ubl_mcp/
lib.rs

1//! `ubl-mcp` — Secure Model Context Protocol for LogLine Agents
2//!
3//! MCP tools, but with a kernel: policy-first, audit-ready, and boringly predictable.
4//!
5//! This crate is a clean implementation of the Model Context Protocol (JSON-RPC 2.0)
6//! that routes every tool call through a policy gate. It's the "universal IO bus"
7//! for your agents — interop with the MCP ecosystem without giving the model a foot-gun.
8//!
9//! # Security Model
10//!
11//! ```text
12//! ┌─────────────┐     ┌──────────────┐     ┌──────────────┐     ┌─────────────┐
13//! │ Agent Brain ├────▶│ PolicyGate   ├────▶│ Transport    ├────▶│ MCP Server  │
14//! └─────────────┘     │ (permit/deny)│     │ (stdio/http) │     └──────┬──────┘
15//!                     └──────────────┘     └──────────────┘            │
16//!                            │                                         │
17//!                            ▼                                         ▼
18//!                     ┌──────────────┐                          ┌─────────────┐
19//!                     │ AuditSink    │                          │ Tool Result │
20//!                     │ (UBL Ledger) │                          └─────────────┘
21//!                     └──────────────┘
22//! ```
23//!
24//! 1. **Gate-before-IO**: tool calls are proposals → Gate decides Permit/Deny/Challenge
25//! 2. **Auditable**: every call (success, failure, or blocked) is recorded
26//! 3. **Schema-first**: tools declare their input schema (via schemars)
27//!
28//! # Example
29//!
30//! ```rust,no_run
31//! use ubl_mcp::{McpClient, ToolResult, gate::AllowAll, audit::NoAudit, client::MockEndpoint};
32//!
33//! # async fn example() -> Result<(), Box<dyn std::error::Error>> {
34//! let client = McpClient::new(AllowAll, NoAudit, MockEndpoint::with_text("hello"));
35//!
36//! let result = client
37//!     .tool("echo", serde_json::json!({"text": "hello"}))
38//!     .execute()
39//!     .await?;
40//!
41//! println!("Result: {:?}", result);
42//! # Ok(())
43//! # }
44//! ```
45//!
46//! # Features
47//!
48//! - `client` (default): MCP client with SecureToolCall
49//! - `server` (default): MCP server with schema-first tool registration
50//! - `transport-stdio` (default): stdio transport (line-delimited JSON)
51//! - `transport-http`: HTTP transport (optional)
52//! - `gate-tdln`: TDLN Gate integration (optional)
53//! - `audit`: UBL Ledger audit sink (optional)
54
55#![forbid(unsafe_code)]
56#![cfg_attr(docsrs, feature(doc_cfg))]
57
58mod protocol;
59pub mod gate;
60pub mod audit;
61
62#[cfg(feature = "client")]
63pub mod client;
64#[cfg(feature = "server")]
65pub mod server;
66#[cfg(feature = "transport-stdio")]
67pub mod transport;
68
69pub use protocol::*;
70
71#[cfg(feature = "client")]
72pub use client::{McpClient, MockEndpoint, RpcEndpoint, SecureToolCall};
73#[cfg(feature = "server")]
74pub use server::{McpServer, ServerBuilder};
75