Covenant Skill
БесплатноНе проверенCOVENANT skill engine — preflight, attestation, and chain layer for agent trust on Pharos
Описание
COVENANT skill engine — preflight, attestation, and chain layer for agent trust on Pharos
README
The safest way to send, swap, bridge, deposit, invest, vote, and execute on Pharos — with deterministic trust checks, wallet-native approval, and verifiable receipts.
npm covenant-mcp npm covenant-skill MCP Tools Version Pharos Atlantic Pharos Pacific Live Proof License: MIT
Action-first Service Agent + MCP infrastructure for the Pharos Agent Economy.
COVENANT sits between agent intent and on-chain execution — like Stripe for agent authorization.
User intent → prepare_action → preflight → wallet approval → execution → receipt
| Install | npx -y covenant-mcp init |
| Hosted MCP | https://covenant-skill.onrender.com/mcp |
| Web UI | covenant-web-mu.vercel.app |
| Anvita | flow.anvita.xyz/service-agents |
| npm | [email protected] · [email protected] |
| Networks | Atlantic 688689 · Pacific 1672 |
| Master docs | docs/PROJECT_MASTER_DOCUMENTATION.md |
Table of contents
- What is COVENANT?
- Why it exists
- Live Proof
- Quick start
- Architecture
- Features & MCP tools
- Networks & contracts
- Wallet approval flow
- Transaction flows
- Integrations
- Security
- Installation
- Anvita Service Agent
- API & deployment
- Repository structure
- Documentation
- FAQ
- Roadmap
- License
What is COVENANT?
COVENANT is the trust and authorization rail autonomous agents call before moving funds on Pharos. It combines:
| Layer | What you get |
|---|---|
| Deterministic policy | Rules + simulation → ALLOW / WARN / DENY |
| Trust Capital | On-chain reputation via ReputationRegistry |
| Signed attestations | EIP-712 ALLOW for GuardedExecutor |
| SIWE sessions | Wallet sign-in without sharing keys |
| Approval URLs | User signs the real tx in the browser |
| Receipts | DecisionLog + explorer links |
COVENANT is not a wallet or custodian. Agents never hold user private keys or seed phrases.
Why it exists
Pharos is building an AI Agent Economy. Agents will move value, call Skills, and execute on-chain. They need:
| Need | Without COVENANT | With COVENANT |
|---|---|---|
| Trust | Ad-hoc checks | covenant_reputation |
| Authorization | Hot keys in agents | SIWE + approval URLs |
| Risk | LLM decides transfers | Deterministic preflight |
| Audit | Chat logs only | DecisionLog + explorer txs |
| Accountability | None | Attestation-gated execution |
COVENANT secures other Skills — it does not replace swap, bridge, or payment protocols. It wraps them with policy, human approval, and receipts.
Live Proof
Real transactions. Real wallet signatures. Real explorers. Captured 2026-07-09 / 2026-07-10 via Anvita → COVENANT → MetaMask.
| # | Action | Network | Result |
|---|---|---|---|
| 1 | Swap 2 PROS → ~0.774 USDC (LI.FI) | Pacific mainnet | PharosScan |
| 2 | Bridge 0.3 USDC → Base (CCTP V2) | Pacific → Base | Burn · Mint |
| 3 | Treasury batch 0.2 + 0.3 USDC | Atlantic testnet | 0.2 · 0.3 |
| 4 | Vault deposit 1 USDC | Atlantic testnet | PharosScan |
Canonical flow (every action):
Chat (Anvita) → prepare_action → preflight ALLOW → connect (SIWE) → /approve/appr_* → wallet signs → explorer Success
Connect (
/connect) = sign-in only. Approve (/approve/appr_*) = approve + execute.
Full walkthrough with 42 embedded screenshots:
docs/proofs/LIVE_TEST_SUCCESS.md
Earlier Atlantic GuardedExecutor proof (decisionId: 1): docs/proofs/PROOF_OF_EXECUTION.md
| Demo wallet | 0xf76e6B0920e9332fF4410f6dD53F01722AbC71a3 |
| Demo agent | 0xfBb4A658f89736eD40CAAAD735bcedb3272C4600 |
Quick start
30-second path (no wallet)
| Step | Action |
|---|---|
| 1 | Paste docs/prompts/01-install-covenant.md |
| 2 | Restart Cursor when prompted |
| 3 | Paste docs/prompts/02-validate-skills.md |
Expected:
✓ 23 tools discovered
✓ covenant_health → status ok · chainId 688689
✓ covenant_reputation → Trust Capital tier
✓ covenant_simulate → eth_call result
✓ covenant_preflight → ALLOW | WARN | DENY
Full wallet demo
Paste docs/prompts/03-end-to-end-workflow.md — connect → approve → txHash → receipt.
