From 3fbb9a18372f2b6a675dd6c039ba52be76f3eeb4 Mon Sep 17 00:00:00 2001 From: TheSiahxyz <164138827+TheSiahxyz@users.noreply.github.com> Date: Fri, 16 Jan 2026 08:30:14 +0900 Subject: updates --- .../.claude/hooks/format-typescript.sh | 54 +++++++++++++ .../.claude/hooks/log-mcp-commands.sh | 83 +++++++++++++++++++ .../.claude/hooks/production-safety.sh | 92 ++++++++++++++++++++++ .../.claude/hooks/validate-token-config.sh | 67 ++++++++++++++++ 4 files changed, 296 insertions(+) create mode 100755 mcp-servers/token-gated-mcp-server/.claude/hooks/format-typescript.sh create mode 100755 mcp-servers/token-gated-mcp-server/.claude/hooks/log-mcp-commands.sh create mode 100755 mcp-servers/token-gated-mcp-server/.claude/hooks/production-safety.sh create mode 100755 mcp-servers/token-gated-mcp-server/.claude/hooks/validate-token-config.sh (limited to 'mcp-servers/token-gated-mcp-server/.claude/hooks') diff --git a/mcp-servers/token-gated-mcp-server/.claude/hooks/format-typescript.sh b/mcp-servers/token-gated-mcp-server/.claude/hooks/format-typescript.sh new file mode 100755 index 0000000..6e50d6b --- /dev/null +++ b/mcp-servers/token-gated-mcp-server/.claude/hooks/format-typescript.sh @@ -0,0 +1,54 @@ +#!/bin/bash + +# Hook script to format TypeScript files after editing +# Used in PostToolUse hooks for Edit/Write operations + +# Parse the input JSON +file_path=$(echo "$CLAUDE_HOOK_DATA" | jq -r '.tool_input.file_path // empty') + +# Exit if no file path +if [ -z "$file_path" ]; then + exit 0 +fi + +# Only process TypeScript/JavaScript files +if [[ "$file_path" =~ \.(ts|tsx|js|jsx)$ ]]; then + # Check if prettier is available + if command -v npx &> /dev/null && [ -f "package.json" ]; then + # Check if prettier is installed + if npm list prettier --depth=0 &>/dev/null || npm list -g prettier --depth=0 &>/dev/null; then + echo "🎨 Formatting $file_path with Prettier..." + npx prettier --write "$file_path" 2>/dev/null + + if [ $? -eq 0 ]; then + echo "✅ Formatted successfully" + else + echo "⚠ī¸ Prettier formatting failed (non-critical)" + fi + fi + fi + + # Additional validation for server files + if [[ "$file_path" =~ (server|index)\.(ts|js)$ ]]; then + # Check for token protection + if grep -q 'radius.protect' "$file_path" 2>/dev/null; then + echo "✅ Token protection detected in $file_path" + + # Count protected tools + tool_count=$(grep -c 'radius.protect' "$file_path" 2>/dev/null) + echo " Found $tool_count protected tool(s)" + fi + + # Check for proper FastMCP setup + if grep -q 'FastMCP' "$file_path" 2>/dev/null; then + echo "✅ FastMCP server configured" + fi + + # Warn about missing error handling + if ! grep -q 'try\|catch\|throw' "$file_path" 2>/dev/null; then + echo "⚠ī¸ Consider adding error handling to $file_path" + fi + fi +fi + +exit 0 \ No newline at end of file diff --git a/mcp-servers/token-gated-mcp-server/.claude/hooks/log-mcp-commands.sh b/mcp-servers/token-gated-mcp-server/.claude/hooks/log-mcp-commands.sh new file mode 100755 index 0000000..9b3d09e --- /dev/null +++ b/mcp-servers/token-gated-mcp-server/.claude/hooks/log-mcp-commands.sh @@ -0,0 +1,83 @@ +#!/bin/bash + +# Hook script to log MCP-related commands for debugging +# Used in PreToolUse hooks for Bash tool + +# Parse the command from input +command=$(echo "$CLAUDE_HOOK_DATA" | jq -r '.tool_input.command // empty') +description=$(echo "$CLAUDE_HOOK_DATA" | jq -r '.tool_input.description // "No description"') + +# Exit if no command +if [ -z "$command" ]; then + exit 0 +fi + +# Create log directory if it doesn't exist +LOG_DIR="$HOME/.claude/logs" +mkdir -p "$LOG_DIR" + +# Log file with date +LOG_FILE="$LOG_DIR/token-gate-$(date +%Y%m%d).log" + +# Timestamp for log entry +timestamp=$(date '+%Y-%m-%d %H:%M:%S') + +# Log FastMCP commands +if [[ "$command" == *"fastmcp"* ]]; then + echo "[$timestamp] FastMCP: $command - $description" >> "$LOG_FILE" + echo "🚀 Running FastMCP