aip-identity

Instructions

Implementation Reference

• aip_mcp_server/server.py:179-228 (handler)

  The 'aip_send_message' tool is defined and registered as an MCP tool using the @mcp.tool() decorator. It handles recipient lookup, message encryption, and transmission.

  @mcp.tool()
  def aip_send_message(recipient_did: str, message: str) -> dict:
      """Send an encrypted message to another agent.
  
      Args:
          recipient_did: The DID of the recipient agent
          message: The message text to send
      """
      import requests
  
      client = _load_client()
  
      # Fetch recipient's public key
      resp = requests.get(
          f"{client.service_url}/admin/registrations/{recipient_did}", timeout=10
      )
      if not resp.ok:
          return {"sent": False, "error": f"Could not find recipient: {recipient_did}"}
  
      pub_key_b64 = resp.json()["registration"]["public_key"]
  
      try:
          from nacl.signing import VerifyKey
          from nacl.public import SealedBox
  
          vk = VerifyKey(base64.b64decode(pub_key_b64))
          box = SealedBox(vk.to_curve25519_public_key())
          encrypted_b64 = base64.b64encode(box.encrypt(message.encode())).decode()
      except ImportError:
          return {"sent": False, "error": "PyNaCl required for encrypted messaging: pip install pynacl"}
  
      timestamp = datetime.now(timezone.utc).isoformat()
      sig_payload = f"{client.did}|{recipient_did}|{timestamp}|{encrypted_b64}"
      signature = client.sign(sig_payload.encode())
  
      send_resp = requests.post(
          f"{client.service_url}/message",
          json={
              "sender_did": client.did,
              "recipient_did": recipient_did,
              "encrypted_content": encrypted_b64,
              "signature": signature,
              "timestamp": timestamp,
          },
          timeout=10,
      )
      if send_resp.ok:
          return {"sent": True, "recipient": recipient_did}
      else:
          return {"sent": False, "error": send_resp.text}