Judge checklist: docs/JUDGE_QUICK_START.md
Architecture
flowchart TB
subgraph clients[Clients]
CUR[Cursor / Claude]
ANV[Anvita Flow]
WEB[Approval UI]
end
subgraph hosted[Production]
API[covenant-skill.onrender.com]
PG[(Postgres)]
end
subgraph chain[Pharos]
ATL[Atlantic 688689]
PAC[Pacific 1672]
end
CUR -->|stdio or /mcp| API
ANV -->|HTTPS /mcp| API
WEB --> API
API --> PG
API --> ATL
API --> PAC
Execution modes
flowchart LR
PF[preflight ALLOW] --> DW[direct_wallet]
PF --> GE[GuardedExecutor]
DW --> SW[Swap LI.FI]
DW --> BR[CCTP bridge]
DW --> VA[Vault / ERC-20]
GE --> NAT[Native PHRS / PROS]
GE --> DL[DecisionLog]
| Mode | Used for |
|---|---|
direct_wallet |
Swaps, CCTP bridges, vault deposits, ERC-20 treasury — user wallet signs the protocol call |
guarded |
Native PHRS/PROS payments — attestation-gated GuardedExecutor.execute → DecisionLog |
Monorepo packages
| Package | Role |
|---|---|
covenant-mcp |
npx CLI + MCP entry |
covenant-skill |
Preflight engine, MCP server, REST API |
covenant-shared |
Chains, registries, EIP-712, ABIs |
packages/web |
Connect + Approve UI (Vercel) |
packages/contracts |
Identity · Covenant · GuardedExecutor · DecisionLog · Reputation · MockYieldVault |
packages/indexer |
Event watcher + Trust Capital projections |
Full architecture: docs/PROJECT_MASTER_DOCUMENTATION.md · docs/ARCHITECTURE.md
Features & MCP tools
Feature matrix
| Capability | Proven (live tx) | Supported in 0.2.11 | Catalog only |
|---|---|---|---|
| Pacific LI.FI swap | Yes | Yes | - |
| Pacific -> Base CCTP bridge | Yes | Yes | - |
| Atlantic treasury ERC-20 batch | Yes | Yes | - |
| Atlantic vault deposit | Yes | Yes | - |
| Vault withdraw | - | Yes | - |
| Native GuardedExecutor payment | Older Atlantic proof | Yes | - |
| RWA invest | - | Mock vault path | Institutional RWA |
| DAO vote / execute | - | Needs GOVERNOR_ADDRESS |
Empty default catalog |
| Atlantic swap | - | - | Unsupported (no DEX) |
| CCIP / LayerZero | - | - | Registry addresses |
23 MCP tools
| Group | Tools |
|---|---|
| Health & trust | covenant_health · covenant_reputation · covenant_get_receipt |
| Risk | covenant_preflight · covenant_simulate · covenant_verify_counterparty |
| Action planning | covenant_quick_action_review · covenant_prepare_action · covenant_list_catalog |
| Wallet & approval | covenant_connect_wallet · covenant_create_session · covenant_await_session · covenant_request_approval · covenant_get_pending_approvals · covenant_execute_authorized · covenant_revoke_session |
| Attestation & bridge | covenant_sign_attestation · covenant_bridge_claim |
| Memory | covenant_memory |
| Privileged | covenant_register_identity · covenant_set_covenant · covenant_rotate_key · covenant_attest_outcome |
Schemas: docs/MCP_REFERENCE.md · Source of truth: packages/skill/src/mcp/definitions.ts
Networks & contracts
| Network | Chain ID | Native | Explorer |
|---|---|---|---|
| Pharos Atlantic (testnet) | 688689 |
PHRS | atlantic.pharosscan.xyz |
| Pharos Pacific (mainnet) | 1672 |
PROS | pharosscan.xyz |
Atlantic COVENANT contracts
| Contract | Address |
|---|---|
| IdentityRegistry | 0x05545F026b75f03aE9Cf1eA8a8373473c94ed323 |
| CovenantRegistry | 0x068bB96e849F0DE3D49944Ec0F4aEd3D6B165770 |
| DecisionLog | 0x8A80D270dd7028536ecB6f92b04eec11F929d603 |
| ReputationRegistry | 0x92b8815A17D85E45DB5Da9952764Ee2ce072A973 |
| GuardedExecutor | 0x2741bAF6F51e5Ab67E81DdDCb1439679Bebd2d2F |
| MockYieldVault | 0x4d507779cCCb46a4DF9eD4505368f21c6b875981 |
Pacific swaps and bridges use official Pharos infra (LI.FI Diamond, Circle CCTP) via direct_wallet. Pacific COVENANT core addresses are set via PACIFIC_* env after deploy — see docs/proofs/PACIFIC_PROOF.md.