command..." + + # Provide helpful hints + if [[ "$command" == *"dev"* ]]; then + echo "💡 Tip: Use 'npx fastmcp inspect' for visual debugging" + fi +fi + +# Log ngrok commands +if [[ "$command" == *"ngrok"* ]]; then + echo "[$timestamp] ngrok: $command" >> "$LOG_FILE" + echo "🌐 Setting up ngrok tunnel..." + echo "💡 Remember to use the HTTPS URL with /mcp endpoint in claude.ai" +fi + +# Log npm/node commands related to MCP +if [[ "$command" == *"npm"* ]] || [[ "$command" == *"node"* ]] || [[ "$command" == *"tsx"* ]]; then + if [[ "$command" == *"radius"* ]] || [[ "$command" == *"mcp"* ]] || [[ "$command" == *"server"* ]]; then + echo "[$timestamp] MCP Server: $command" >> "$LOG_FILE" + fi +fi + +# Log token configuration checks +if [[ "$command" == *"EVMAUTH"* ]] || [[ "$command" == *"echo"* ]]; then + if [[ "$command" == *"CONTRACT"* ]] || [[ "$command" == *"CHAIN"* ]] || [[ "$command" == *"TOKEN"* ]]; then + echo "[$timestamp] Config Check: $command" >> "$LOG_FILE" + echo "🔍 Checking token configuration..." + fi +fi + +# Log RPC tests +if [[ "$command" == *"curl"* ]] && [[ "$command" == *"rpc"* ]]; then + echo "[$timestamp] RPC Test: $command" >> "$LOG_FILE" + echo "🔗 Testing RPC connection..." +fi + +# Security check - warn about potentially dangerous commands +if [[ "$command" == *"rm -rf"* ]] || [[ "$command" == *"sudo rm"* ]]; then + echo "⚠ī¸ DANGER: Destructive command detected!" + echo "[$timestamp] BLOCKED: $command" >> "$LOG_FILE" + exit 2 # Block the command +fi + +# Warn about npm publish in development +if [[ "$command" == *"npm publish"* ]]; then + echo "⚠ī¸ WARNING: About to publish to npm registry!" + echo " Ensure version is updated and changes are committed" + echo "[$timestamp] NPM Publish: $command" >> "$LOG_FILE" + + if [ "$NODE_ENV" != "production" ]; then + echo "❌ Blocking npm publish in non-production environment" + exit 2 + fi +fi + +exit 0 \ No newline at end of file diff --git a/mcp-servers/token-gated-mcp-server/.claude/hooks/production-safety.sh b/mcp-servers/token-gated-mcp-server/.claude/hooks/production-safety.sh new file mode 100755 index 0000000..34ed5fa --- /dev/null +++ b/mcp-servers/token-gated-mcp-server/.claude/hooks/production-safety.sh @@ -0,0 +1,92 @@ +#!/bin/bash + +# Hook script for production safety checks +# Used in Stop hooks to provide reminders and warnings + +# Check environment +env_mode="${NODE_ENV:-development}" +debug_mode="${DEBUG:-false}" +chain_id="${EVMAUTH_CHAIN_ID:-not_set}" + +# Production safety checks +if [ "$env_mode" = "production" ]; then + echo "🚨 PRODUCTION ENVIRONMENT DETECTED" + + # Check debug mode + if [ "$debug_mode" = "true" ]; then + echo "❌ CRITICAL: Debug mode is enabled in production!" + echo " Set DEBUG=false immediately" + fi + + # Verify mainnet configuration + if [ "$chain_id" = "1223953" ]; then + echo "⚠ī¸ Using Radius Testnet in production environment" + echo " Switch to mainnet configuration if deploying to production" + fi + + # Check for .env file + if [ -f ".env" ] && [ ! -f ".env.production" ]; then + echo "⚠ī¸ Using .env file - ensure production values are set" + fi +else + # Development environment reminders + echo "ℹī¸ Environment: $env_mode" + + if [ "$debug_mode" = "true" ]; then + echo "🔍 Debug mode enabled (OK for development)" + fi + + if [ "$chain_id" = "1223953" ]; then + echo "🔗 Using Radius Testnet (Chain ID: 1223953)" + fi +fi + +# Check for uncommitted changes +if command -v git &> /dev/null; then + if [ -d ".git" ]; then + uncommitted=$(git status --porcelain 2>/dev/null | wc -l) + if [ "$uncommitted" -gt 0 ]; then + echo "📝 You have $uncommitted uncommitted change(s)" + + # Check for changes to sensitive files + if git status --porcelain 2>/dev/null | grep -qE '\.env|private|secret|key'; then + echo "⚠ī¸ Sensitive files may have been modified - review before committing" + fi + fi + fi +fi + +# Token configuration summary +if [ "$EVMAUTH_CONTRACT_ADDRESS" ]; then + echo "🔐 Token Gate Active:" + echo " Contract: ${EVMAUTH_CONTRACT_ADDRESS:0:10}...