Bundle Export
Creating distributable, auditable artifact packages.
What is a Bundle?
Definition: A ZIP file containing all security artifacts for a given approval.
Use Cases:
- Air-gapped deployments (no network access)
- Regulatory audits (provide evidence package)
- Distribution to teams without registry access
Bundle Contents
| File | Required | Description |
|---|---|---|
manifest.json | Yes | Metadata: files, hashes, timestamp |
mcp-lock.json | Yes | The lockfile |
mcp-lock.json.sig | Yes | Signature file |
public.key | Optional | Public key for Ed25519 verification |
policy.yaml | Optional | Policy file (if present) |
README.txt | Yes | Human-readable summary grouping tools by risk level (HIGH/MED/LOW) |
Creating a Bundle
# Prerequisite: lockfile must be signed
mcptrust sign --key private.key
# Export bundle
mcptrust bundle export --output approval.zip
# With custom paths
mcptrust bundle export \
--lockfile custom-lock.json \
--signature custom-lock.json.sig \
--output my-bundle.zipDeterminism
Guarantee: Running bundle export twice on the same inputs produces identical ZIP files.
Mechanism:
- All timestamps set to January 1, 1980 00:00:00 UTC.
- Files added in a deterministic order:
manifest.json,mcp-lock.json,mcp-lock.json.sig, followed by other artifacts alphabetized. - Canonicalization: The bundle respects the canonicalization version specified in the signature file to ensure consistent verification.
Verification:
mcptrust bundle export -o bundle1.zip
sleep 2
mcptrust bundle export -o bundle2.zip
shasum -a 256 bundle1.zip bundle2.zip
# Hashes MUST match