Wallet approval flow
flowchart LR
A[prepare_action] --> B[preflight]
B --> C[connect_wallet SIWE]
C --> D[await_session]
D --> E[request_approval]
E --> F["/approve/appr_*"]
F --> G[User signs in MetaMask]
G --> H[Explorer Success]
| Step | What happens |
|---|---|
| Connect | User signs a SIWE message — no transaction |
| Approve | Register agent (if needed) → publish covenant → token approve → execute |
| Bridge | Same page polls Iris V2 and prompts Base mint |
User never shares: private key, seed phrase, sessionId, or calldata.request_approval takes only walletAddress + intentHash + verdict — the execution payload stays server-side.
Transaction flows
Swap (Pacific)
- Quote via LI.FI (
li.quest) · execute on LI.FI Diamond0xFf70F4A1…04b2 - Faroswap / DODO routers allowlisted as alternate paths
- Atlantic: no public DEX corridor (
ATLANTIC_DEXempty) - Proven: 2 PROS → USDC
Bridge (CCTP V2)
- Burn USDC on Pharos via Circle TokenMessenger
- Iris V2 attestation · mint on Base (and other configured destinations)
- Tool:
covenant_bridge_claim· approval page automates claim - Proven: 0.3 USDC Pacific → Base
Treasury / payments
- ERC-20:
direct_wallettransfer (batch = sequential approvals) - Native PHRS/PROS:
GuardedExecutor - Proven: 0.5 USDC Atlantic batch (0.2 + 0.3)
Vault / RWA
- ERC-4626 Mock Yield Vault (same contract labeled RWA in catalog)
- Proven: 1 USDC deposit Atlantic
- RWA invest: catalog-ready, not separately live-proven
DAO
castVotewhenGOVERNOR_ADDRESS(or catalog target) is set- Default DAO catalog is empty — agent should refuse gracefully
Integrations
| Partner | Role | Status |
|---|---|---|
| LI.FI | Pacific swap quotes + execution | Proven |
| Faroswap / DODO | Pacific DEX routers | Supported |
| Circle CCTP V2 + Iris | USDC bridge burn / mint | Proven |
| GoPlus | Counterparty risk | Optional (skips with WARN) |
| CCIP / LayerZero | Registry addresses | Catalog only |
Security
| Control | Detail |
|---|---|
| Non-custodial | Server never holds user keys |
| Deterministic ALLOW | LLM explains only — cannot authorize |
| Intent binding | EIP-712 + computeIntentHash |
| Replay protection | On-chain usedNonces |
| Session expiry | SIWE ~10m · approval ~30m · session 7–90d |
| Egress allowlist | Outbound HTTPS restricted (packages/skill/src/egress.ts) |
| Privileged tools | Require owner / oracle keys |
Full threat model: docs/SECURITY.md
Installation
npx -y covenant-mcp init
Creates .cursor/mcp.json (zero secrets required for read + preflight tools). Restart your MCP client.
Hosted MCP (no local Node):
{
"mcpServers": {
"covenant": {
"url": "https://covenant-skill.onrender.com/mcp"
}
}
}
| Client | Config |
|---|---|
| Cursor | packages/mcp/config/cursor.mcp.json |
| Claude Desktop | packages/mcp/config/claude-desktop.mcp.json |
| Claude Code | packages/mcp/config/claude-code.mcp.json |
| OpenAI Agents | packages/mcp/config/openai-agents.example.ts |
Extended setup: docs/skill/INSTALL.md · docs/skill/INTEGRATIONS.md
Environment (optional)
| Variable | Purpose |
|---|---|
PHAROS_NETWORK |
atlantic (default) | pacific |
PHAROS_RPC_URL / PACIFIC_RPC_URL |
RPC overrides |
GOPLUS_APP_KEY / SECRET |
Counterparty risk |
COVENANT_API_URL |
Hosted attestation (default Render) |
PREFLIGHT_LLM_ENABLED |
Set false for faster demos |
DEPLOYER_PRIVATE_KEY |
Operator attester only — never in agent chat |
See .env.example and docs/PROJECT_MASTER_DOCUMENTATION.md.
Anvita Service Agent
Upload package for Anvita Flow:
| Folder | examples/service-agents/covenant-action-guard/ |
| Zip | covenant-action-guard.zip |
| Skill | SKILL.md v2.5.0 |
| Strategy | docs/anvita/CUSTOMER_SERVICE_STRATEGY.md v5.3.0 |
Runtime uses HTTPS hosted MCP only — end users do not run npx locally.
