
+| `MOSS_API_KEY` | Enterprise API key | None (local mode) |
+| `MOSS_API_URL` | API endpoint | `https://api.mosscomputing.com` |
+
+## Policy Enforcement
+
+```python
+from moss_mcp.server import PolicyViolationError
+
+try:
+    await moss_client.call_tool("execute_trade", {"amount": 1000000})
+except PolicyViolationError as e:
+    print(f"Blocked: {e.reason}")
+```
+
+## Causal Chaining
+
+```python
+result1 = await sign_tool_request_async("analyze_data", {...}, agent_id="agent-1")
+
+result2 = await sign_tool_request_async(
+    "make_decision",
+    {...},
+    agent_id="agent-2",
+    parent_sig=result1.signature_id
+)
+```
+
+## Links
+
+- [Documentation](https://docs.mosscomputing.com/sdks/mcp)
+- [API Reference](https://api.mosscomputing.com/docs)
+- [Dashboard](https://app.mosscomputing.com)
+- [MCP Specification](https://modelcontextprotocol.io)
+
+## License
+
+MIT License - see [LICENSE](LICENSE) for details.

moss_mcp-0.1.0/README.md

@@ -0,0 +1,108 @@
+# moss-mcp
+
+Protocol-level governance for Model Context Protocol (MCP) using ML-DSA-44 post-quantum cryptography.
+
+## Overview
+
+MOSS MCP integration signs ALL MCP tool calls with NIST FIPS 204 post-quantum cryptography. By intercepting at the MCP transport layer, MOSS governs every tool invocation regardless of the agent framework.
+
+| Approach | Coverage | Bypassable? |
+|----------|----------|-------------|
+| Framework SDKs | Per-framework | Yes |
+| **MCP Integration** | **All tools** | **No** |
+
+## Installation
+
+```bash
+pip install moss-mcp
+```
+
+## Quick Start
+
+```python
+from mcp import Client
+from moss_mcp import wrap_mcp_client
+
+# Wrap MCP client - all tool calls are now signed
+moss_client = wrap_mcp_client(client, agent_id="my-agent")
+
+# Use normally - signing happens automatically
+result = await moss_client.call_tool("send_email", {
+    "to": "user@example.com",
+    "body": "Hello"
+})
+```
+
+## Integration Options
+
+### Option 1: Client Wrapper
+
+```python
+from moss_mcp import wrap_mcp_client
+moss_client = wrap_mcp_client(client, agent_id="my-agent")
+```
+
+### Option 2: MCP Server
+
+```python
+from moss_mcp import MOSSMCPServer
+
+server = MOSSMCPServer(agent_id="email-service")
+
+@server.tool()
+async def send_email(to: str, body: str) -> str:
+    return f"Sent to {to}"
+```
+
+### Option 3: Middleware
+
+```python
+from moss_mcp import MOSSMCPMiddleware
+
+middleware = MOSSMCPMiddleware(
+    agent_id="my-service",
+    block_on_policy_violation=True,
+)
+```
+
+## Configuration
+
+| Variable | Description | Default |
+|----------|-------------|---------|
+| `MOSS_API_KEY` | Enterprise API key | None (local mode) |
+| `MOSS_API_URL` | API endpoint | `https://api.mosscomputing.com` |
+
+## Policy Enforcement
+
+```python
+from moss_mcp.server import PolicyViolationError
+
+try:
+    await moss_client.call_tool("execute_trade", {"amount": 1000000})
+except PolicyViolationError as e:
+    print(f"Blocked: {e.reason}")
+```
+
+## Causal Chaining
+
+```python
+result1 = await sign_tool_request_async("analyze_data", {...}, agent_id="agent-1")
+
+result2 = await sign_tool_request_async(
+    "make_decision",
+    {...},
+    agent_id="agent-2",
+    parent_sig=result1.signature_id
+)
+```
+
+## Links
+
+- [Documentation](https://docs.mosscomputing.com/sdks/mcp)
+- [API Reference](https://api.mosscomputing.com/docs)
+- [Dashboard](https://app.mosscomputing.com)
+- [MCP Specification](https://modelcontextprotocol.io)
+
+## License
+
+MIT License - see [LICENSE](LICENSE) for details.

