Interface: ZeroTrustConfig

Defined in: packages/core/src/introspection/CryptoAttestation.ts:48

Configuration for zero-trust attestation.

Passed to AttachOptions.zeroTrust in ServerAttachment.

Properties

expectedDigest?

readonly optional expectedDigest: string;

Defined in: packages/core/src/introspection/CryptoAttestation.ts:67

Expected server digest hash from a known-good build. When set, runtime verification will fail-fast if the re-computed digest doesn't match.

---

exposeCapability?

readonly optional exposeCapability: boolean;

Defined in: packages/core/src/introspection/CryptoAttestation.ts:79

Whether to expose the attestation in MCP capabilities. Default: true.

---

failOnMismatch?

readonly optional failOnMismatch: boolean;

Defined in: packages/core/src/introspection/CryptoAttestation.ts:73

Whether to fail-fast on attestation failure. Default: true in production, false in development.

---

secret?

readonly optional secret: string;

Defined in: packages/core/src/introspection/CryptoAttestation.ts:60

For 'hmac' mode: the shared secret. Read from environment in production (never hardcode).

---

signer

readonly signer: AttestationSigner | "hmac";

Defined in: packages/core/src/introspection/CryptoAttestation.ts:54

The signing strategy to use.

• 'hmac' — HMAC-SHA256 with a shared secret (built-in)
• A custom AttestationSigner for external KMS integration