Demo prompts:
| Step | Prompt |
|---|---|
| 1 | docs/prompts/01-install-covenant.md |
| 2 | docs/prompts/02-validate-skills.md |
| 3 | docs/prompts/03-end-to-end-workflow.md |
API & deployment
| Surface | URL |
|---|---|
| Skill API | https://covenant-skill.onrender.com |
| MCP | https://covenant-skill.onrender.com/mcp |
| Web UI | https://covenant-web-mu.vercel.app |
| Health | GET /health |
| Receipt | GET /api/receipt/:id |
| Component | Host |
|---|---|
| Skill + Indexer | Render |
| Web | Vercel |
| Postgres | Supabase |
| Redis | Upstash |
Ops: docs/DEPLOYMENT.md · docs/OPERATIONS.md · docs/API_REFERENCE.md
Repository structure
COVENANT/
├── packages/
│ ├── mcp/ # npm covenant-mcp
│ ├── skill/ # engine + MCP + REST
│ ├── shared/ # chains · registries · EIP-712
│ ├── web/ # approval UI
│ ├── contracts/ # Foundry Solidity
│ └── indexer/ # DecisionLog projections
├── examples/
│ └── service-agents/covenant-action-guard/
├── docs/
│ ├── PROJECT_MASTER_DOCUMENTATION.md
│ ├── proofs/LIVE_TEST_SUCCESS.md
│ ├── anvita/
│ └── prompts/
├── AGENTS.md
└── covenant-action-guard.zip
Documentation
| Doc | Purpose |
|---|---|
| PROJECT_MASTER_DOCUMENTATION.md | Single source of truth |
| LIVE_TEST_SUCCESS.md | Live txs + screenshots |
| AGENTS.md | Agent skill manifest |
| MCP_REFERENCE.md | Tool schemas |
| SECURITY.md | Threat model |
| PHASE2.md | Phase 2 hub |
| FEATURE_MATRIX.md | Honest Anvita readiness |
FAQ
Is COVENANT a wallet?
No. It is MCP + contracts + an approval UI.
Do I need API keys?
No for health, reputation, simulate, preflight, prepare, connect, and approval. GoPlus and LLM keys are optional.
How many tools?
23 — see packages/skill/src/mcp/definitions.ts.
Connect vs Approve?
Connect = SIWE sign-in. Approve = the real on-chain execution.
Can I swap on Atlantic?
No public LI.FI corridor on Atlantic. Use Pacific for swaps.
Is RWA production-ready?
No — mock ERC-4626 vault / catalog only.
npx @covenant/mcp 404?
Use npx covenant-mcp (unscoped package name).
Roadmap
Shipped in 0.2.11
- 23 MCP tools including
prepare_action,await_session,bridge_claim,list_catalog - Pacific LI.FI swap + CCTP bridge live-proven
- Atlantic treasury + vault deposit live-proven
- Anvita Service Agent package v2.5.0
Planned
@covenant/sdkTypeScript SDK — docs/sdk/ROADMAP.md- Pacific GuardedExecutor stack as first-class defaults
- RWA invest + native GuardedExecutor retest in Live Proof log
- Fix
VaultClaim/DaoExecuterouting - x402 pricing (beta remains free)
License
MIT © 2026 COVENANT Contributors
Live Proof · Master Docs · API · Anvita
Установить Covenant Skill в Claude Desktop, Claude Code, Cursor
unyly install covenant-skillСтавит в Claude Desktop, Claude Code, Cursor и VS Code — сам разбирается с npx, uvx и сборкой из исходников.
Впервые? Поставь CLI: curl -fsSL https://unyly.org/install | sh
Или настроить вручную
Выполни в терминале:
claude mcp add covenant-skill -- npx -y covenant-skillFAQ
Covenant Skill MCP бесплатный?
Да, Covenant Skill MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Covenant Skill?
Нет, Covenant Skill работает без API-ключей и переменных окружения.
Covenant Skill — hosted или self-hosted?
Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.
Как установить Covenant Skill в Claude Desktop, Claude Code или Cursor?
Открой Covenant Skill на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
Fetch
Web content fetching and conversion for efficient LLM usage.
AWS KB Retrieval
Retrieval from AWS Knowledge Base using Bedrock Agent Runtime.
автор: modelcontextprotocolSpring AI MCP Server
Provides auto-configuration for setting up an MCP server in Spring Boot applications.
llm-analysis-assistant
A very streamlined mcp client that supports calling and monitoring stdio/sse/streamableHttp, and can also view request responses through the /logs page. It also
автор: xuzexin-hzCompare Covenant Skill with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории ai
