crypto-inventory-mcp-server-v2

QEntangle/crypto-inventory-mcp-server-v2

3.1

If you are the rightful owner of crypto-inventory-mcp-server-v2 and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

The crypto-inventory-mcp-server-v2 is an advanced server designed to manage and secure post-quantum cryptography inventories using a clean architecture approach.

Crypto Inventory MCP Server v2

🔒 A comprehensive Model Context Protocol (MCP) server for post-quantum cryptography inventory management with advanced dashboard analytics and clean architecture.

License: MIT Node.js Version TypeScript MCP Protocol

🌟 Features

🎯 Comprehensive MCP Tools

  • Network Scanning: Discover SSL/TLS certificates, SSH keys, and cryptographic protocols
  • Certificate Analysis: Deep inspection of X.509 certificates with quantum vulnerability assessment
  • Code Repository Scanning: Analyze source code for cryptographic implementations
  • Quantum Risk Assessment: Evaluate threats from cryptographically relevant quantum computers (CRQCs)
  • CBOM Generation: Create Cryptographic Bills of Materials in multiple formats
  • Asset Search: Intelligent querying of discovered cryptographic assets
  • Migration Planning: Generate post-quantum migration roadmaps
  • Dashboard Analytics: Comprehensive security analytics and metrics

📊 Interactive Dashboard

  • Real-time Metrics: Live security metrics and KPIs
  • Visual Analytics: Interactive charts and graphs powered by Chart.js
  • Quantum Readiness Score: Comprehensive assessment with progress tracking
  • Risk Assessment: Color-coded risk distribution and trends
  • Vulnerability Tracking: Timeline analysis and categorization
  • Executive Reporting: Generate PDF reports for stakeholders
  • Compliance Monitoring: Track adherence to security standards

🔮 Post-Quantum Security

  • Algorithm Classification: Identify quantum-vulnerable vs quantum-safe algorithms
  • NIST PQC Standards: Full support for FIPS 203, 204, and 205 standards
  • Migration Timeline: Phased approach with cost estimates and priorities
  • Risk Scoring: Advanced risk assessment using industry methodologies
  • Harvest-Now-Decrypt-Later Analysis: Future quantum attack risk evaluation

🏗️ Enterprise Architecture

  • Clean Architecture: Domain-driven design with clear separation of concerns
  • Dependency Injection: IoC container with tsyringe for maintainability
  • Caching Layer: Redis-based caching for performance optimization
  • Queue Processing: BullMQ for async job processing
  • Health Monitoring: Comprehensive health checks and metrics
  • API Documentation: OpenAPI/Swagger documentation

🚀 Quick Start

Prerequisites

  • Node.js 20.0.0+
  • PostgreSQL 13+
  • Redis 6+
  • npm 10.0.0+

1. Installation

git clone https://github.com/QEntangle/crypto-inventory-mcp-server-v2.git
cd crypto-inventory-mcp-server-v2
npm install

2. Environment Setup

cp .env.example .env
# Edit .env with your configuration

3. Database Setup

# Create PostgreSQL database
createdb crypto_inventory

# Run migrations
npm run db:migrate

# Seed test data (optional)
npm run db:seed

4. Start Services

# Start Redis
redis-server

# Start the application
npm run dev

# Or with Docker Compose
npm run docker:up

5. Access Dashboard

Open your browser to http://localhost:3000/dashboard.html for the interactive dashboard.

📱 Dashboard Overview

The comprehensive dashboard provides:

Key Metrics

  • Total Assets: Count of discovered cryptographic assets
  • Quantum Vulnerable: Assets requiring migration to post-quantum algorithms
  • Risk Score: Overall security posture (0-100 scale)
  • Active Scans: Currently running security scans
  • Compliance Score: Regulatory compliance percentage

Visual Analytics

  • Asset Distribution: Pie charts showing asset types and algorithms
  • Quantum Safety Status: Progress towards quantum readiness
  • Risk Distribution: Bar charts of risk levels across assets
  • Vulnerability Timeline: Trend analysis of security issues
  • Certificate Expiration: Timeline of certificate renewals needed

