Command Palette

Search for a command to run...

UnylyUnyly
Browse all

Covenant Skill

FreeNot checked

COVENANT skill engine — preflight, attestation, and chain layer for agent trust on Pharos

GitHubEmbed

About

COVENANT skill engine — preflight, attestation, and chain layer for agent trust on Pharos

README

The safest way to send, swap, bridge, deposit, invest, vote, and execute on Pharos — with deterministic trust checks, wallet-native approval, and verifiable receipts.

npm covenant-mcp npm covenant-skill MCP Tools Version Pharos Atlantic Pharos Pacific Live Proof License: MIT

Action-first Service Agent + MCP infrastructure for the Pharos Agent Economy.
COVENANT sits between agent intent and on-chain execution — like Stripe for agent authorization.

User intent → prepare_action → preflight → wallet approval → execution → receipt
Install npx -y covenant-mcp init
Hosted MCP https://covenant-skill.onrender.com/mcp
Web UI covenant-web-mu.vercel.app
Anvita flow.anvita.xyz/service-agents
npm [email protected] · [email protected]
Networks Atlantic 688689 · Pacific 1672
Master docs docs/PROJECT_MASTER_DOCUMENTATION.md

Table of contents


What is COVENANT?

COVENANT is the trust and authorization rail autonomous agents call before moving funds on Pharos. It combines:

Layer What you get
Deterministic policy Rules + simulation → ALLOW / WARN / DENY
Trust Capital On-chain reputation via ReputationRegistry
Signed attestations EIP-712 ALLOW for GuardedExecutor
SIWE sessions Wallet sign-in without sharing keys
Approval URLs User signs the real tx in the browser
Receipts DecisionLog + explorer links

COVENANT is not a wallet or custodian. Agents never hold user private keys or seed phrases.


Why it exists

Pharos is building an AI Agent Economy. Agents will move value, call Skills, and execute on-chain. They need:

Need Without COVENANT With COVENANT
Trust Ad-hoc checks covenant_reputation
Authorization Hot keys in agents SIWE + approval URLs
Risk LLM decides transfers Deterministic preflight
Audit Chat logs only DecisionLog + explorer txs
Accountability None Attestation-gated execution

COVENANT secures other Skills — it does not replace swap, bridge, or payment protocols. It wraps them with policy, human approval, and receipts.


Live Proof

Real transactions. Real wallet signatures. Real explorers. Captured 2026-07-09 / 2026-07-10 via Anvita → COVENANT → MetaMask.

# Action Network Result
1 Swap 2 PROS → ~0.774 USDC (LI.FI) Pacific mainnet PharosScan
2 Bridge 0.3 USDC → Base (CCTP V2) Pacific → Base Burn · Mint
3 Treasury batch 0.2 + 0.3 USDC Atlantic testnet 0.2 · 0.3
4 Vault deposit 1 USDC Atlantic testnet PharosScan

Canonical flow (every action):

Chat (Anvita) → prepare_action → preflight ALLOW → connect (SIWE) → /approve/appr_* → wallet signs → explorer Success

Connect (/connect) = sign-in only. Approve (/approve/appr_*) = approve + execute.

Full walkthrough with 42 embedded screenshots:
docs/proofs/LIVE_TEST_SUCCESS.md

Earlier Atlantic GuardedExecutor proof (decisionId: 1): docs/proofs/PROOF_OF_EXECUTION.md

Demo wallet 0xf76e6B0920e9332fF4410f6dD53F01722AbC71a3
Demo agent 0xfBb4A658f89736eD40CAAAD735bcedb3272C4600

Quick start

30-second path (no wallet)

Step Action
1 Paste docs/prompts/01-install-covenant.md
2 Restart Cursor when prompted
3 Paste docs/prompts/02-validate-skills.md

Expected:

✓ 23 tools discovered
✓ covenant_health        → status ok · chainId 688689
✓ covenant_reputation    → Trust Capital tier
✓ covenant_simulate      → eth_call result
✓ covenant_preflight     → ALLOW | WARN | DENY

Full wallet demo

Paste docs/prompts/03-end-to-end-workflow.md — connect → approve → txHash → receipt.

