Skip to main content

SigilMcpServer

sigil_protocol::mcp_server

Struct SigilMcpServer 

Source 
pub struct SigilMcpServer<S: SensitivityScanner, A: AuditLogger> { /* private fields */ }
Expand description

A reference SIGIL-secured MCP server.

Wraps any set of tools with:

  • Input scanning — tool arguments are scanned for secrets before execution
  • Output scanning — tool results are scanned for secrets before returning
  • Audit logging — every tool invocation is logged
  • Trust gating — tools can require a minimum trust level
  • SIGIL signing — every response carries a signed _sigil envelope

Implementations§

Source§

impl<S: SensitivityScanner, A: AuditLogger> SigilMcpServer<S, A>

Source

pub fn new(name: &str, version: &str, scanner: Arc<S>, audit: Arc<A>) -> Self

Create a new SIGIL MCP server (no signing keypair — dev mode).

Source

pub fn new_with_keypair( name: &str, version: &str, scanner: Arc<S>, audit: Arc<A>, keypair: SigilKeypair, did: &str, ) -> Self

Create a server with a signing keypair (production mode).

Source

pub fn verifying_key(&self) -> Option<String>

Returns the server’s public verifying key (base64url), if a keypair is set.

Source

pub fn set_required_trust(&mut self, level: TrustLevel)

Set the minimum trust level for the entire server.

Source

pub fn register_tool(&mut self, tool: ToolDef)

Register a tool.

Source

pub fn register_tool_with_trust(&mut self, tool: ToolDef, trust: TrustLevel)

Register a tool with a specific trust requirement.

Source

pub async fn handle_request( &self, request: &str, caller_trust: TrustLevel, ) -> String

Handle an incoming JSON-RPC 2.0 request string.

Returns the JSON-RPC response string. All tool arguments and results are scanned by the SIGIL SensitivityScanner, and every invocation is logged via the AuditLogger.

Auto Trait Implementations§

§

impl<S, A> Freeze for SigilMcpServer<S, A>

§

impl<S, A> !RefUnwindSafe for SigilMcpServer<S, A>

§

impl<S, A> Send for SigilMcpServer<S, A>

§

impl<S, A> Sync for SigilMcpServer<S, A>

§

impl<S, A> Unpin for SigilMcpServer<S, A>

§

impl<S, A> UnsafeUnpin for SigilMcpServer<S, A>

§

impl<S, A> !UnwindSafe for SigilMcpServer<S, A>

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.