qring-mcp

Overview Schema Related Servers Score Discussions

teleport_unpack

Decrypt and import secrets from encrypted bundles into a quantum-inspired secret manager, preventing plaintext .env leaks by anchoring keys to OS-native vaults.

Instructions

Decrypt and import secrets from a teleport bundle.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`bundle`	Yes	Base64-encoded encrypted bundle
`passphrase`	Yes	Decryption passphrase
`scope`	No	Scope: global or project	global
`projectPath`	No	Project root path for project-scoped secrets
`dryRun`	No	Preview without importing

Implementation Reference

src/mcp/server.ts:730-765 (handler)

Registration of the "teleport_unpack" tool, including its schema and handler logic calling the core decrypt function.

server.tool(
  "teleport_unpack",
  "Decrypt and import secrets from a teleport bundle.",
  {
    bundle: z.string().describe("Base64-encoded encrypted bundle"),
    passphrase: z.string().describe("Decryption passphrase"),
    scope: scopeSchema.default("global"),
    projectPath: projectPathSchema,
    dryRun: z
      .boolean()
      .optional()
      .default(false)
      .describe("Preview without importing"),
  },
  async (params) => {
    try {
      const payload = teleportUnpack(params.bundle, params.passphrase);

      if (params.dryRun) {
        const preview = payload.secrets
          .map((s) => `${s.key} [${s.scope ?? "global"}]`)
          .join("\n");
        return text(`Would import ${payload.secrets.length} secrets:\n${preview}`);
      }

      const o = opts(params);
      for (const s of payload.secrets) {
        setSecret(s.key, s.value, o);
      }

      return text(`Imported ${payload.secrets.length} secret(s) from teleport bundle`);
    } catch {
      return text("Failed to unpack: wrong passphrase or corrupted bundle", true);
    }
  },
);

src/core/teleport.ts:90-116 (handler)

Actual implementation of the secret decryption and unpacking logic.

export function teleportUnpack(
  encoded: string,
  passphrase: string,
): TeleportPayload {
  const bundleJson = Buffer.from(encoded, "base64").toString("utf8");
  const bundle: TeleportBundle = JSON.parse(bundleJson);

  if (bundle.v !== 1) {
    throw new Error(`Unsupported teleport bundle version: ${bundle.v}`);
  }

  const salt = Buffer.from(bundle.salt, "base64");
  const iv = Buffer.from(bundle.iv, "base64");
  const tag = Buffer.from(bundle.tag, "base64");
  const encrypted = Buffer.from(bundle.data, "base64");
  const key = deriveKey(passphrase, salt);

  const decipher = createDecipheriv(ALGORITHM, key, iv);
  decipher.setAuthTag(tag);

  const decrypted = Buffer.concat([
    decipher.update(encrypted),
    decipher.final(),
  ]);

  return JSON.parse(decrypted.toString("utf8"));
}

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/I4cTime/quantum_ring'

If you have feedback or need assistance with the MCP directory API, please join our Discord server