Judge checklist: docs/JUDGE_QUICK_START.md


Architecture

flowchart TB
  subgraph clients[Clients]
    CUR[Cursor / Claude]
    ANV[Anvita Flow]
    WEB[Approval UI]
  end
  subgraph hosted[Production]
    API[covenant-skill.onrender.com]
    PG[(Postgres)]
  end
  subgraph chain[Pharos]
    ATL[Atlantic 688689]
    PAC[Pacific 1672]
  end
  CUR -->|stdio or /mcp| API
  ANV -->|HTTPS /mcp| API
  WEB --> API
  API --> PG
  API --> ATL
  API --> PAC

Execution modes

flowchart LR
  PF[preflight ALLOW] --> DW[direct_wallet]
  PF --> GE[GuardedExecutor]
  DW --> SW[Swap LI.FI]
  DW --> BR[CCTP bridge]
  DW --> VA[Vault / ERC-20]
  GE --> NAT[Native PHRS / PROS]
  GE --> DL[DecisionLog]
Mode Used for
direct_wallet Swaps, CCTP bridges, vault deposits, ERC-20 treasury — user wallet signs the protocol call
guarded Native PHRS/PROS payments — attestation-gated GuardedExecutor.execute → DecisionLog

Monorepo packages

Package Role
covenant-mcp npx CLI + MCP entry
covenant-skill Preflight engine, MCP server, REST API
covenant-shared Chains, registries, EIP-712, ABIs
packages/web Connect + Approve UI (Vercel)
packages/contracts Identity · Covenant · GuardedExecutor · DecisionLog · Reputation · MockYieldVault
packages/indexer Event watcher + Trust Capital projections

Full architecture: docs/PROJECT_MASTER_DOCUMENTATION.md · docs/ARCHITECTURE.md


Features & MCP tools

Feature matrix

Capability Proven (live tx) Supported in 0.2.11 Catalog only
Pacific LI.FI swap Yes Yes -
Pacific -> Base CCTP bridge Yes Yes -
Atlantic treasury ERC-20 batch Yes Yes -
Atlantic vault deposit Yes Yes -
Vault withdraw - Yes -
Native GuardedExecutor payment Older Atlantic proof Yes -
RWA invest - Mock vault path Institutional RWA
DAO vote / execute - Needs GOVERNOR_ADDRESS Empty default catalog
Atlantic swap - - Unsupported (no DEX)
CCIP / LayerZero - - Registry addresses

23 MCP tools

Group Tools
Health & trust covenant_health · covenant_reputation · covenant_get_receipt
Risk covenant_preflight · covenant_simulate · covenant_verify_counterparty
Action planning covenant_quick_action_review · covenant_prepare_action · covenant_list_catalog
Wallet & approval covenant_connect_wallet · covenant_create_session · covenant_await_session · covenant_request_approval · covenant_get_pending_approvals · covenant_execute_authorized · covenant_revoke_session
Attestation & bridge covenant_sign_attestation · covenant_bridge_claim
Memory covenant_memory
Privileged covenant_register_identity · covenant_set_covenant · covenant_rotate_key · covenant_attest_outcome

Schemas: docs/MCP_REFERENCE.md · Source of truth: packages/skill/src/mcp/definitions.ts


Networks & contracts

Network Chain ID Native Explorer
Pharos Atlantic (testnet) 688689 PHRS atlantic.pharosscan.xyz
Pharos Pacific (mainnet) 1672 PROS pharosscan.xyz

Atlantic COVENANT contracts

Contract Address
IdentityRegistry 0x05545F026b75f03aE9Cf1eA8a8373473c94ed323
CovenantRegistry 0x068bB96e849F0DE3D49944Ec0F4aEd3D6B165770
DecisionLog 0x8A80D270dd7028536ecB6f92b04eec11F929d603
ReputationRegistry 0x92b8815A17D85E45DB5Da9952764Ee2ce072A973
GuardedExecutor 0x2741bAF6F51e5Ab67E81DdDCb1439679Bebd2d2F
MockYieldVault 0x4d507779cCCb46a4DF9eD4505368f21c6b875981

Pacific swaps and bridges use official Pharos infra (LI.FI Diamond, Circle CCTP) via direct_wallet. Pacific COVENANT core addresses are set via PACIFIC_* env after deploy — see docs/proofs/PACIFIC_PROOF.md.