${EVMAUTH_CONTRACT_ADDRESS: -8}" + echo " Token ID: ${EVMAUTH_TOKEN_ID:-1}" +fi + +# Server status check +if lsof -i :3000 &>/dev/null; then + echo "✅ MCP Server running on port 3000" +elif lsof -i :${PORT:-3000} &>/dev/null; then + echo "✅ MCP Server running on port ${PORT}" +fi + +# Final reminders based on recent activity +if [ -f "$HOME/.claude/logs/token-gate-$(date +%Y%m%d).log" ]; then + recent_fastmcp=$(grep -c "FastMCP" "$HOME/.claude/logs/token-gate-$(date +%Y%m%d).log" 2>/dev/null || echo 0) + recent_ngrok=$(grep -c "ngrok" "$HOME/.claude/logs/token-gate-$(date +%Y%m%d).log" 2>/dev/null || echo 0) + + if [ "$recent_fastmcp" -gt 0 ] || [ "$recent_ngrok" -gt 0 ]; then + echo "📊 Today's activity: $recent_fastmcp FastMCP commands, $recent_ngrok ngrok sessions" + fi +fi + +# Success message if everything looks good +all_good=true +[ "$env_mode" = "production" ] && [ "$debug_mode" = "true" ] && all_good=false +[ "$uncommitted" -gt 0 ] && all_good=false + +if [ "$all_good" = true ] && [ "$env_mode" != "production" ]; then + echo "✨ Development environment properly configured!" +fi + +exit 0 \ No newline at end of file diff --git a/mcp-servers/token-gated-mcp-server/.claude/hooks/validate-token-config.sh b/mcp-servers/token-gated-mcp-server/.claude/hooks/validate-token-config.sh new file mode 100755 index 0000000..f4c58bc --- /dev/null +++ b/mcp-servers/token-gated-mcp-server/.claude/hooks/validate-token-config.sh @@ -0,0 +1,67 @@ +#!/bin/bash + +# Hook script to validate token configuration in TypeScript files +# Used in PreToolUse hooks for Edit/Write operations + +# Parse the input JSON from CLAUDE_HOOK_DATA +file_path=$(echo "$CLAUDE_HOOK_DATA" | jq -r '.tool_input.file_path // empty') +content=$(echo "$CLAUDE_HOOK_DATA" | jq -r '.tool_input.content // .tool_input.new_string // ""') + +# Only process TypeScript files +if [[ ! "$file_path" =~ \.(ts|tsx)$ ]]; then + exit 0 +fi + +# Check if content contains token configuration +if echo "$content" | grep -qE 'contractAddress|chainId|tokenId|RadiusMcpSdk'; then + echo "🔐 Token configuration detected in $file_path" + + # Validate contract address format (0x + 40 hex chars) + if echo "$content" | grep -qE '0x[a-fA-F0-9]{40}'; then + echo "✅ Valid contract address format" + else + if echo "$content" | grep -qE 'contractAddress.*0x'; then + echo "⚠ī¸ Warning: Invalid contract address format detected" + echo " Contract addresses must be 0x followed by 40 hexadecimal characters" + fi + fi + + # Check for Radius Testnet configuration + if echo "$content" | grep -q '1223953'; then + echo "✅ Configured for Radius Testnet (Chain ID: 1223953)" + fi + + # Warn about debug mode + if echo "$content" | grep -qE 'debug:\s*true'; then + if [ "$NODE_ENV" = "production" ]; then + echo "❌ ERROR: Debug mode cannot be enabled in production!" + echo " Set debug: false or use process.env.NODE_ENV check" + exit 2 # Block the operation + else + echo "⚠ī¸ Warning: Debug mode is enabled - disable before production" + fi + fi + + # Check for hardcoded private keys (security check) + if echo "$content" | grep -qE '0x[a-fA-F0-9]{64}'; then + echo "🚨 SECURITY WARNING: Possible private key detected!" + echo " Never commit private keys to source control" + echo " Use environment variables instead" + # exit 2 # Uncomment to block operation if private key detected + fi + + # Validate token protection pattern + if echo "$content" | grep -q 'radius.protect'; then + echo "✅ Token protection implemented" + + # Check if __evmauth is in parameters + if echo "$content" | grep -q '__evmauth.*z\.any'; then + echo "✅ __evmauth parameter included in schema" + else + echo "⚠ī¸ Reminder: Include __evmauth in tool parameters:" + echo " __evmauth: z.any().optional()" + fi + fi +fi + +exit 0 \ No newline at end of file -- cgit v1.2.3