moss_mcp-0.1.0/moss_mcp/__init__.py

@@ -0,0 +1,59 @@
+"""
+MOSS MCP Integration - Protocol-Level Governance for Model Context Protocol
+
+This package provides MOSS signing at the MCP transport layer, enabling
+governance of ALL tool calls regardless of the agent framework.
+
+MCP (Model Context Protocol) is Anthropic's standard for agent-to-tool
+communication. By intercepting at this layer, MOSS governs every tool
+invocation with cryptographic signatures and policy enforcement.
+
+Quick Start:
+    from moss_mcp import MOSSMCPServer, wrap_mcp_client
+    
+    # Server-side: Wrap your MCP server
+    server = MOSSMCPServer(
+        agent_id="my-agent",
+        wrapped_server=your_mcp_server,
+    )
+    
+    # Client-side: Wrap MCP client calls
+    client = wrap_mcp_client(your_mcp_client, agent_id="my-agent")
+    result = await client.call_tool("weather", {"city": "SF"})
+    # Tool call is signed before execution, result signed after
+
+Why MCP-Level Governance:
+    - Framework-agnostic: Works with LangChain, LangGraph, AutoGen, any MCP client
+    - Protocol-level: Governs ALL tools, not just the ones you remember to wrap
+    - Non-bypassable: Agents can't skip signing without losing tool access
+    - Future-proof: As MCP becomes standard, MOSS is already there
+
+Architecture:
+    Agent -> MCP Client -> MOSS Signing -> MCP Server -> Tool
+                                |
+                                v
+                          MOSS API (policies, audit, evidence)
+"""
+
+__version__ = "0.1.0"
+
+from .server import MOSSMCPServer
+from .client import wrap_mcp_client, MOSSMCPClient
+from .signing import (
+    sign_tool_request,
+    sign_tool_response,
+    sign_resource_access,
+    verify_signed_request,
+)
+from .middleware import MOSSMCPMiddleware
+
+__all__ = [
+    "MOSSMCPServer",
+    "MOSSMCPClient",
+    "wrap_mcp_client",
+    "sign_tool_request",
+    "sign_tool_response",
+    "sign_resource_access",
+    "verify_signed_request",
+    "MOSSMCPMiddleware",
+]