Wallet approval flow

flowchart LR
  A[prepare_action] --> B[preflight]
  B --> C[connect_wallet SIWE]
  C --> D[await_session]
  D --> E[request_approval]
  E --> F["/approve/appr_*"]
  F --> G[User signs in MetaMask]
  G --> H[Explorer Success]
Step What happens
Connect User signs a SIWE message — no transaction
Approve Register agent (if needed) → publish covenant → token approve → execute
Bridge Same page polls Iris V2 and prompts Base mint

User never shares: private key, seed phrase, sessionId, or calldata.
request_approval takes only walletAddress + intentHash + verdict — the execution payload stays server-side.


Transaction flows

Swap (Pacific)

  • Quote via LI.FI (li.quest) · execute on LI.FI Diamond 0xFf70F4A1…04b2
  • Faroswap / DODO routers allowlisted as alternate paths
  • Atlantic: no public DEX corridor (ATLANTIC_DEX empty)
  • Proven: 2 PROS → USDC

Bridge (CCTP V2)

  • Burn USDC on Pharos via Circle TokenMessenger
  • Iris V2 attestation · mint on Base (and other configured destinations)
  • Tool: covenant_bridge_claim · approval page automates claim
  • Proven: 0.3 USDC Pacific → Base

Treasury / payments

  • ERC-20: direct_wallet transfer (batch = sequential approvals)
  • Native PHRS/PROS: GuardedExecutor
  • Proven: 0.5 USDC Atlantic batch (0.2 + 0.3)

Vault / RWA

  • ERC-4626 Mock Yield Vault (same contract labeled RWA in catalog)
  • Proven: 1 USDC deposit Atlantic
  • RWA invest: catalog-ready, not separately live-proven

DAO

  • castVote when GOVERNOR_ADDRESS (or catalog target) is set
  • Default DAO catalog is empty — agent should refuse gracefully

Integrations

Partner Role Status
LI.FI Pacific swap quotes + execution Proven
Faroswap / DODO Pacific DEX routers Supported
Circle CCTP V2 + Iris USDC bridge burn / mint Proven
GoPlus Counterparty risk Optional (skips with WARN)
CCIP / LayerZero Registry addresses Catalog only

Security

Control Detail
Non-custodial Server never holds user keys
Deterministic ALLOW LLM explains only — cannot authorize
Intent binding EIP-712 + computeIntentHash
Replay protection On-chain usedNonces
Session expiry SIWE ~10m · approval ~30m · session 7–90d
Egress allowlist Outbound HTTPS restricted (packages/skill/src/egress.ts)
Privileged tools Require owner / oracle keys

Full threat model: docs/SECURITY.md


Installation

npx -y covenant-mcp init

Creates .cursor/mcp.json (zero secrets required for read + preflight tools). Restart your MCP client.

Hosted MCP (no local Node):

{
  "mcpServers": {
    "covenant": {
      "url": "https://covenant-skill.onrender.com/mcp"
    }
  }
}
Client Config
Cursor packages/mcp/config/cursor.mcp.json
Claude Desktop packages/mcp/config/claude-desktop.mcp.json
Claude Code packages/mcp/config/claude-code.mcp.json
OpenAI Agents packages/mcp/config/openai-agents.example.ts

Extended setup: docs/skill/INSTALL.md · docs/skill/INTEGRATIONS.md

Environment (optional)

Variable Purpose
PHAROS_NETWORK atlantic (default) | pacific
PHAROS_RPC_URL / PACIFIC_RPC_URL RPC overrides
GOPLUS_APP_KEY / SECRET Counterparty risk
COVENANT_API_URL Hosted attestation (default Render)
PREFLIGHT_LLM_ENABLED Set false for faster demos
DEPLOYER_PRIVATE_KEY Operator attester only — never in agent chat

See .env.example and docs/PROJECT_MASTER_DOCUMENTATION.md.


Anvita Service Agent

Upload package for Anvita Flow:

Folder examples/service-agents/covenant-action-guard/
Zip covenant-action-guard.zip
Skill SKILL.md v2.5.0
Strategy docs/anvita/CUSTOMER_SERVICE_STRATEGY.md v5.3.0

Runtime uses HTTPS hosted MCP only — end users do not run npx locally.

