The control-plane runtime for the Model Context Protocol (MCP), providing a secure gateway, credential vault, policy engine, and audit logging for every tool call between AI Agents and downstream services.
Peta Core is the MCP (Model Context Protocol) control-plane runtime developed by Dunia Labs, fully compatible with the MCP 2025-11-25 specification, providing security governance for every tool call between AI Agents and downstream services. It is built around four core modules:
MCP Gateway: Acts as a transparent proxy—exposing as an MCP Server to AI clients via HTTP/SSE upstream, and connecting to multiple MCP Servers via StdIO/HTTP+SSE/Streamable HTTP downstream. Routes calls using serverId::toolName namespace identifiers. Includes a built-in OAuth 2.0 authorization server supporting Authorization Code + PKCE, dynamic client registration, and an optional anonymous public access endpoint.
Credential Vault: Uses PBKDF2 (100,000+ iterations) + AES-256-GCM encryption at rest, with in-memory decryption cleared within 30 seconds. Credentials are JIT-injected at execution time on the server side—raw credentials are never exposed to clients. Also provides an OAuth token proxy that auto-refreshes access tokens without exposing refresh tokens.
Policy Engine: Supports hybrid RBAC/ABAC authorization with content-aware DSL conditions and capability filtering. Features a Human-in-the-Loop approval mechanism with a persistent approval queue and safe replay retries. Integrates sliding-window rate limiting and optional IP whitelist network controls.
Audit & Observability: Produces secret-free immutable audit logs. Structured JSON logging via Pino supports webhook forwarding, designed for SOC2 Type II, HIPAA, and GDPR compliance.
For runtime management, Peta Core provides lazy startup of downstream servers, health checks, auto-recovery, transparent request-level retries (up to 2), and stream recovery via Last-Event-ID. Extension capabilities include no-code REST-to-MCP conversion, skill packages (ZIP + SKILL.md), Docker-sandboxed stdio execution, and multi-backend result caching (DB/Redis/Memory). Progressive Disclosure offers three discovery modes (FLAT/HYBRID/STRICT) with native catalog search tools for AI-driven tool discovery. Built on TypeScript + Prisma + PostgreSQL, it supports Docker, PM2, Kubernetes, and air-gapped deployments.
Typical Scenarios: Enterprise AI Agent governance, unified multi-MCP-Server gateway, REST API to MCP conversion, high-sensitivity operation approval, compliance auditing, air-gapped self-hosted deployment.
Ecosystem Components: Peta Console (Web management UI), Peta Desk (Desktop approval client).
Unconfirmed Details: Detailed installation steps (docs.peta.io not fully fetched), Peta Console repo link (possibly closed-source), enterprise SSO/SAML configuration specifics, air-gapped deployment implementation steps, cloud platform integration methods (Helm/Terraform), REST API adapter configuration, SKILL.md spec definition, Policy DSL syntax details.