Metadata-Version: 2.4
Name: pitbridge
Version: 0.2.1
Summary: Local-first, guardrailed MCP bridge for NinjaTrader 8, with hard risk limits your AI agent cannot bypass.
Project-URL: Homepage, https://pitbridge.com
Project-URL: Documentation, https://pitbridge.com/docs/
Project-URL: Repository, https://github.com/ToolstackVault/pitbridge
Project-URL: Changelog, https://pitbridge.com/changelog/
Author: PitBridge
License-Expression: Apache-2.0
License-File: LICENSE
License-File: NOTICE
Keywords: ai-agent,algo-trading,futures,guardrails,local-first,mcp,model-context-protocol,ninjatrader,risk-management,trading
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Financial and Insurance Industry
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Office/Business :: Financial :: Investment
Requires-Python: >=3.12
Requires-Dist: fastapi>=0.115
Requires-Dist: httpx>=0.27
Requires-Dist: mcp>=1.0
Requires-Dist: pydantic>=2.7
Requires-Dist: typer>=0.12
Requires-Dist: tzdata>=2024.1
Requires-Dist: uvicorn>=0.30
Requires-Dist: websockets>=12.0
Provides-Extra: dev
Requires-Dist: httpx>=0.27; extra == 'dev'
Requires-Dist: jsonschema>=4.21; extra == 'dev'
Requires-Dist: pytest-asyncio>=0.24; extra == 'dev'
Requires-Dist: pytest>=8.0; extra == 'dev'
Requires-Dist: ruff>=0.6; extra == 'dev'
Description-Content-Type: text/markdown

# pitbridge (daemon)

Python 3.12 daemon that sits between AI agents (MCP / REST / WS) and the
NinjaTrader 8 AddOn (outbound WebSocket, port 8873). Binding spec:
`../docs/architecture.md`.

## Dev setup

```sh
cd daemon
uv venv --python 3.12
uv pip install -e ".[dev]"
uv run pytest
uv run ruff check .
```

Status: M2 daemon-core — protocol models (14 message types, schema-mirrored),
guardrail engine (M1), the AddOn WS link (hello/auth/heartbeat/snapshot/
reconnect-reconcile, reconcile-first hard), executor (idempotent pending-order
table + ack timeouts), the frozen pipeline (schema -> permission -> guardrails
-> confirm gate -> submit -> audit) as the single order path, the /v1 REST + WS
surfaces, and `tools/fake_addon.py` for chaos tests. `pitbridge run --config`
serves it. MCP surface + C# AddOn land in M3/M4.

## Agent surface (0.2.0)

One uvicorn server, one port (default `127.0.0.1:8873`), three transports over
the same guardrail pipeline:

- REST `/v1/*` and the WS `/v1/ws` event feed;
- MCP over streamable HTTP at `/mcp` (`[daemon] mcp_http`, default `true`),
  for HTTP-native MCP clients; served by both `pitbridge run` and
  `pitbridge mcp`;
- MCP over stdio via `pitbridge mcp` (Claude Desktop / Claude Code).

### Bearer auth (`[daemon] agent_token`)

Generate a token with `pitbridge token new` and set it in the config yourself
(the CLI never writes it for you). With it set, every `/v1/*` call, the
`/v1/ws` stream and `/mcp` require `Authorization: Bearer <agent_token>`
(401 otherwise, constant-time compare). The WS `/v1/addon` leg keeps its own
`pairing_token` hello auth.

Fail-closed rule: a non-localhost bind REFUSES to start without an
`agent_token` (on top of the existing `paired_mode` + `pairing_token`
requirement). On a `127.0.0.1` bind the token is optional and off by default
(backwards compatible). `pitbridge status` and `pitbridge doctor` report the
auth state.

<!-- mcp-name: com.pitbridge/pitbridge -->