Demo prompts:

Step Prompt
1 docs/prompts/01-install-covenant.md
2 docs/prompts/02-validate-skills.md
3 docs/prompts/03-end-to-end-workflow.md

API & deployment

Surface URL
Skill API https://covenant-skill.onrender.com
MCP https://covenant-skill.onrender.com/mcp
Web UI https://covenant-web-mu.vercel.app
Health GET /health
Receipt GET /api/receipt/:id
Component Host
Skill + Indexer Render
Web Vercel
Postgres Supabase
Redis Upstash

Ops: docs/DEPLOYMENT.md · docs/OPERATIONS.md · docs/API_REFERENCE.md


Repository structure

COVENANT/
├── packages/
│   ├── mcp/           # npm covenant-mcp
│   ├── skill/         # engine + MCP + REST
│   ├── shared/        # chains · registries · EIP-712
│   ├── web/           # approval UI
│   ├── contracts/     # Foundry Solidity
│   └── indexer/       # DecisionLog projections
├── examples/
│   └── service-agents/covenant-action-guard/
├── docs/
│   ├── PROJECT_MASTER_DOCUMENTATION.md
│   ├── proofs/LIVE_TEST_SUCCESS.md
│   ├── anvita/
│   └── prompts/
├── AGENTS.md
└── covenant-action-guard.zip

Documentation

Doc Purpose
PROJECT_MASTER_DOCUMENTATION.md Single source of truth
LIVE_TEST_SUCCESS.md Live txs + screenshots
AGENTS.md Agent skill manifest
MCP_REFERENCE.md Tool schemas
SECURITY.md Threat model
PHASE2.md Phase 2 hub
FEATURE_MATRIX.md Honest Anvita readiness

FAQ

Is COVENANT a wallet?
No. It is MCP + contracts + an approval UI.

Do I need API keys?
No for health, reputation, simulate, preflight, prepare, connect, and approval. GoPlus and LLM keys are optional.

How many tools?
23 — see packages/skill/src/mcp/definitions.ts.

Connect vs Approve?
Connect = SIWE sign-in. Approve = the real on-chain execution.

Can I swap on Atlantic?
No public LI.FI corridor on Atlantic. Use Pacific for swaps.

Is RWA production-ready?
No — mock ERC-4626 vault / catalog only.

npx @covenant/mcp 404?
Use npx covenant-mcp (unscoped package name).


Roadmap

Shipped in 0.2.11

  • 23 MCP tools including prepare_action, await_session, bridge_claim, list_catalog
  • Pacific LI.FI swap + CCTP bridge live-proven
  • Atlantic treasury + vault deposit live-proven
  • Anvita Service Agent package v2.5.0

Planned

  • @covenant/sdk TypeScript SDK — docs/sdk/ROADMAP.md
  • Pacific GuardedExecutor stack as first-class defaults
  • RWA invest + native GuardedExecutor retest in Live Proof log
  • Fix VaultClaim / DaoExecute routing
  • x402 pricing (beta remains free)

License

MIT © 2026 COVENANT Contributors


Live Proof · Master Docs · API · Anvita

from github.com/mohamedwael201193/COVENANT

Install Covenant Skill in Claude Desktop, Claude Code & Cursor

Recommended · one command, every IDE
unyly install covenant-skill

Installs into Claude Desktop, Claude Code, Cursor & VS Code — handles npx, uvx and build-from-source repos for you.

First time? Get the CLI: curl -fsSL https://unyly.org/install | sh

Or configure manually

Run in your terminal:

claude mcp add covenant-skill -- npx -y covenant-skill

FAQ

Is Covenant Skill MCP free?

Yes, Covenant Skill MCP is free — one-click install via Unyly at no cost.

Does Covenant Skill need an API key?

No, Covenant Skill runs without API keys or environment variables.

Is Covenant Skill hosted or self-hosted?

Self-hosted: the server runs locally on your machine via the install command above.

How do I install Covenant Skill in Claude Desktop, Claude Code or Cursor?

Open Covenant Skill on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.

Related MCPs

Compare Covenant Skill with

Not sure what to pick?

Find your stack in 60 seconds

Author?

Embed badge for your README

Browse similar

All ai MCPs