moss_mcp-0.1.0/moss_mcp/client.py

@@ -0,0 +1,216 @@
+"""
+MOSS MCP Client Wrapper
+
+Wraps MCP client calls to add MOSS signing transparently.
+This is the client-side integration point.
+"""
+
+import asyncio
+from typing import Any, Dict, Optional, TypeVar
+from dataclasses import dataclass
+import logging
+
+from .signing import (
+    sign_tool_request_async,
+    sign_tool_response_async,
+    MCPSignResult,
+)
+
+logger = logging.getLogger(__name__)
+
+T = TypeVar("T")
+
+
+@dataclass
+class MOSSMCPClientConfig:
+    """Configuration for MOSS MCP Client."""
+    agent_id: str
+    sign_requests: bool = True
+    sign_responses: bool = True
+    block_on_policy_violation: bool = True
+    context: Dict[str, Any] = None
+    
+    def __post_init__(self):
+        if self.context is None:
+            self.context = {}
+
+
+class MOSSMCPClient:
+    """
+    MOSS-enabled MCP Client wrapper.
+    
+    Wraps any MCP client to add cryptographic signing to all tool calls.
+    
+    Example:
+        from mcp import Client
+        from moss_mcp import MOSSMCPClient
+        
+        # Your existing MCP client
+        mcp_client = Client(...)
+        
+        # Wrap with MOSS
+        moss_client = MOSSMCPClient(
+            agent_id="my-agent",
+            wrapped_client=mcp_client,
+        )
+        
+        # All tool calls now go through MOSS
+        result = await moss_client.call_tool("weather", {"city": "SF"})
+    """
+    
+    def __init__(
+        self,
+        agent_id: str,
+        wrapped_client: Any,
+        *,
+        sign_requests: bool = True,
+        sign_responses: bool = True,
+        block_on_policy_violation: bool = True,
+        context: Optional[Dict[str, Any]] = None,
+    ):
+        self.config = MOSSMCPClientConfig(
+            agent_id=agent_id,
+            sign_requests=sign_requests,
+            sign_responses=sign_responses,
+            block_on_policy_violation=block_on_policy_violation,
+            context=context,
+        )
+        self.wrapped_client = wrapped_client
+        self._signatures: Dict[str, MCPSignResult] = {}
+    
+    async def call_tool(
+        self,
+        name: str,
+        arguments: Dict[str, Any],
+        *,
+        context: Optional[Dict[str, Any]] = None,
+    ) -> Any:
+        """
+        Call a tool through the wrapped MCP client with MOSS signing.
+        
+        Args:
+            name: Tool name
+            arguments: Tool arguments
+            context: Additional context for signing
+        
+        Returns:
+            Tool result from the MCP server
+        
+        Raises:
+            PolicyViolationError: If MOSS policy blocks the request
+        """
+        merged_context = {**self.config.context, **(context or {})}
+        
+        # Step 1: Sign request
+        request_sig = None
+        if self.config.sign_requests:
+            request_result = await sign_tool_request_async(
+                tool_name=name,
+                arguments=arguments,
+                agent_id=self.config.agent_id,
+                context=merged_context,
+            )
+            
+            self._signatures[f"request:{name}:{request_result.signature_id}"] = request_result
+            request_sig = request_result.signature_id
+            
+            if request_result.blocked and self.config.block_on_policy_violation:
+                from .server import PolicyViolationError
+                raise PolicyViolationError(
+                    tool=name,
+                    reason=request_result.block_reason or "Policy violation",
+                    signature_id=request_result.signature_id,
+                )
+            
+            logger.debug(f"MOSS: Signed tool request {name} -> {request_sig}")
+        
+        # Step 2: Call wrapped client
+        result = await self._call_wrapped(name, arguments)
+        
+        # Step 3: Sign response
+        if self.config.sign_responses:
+            response_result = await sign_tool_response_async(
+                tool_name=name,
+                result=result,
+                agent_id=self.config.agent_id,
+                request_sig=request_sig,
+                context=merged_context,
+            )
+            
+            self._signatures[f"response:{name}:{response_result.signature_id}"] = response_result
+            logger.debug(f"MOSS: Signed tool response {name} -> {response_result.signature_id}")
+        
+        return result
+    
+    async def _call_wrapped(self, name: str, arguments: Dict[str, Any]) -> Any:
+        """Call the wrapped MCP client."""
+        if hasattr(self.wrapped_client, "call_tool"):
+            method = self.wrapped_client.call_tool
+            if asyncio.iscoroutinefunction(method):
+                return await method(name, arguments)
+            else:
+                return method(name, arguments)
+        elif hasattr(self.wrapped_client, "tools") and hasattr(self.wrapped_client.tools, "call"):
+            # Some MCP clients use client.tools.call()
+            method = self.wrapped_client.tools.call
+            if asyncio.iscoroutinefunction(method):
+                return await method(name, arguments)
+            else:
+                return method(name, arguments)
+        else:
+            raise AttributeError(
+                f"Wrapped client {type(self.wrapped_client)} does not have call_tool method"
+            )
+    
+    def get_signatures(self) -> Dict[str, MCPSignResult]:
+        """Get all signatures from this session."""
+        return self._signatures.copy()
+    
+    def __getattr__(self, name: str) -> Any:
+        """Proxy all other attributes to wrapped client."""
+        return getattr(self.wrapped_client, name)
+
+
+def wrap_mcp_client(
+    client: Any,
+    agent_id: str,
+    *,
+    sign_requests: bool = True,
+    sign_responses: bool = True,
+    block_on_policy_violation: bool = True,
+    context: Optional[Dict[str, Any]] = None,
+) -> MOSSMCPClient:
+    """
+    Wrap an MCP client with MOSS signing.
+    
+    This is the simplest way to add MOSS governance to an existing MCP client.
+    
+    Args:
+        client: Any MCP client instance
+        agent_id: Identifier for the agent using this client
+        sign_requests: Sign tool requests before execution
+        sign_responses: Sign tool responses after execution
+        block_on_policy_violation: Raise error if policy blocks
+        context: Default context for all calls
+    
+    Returns:
+        MOSSMCPClient wrapper
+    
+    Example:
+        from mcp import Client
+        from moss_mcp import wrap_mcp_client
+        
+        client = Client(...)
+        moss_client = wrap_mcp_client(client, agent_id="my-agent")
+        
+        # Use moss_client.call_tool() - all calls are signed
+        result = await moss_client.call_tool("weather", {"city": "SF"})
+    """
+    return MOSSMCPClient(
+        agent_id=agent_id,
+        wrapped_client=client,
+        sign_requests=sign_requests,
+        sign_responses=sign_responses,
+        block_on_policy_violation=block_on_policy_violation,
+        context=context,
+    )