Quantum Readiness Assessment

  • Overall Score: Comprehensive quantum preparedness rating
  • Migration Timeline: Phased approach with cost estimates
  • Algorithm Breakdown: Current vs recommended algorithms
  • Risk Prioritization: Critical vulnerabilities requiring immediate attention

🛠️ MCP Tools Reference

ToolDescriptionUsage
scan_networkNetwork cryptographic discovery{"target": "10.0.1.0/24", "ports": [443, 22, 993]}
analyze_certificateX.509 certificate analysis{"certificate": "-----BEGIN CERTIFICATE-----..."}
scan_code_repositorySource code crypto analysis{"repository_url": "https://github.com/user/repo"}
assess_quantum_riskQuantum vulnerability assessment{"assets": [...], "timeline_years": 10}
generate_cbomCryptographic BOM generation{"scan_id": "uuid", "format": "json"}
search_assetsQuery discovered assets{"type": "certificate", "quantum_safe": false}
get_migration_planPQC migration planning{"scan_id": "uuid", "timeline_years": 5}
get_scan_statusScan progress and results{"scan_id": "uuid"}
get_dashboard_dataDashboard analytics{"section": "overview", "timeRange": "30d"}

🔧 Configuration

Environment Variables

# Application
PORT=3000
NODE_ENV=development
LOG_LEVEL=info

# Database
DATABASE_URL=postgresql://user:password@localhost:5432/crypto_inventory
DB_HOST=localhost
DB_PORT=5432
DB_NAME=crypto_inventory
DB_USER=crypto_user
DB_PASSWORD=secure_password

# Redis
REDIS_URL=redis://localhost:6379
REDIS_HOST=localhost
REDIS_PORT=6379

# Security
JWT_SECRET=your-256-bit-secret
CORS_ORIGINS=localhost,example.com

# Features
FEATURE_NETWORK_SCANNING=true
FEATURE_CODE_SCANNING=true
FEATURE_QUANTUM_ANALYSIS=true
FEATURE_DASHBOARD=true

# Scanning Configuration
PARALLEL_JOBS=5
SCAN_TIMEOUT=300
RETRY_ATTEMPTS=3

📊 API Endpoints

Dashboard API

# Get dashboard overview
GET /api/dashboard/overview

# Get asset distribution
GET /api/dashboard/assets/distribution

# Get vulnerability trends
GET /api/dashboard/vulnerabilities/trends?timeRange=30d

# Get quantum readiness
GET /api/dashboard/quantum/readiness

# Get real-time metrics
GET /api/dashboard/metrics/realtime

# Generate executive report
GET /api/dashboard/reports/executive?format=pdf

Health & Monitoring

# Application health
GET /health

# Database health  
GET /health/db

# System metrics
GET /metrics

# API documentation
GET /docs

🐳 Docker Deployment

Development

# Build and run with Docker Compose
docker-compose up -d

# View logs
docker-compose logs -f

# Scale services
docker-compose up --scale app=3

Production

# docker-compose.prod.yml
version: '3.8'
services:
  app:
    image: crypto-inventory-mcp-v2:latest
    environment:
      - NODE_ENV=production
      - DATABASE_URL=postgresql://user:pass@postgres:5432/crypto_inventory
    ports:
      - "3000:3000"
    depends_on:
      - postgres
      - redis
    restart: unless-stopped

  postgres:
    image: postgres:15-alpine
    environment:
      POSTGRES_DB: crypto_inventory
      POSTGRES_USER: crypto_user
      POSTGRES_PASSWORD: ${DB_PASSWORD}
    volumes:
      - postgres_data:/var/lib/postgresql/data
    restart: unless-stopped

  redis:
    image: redis:7-alpine
    restart: unless-stopped

volumes:
  postgres_data:

🧪 Testing

# Run all tests
npm test

# Unit tests only
npm run test:unit

# Integration tests
npm run test:integration

# End-to-end tests
npm run test:e2e

# Coverage report
npm run test:coverage

# Watch mode
npm run test:watch

🔒 Security Features

Authentication & Authorization

  • JWT-based authentication
  • Role-based access control (RBAC)
  • API rate limiting
  • CORS protection

Scanning Security

  • Network isolation
  • Scan result validation
  • Input sanitization
  • Secure credential handling

Data Protection

  • Encrypted data at rest
  • TLS encryption in transit
  • Audit logging
  • PII anonymization

📈 Performance & Monitoring

Metrics Collection

  • Prometheus-compatible metrics
  • Custom business metrics
  • Performance timers
  • Error rate tracking

Monitoring Stack

  • Metrics: Prometheus + Grafana
  • Logging: Pino structured logging
  • Tracing: OpenTelemetry support
  • Health Checks: Kubernetes-ready probes

Performance Optimization

  • Redis caching layer
  • Database query optimization
  • Async job processing
  • Connection pooling

🔮 Quantum Cryptography Standards

Supported Algorithms

Quantum-Safe (NIST PQC)

  • ML-KEM (CRYSTALS-Kyber) - Key encapsulation
  • ML-DSA (CRYSTALS-Dilithium) - Digital signatures
  • SPHINCS+ - Digital signatures
  • SLH-DSA - Stateless hash-based signatures

Quantum-Vulnerable (Legacy)

  • RSA (all key sizes)
  • ECDSA/ECDH (all curves)
  • DSA (all key sizes)
  • DH (all key sizes)

Risk Assessment Methodology

  1. Asset Discovery: Comprehensive scanning and inventory
  2. Algorithm Classification: Quantum-safe vs vulnerable
  3. Risk Scoring: CVSS-based with quantum factors
  4. Timeline Analysis: Migration urgency assessment
  5. Impact Evaluation: Business criticality weighting

🤝 Contributing

We welcome contributions! Please see our .

Development Workflow

  1. Fork the repository
  2. Create a feature branch: git checkout -b feature/amazing-feature
  3. Make your changes with tests
  4. Ensure all checks pass: npm test && npm run lint
  5. Commit with conventional commits: git commit -m 'feat: add amazing feature'
  6. Push and create a Pull Request

Code Standards

  • TypeScript: Strict mode with comprehensive typing
  • ESLint: Extended Airbnb configuration
  • Prettier: Automated code formatting
  • Conventional Commits: Standardized commit messages
  • Test Coverage: >90% coverage requirement

📚 Documentation

Architecture

Guides

Security

🗺️ Roadmap

Current Version (2.0.0)

  • ✅ Complete MCP server implementation
  • ✅ Interactive dashboard with analytics
  • ✅ All scanning capabilities
  • ✅ Quantum risk assessment
  • ✅ Clean architecture implementation
  • ✅ Comprehensive test coverage

Next Release (2.1.0)

  • 🔄 Machine learning-based threat detection
  • 🔄 Advanced compliance frameworks (SOC 2, ISO 27001)
  • 🔄 Real-time vulnerability feeds integration
  • 🔄 Enhanced reporting with custom templates
  • 🔄 Mobile-responsive dashboard improvements

Future Releases

  • 📋 Multi-cloud deployment support
  • 📋 Integration with SIEM platforms
  • 📋 Advanced ML analytics for anomaly detection
  • 📋 Blockchain-based asset verification
  • 📋 Quantum-safe VPN recommendations

🏆 Recognition

This project implements standards and recommendations from:

  • NIST Post-Quantum Cryptography (FIPS 203, 204, 205)
  • NSA Commercial Solutions for Classified (CSfC)
  • CISA Cybersecurity Best Practices
  • OWASP Cryptographic Standards
  • IEEE Quantum Computing Standards

📄 License

This project is licensed under the MIT License - see the file for details.

🆘 Support

Getting Help

Commercial Support

  • Professional Services: Implementation and consulting
  • Training Programs: Quantum-safe migration workshops
  • Custom Development: Tailored solutions for enterprise needs
  • 24/7 Support: Premium support packages available

Built with ❤️ by QEntangle Team

Securing the post-quantum future, one algorithm at a time.

Project Stats

  • Language: TypeScript 100%
  • Architecture: Clean Architecture + DDD
  • Test Coverage: >90%
  • Dependencies: Production-ready & security audited
  • Container Size: <200MB (optimized)
  • Performance: <100ms API response times
  • Scalability: Kubernetes-native with horizontal scaling