security: per-agent API keys with identity enforcement

Agent registry loaded from env vars (AGENT_KEY_<name>=<key>):
- AGENT_KEY_claude_code=xxx → authenticates as "claude-code"
- AGENT_KEY_n8n=yyy → authenticates as "n8n"
- AGENT_KEY_morpheus=zzz → authenticates as "morpheus"

When an agent key is used, source_agent in POST /memory must match
the authenticated identity — prevents agent impersonation.

Admin key (BRAIN_API_KEY) still works as fallback with no identity
binding, preserving backward compatibility.

Closes the Sybil attack vector on observed_by: an agent can no
longer corroborate its own memories by claiming different identities.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: Skiipy11

api/src/middleware/auth.js

@@ -1,6 +1,25 @@
 import crypto from 'crypto';
 
-const API_KEY = process.env.BRAIN_API_KEY;
+const ADMIN_KEY = process.env.BRAIN_API_KEY;
+
+// Build agent registry from env vars: AGENT_KEY_<name>=<key>
+// e.g. AGENT_KEY_claude_code=abc123 → { key: 'abc123', agent: 'claude-code' }
+const agentRegistry = new Map(); // key → agent name
+
+function loadAgentKeys() {
+  for (const [envKey, envVal] of Object.entries(process.env)) {
+    if (envKey.startsWith('AGENT_KEY_') && envVal) {
+      // AGENT_KEY_claude_code → claude-code
+      const agentName = envKey.slice('AGENT_KEY_'.length).replace(/_/g, '-').toLowerCase();
+      agentRegistry.set(envVal, agentName);
+    }
+  }
+  if (agentRegistry.size > 0) {
+    console.log(`[auth] Loaded ${agentRegistry.size} agent key(s): ${[...agentRegistry.values()].join(', ')}`);
+  }
+}
+
+loadAgentKeys();
 
 // Rate limiting: track failed auth attempts per IP
 const failedAttempts = new Map();
@@ -28,6 +47,11 @@ function recordFailure(ip) {
   }
 }
 
+function safeEqual(a, b) {
+  if (!a || !b || a.length !== b.length) return false;
+  return crypto.timingSafeEqual(Buffer.from(a), Buffer.from(b));
+}
+
 export function authMiddleware(req, res, next) {
   const ip = req.ip || req.socket.remoteAddress;
 
@@ -36,10 +60,24 @@ export function authMiddleware(req, res, next) {
   }
 
   const key = req.headers['x-api-key'];
-  if (!key || !API_KEY || key.length !== API_KEY.length ||
-      !crypto.timingSafeEqual(Buffer.from(key), Buffer.from(API_KEY))) {
+  if (!key) {
     recordFailure(ip);
-    return res.status(401).json({ error: 'Invalid or missing API key' });
+    return res.status(401).json({ error: 'Missing API key' });
+  }
+
+  // Check agent-specific keys first (binds identity)
+  const agentName = agentRegistry.get(key);
+  if (agentName) {
+    req.authenticatedAgent = agentName;
+    return next();
   }
-  next();
+
+  // Fall back to admin key (no agent binding — full access)
+  if (safeEqual(key, ADMIN_KEY)) {
+    req.authenticatedAgent = null; // admin — no agent identity enforced
+    return next();
+  }
+
+  recordFailure(ip);
+  return res.status(401).json({ error: 'Invalid API key' });
 }

api/src/routes/memory.js

@@ -26,6 +26,13 @@ memoryRouter.post('/', async (req, res) => {
       return res.status(400).json({ error: validationError });
     }
 
+    // Enforce agent identity: if authenticated with an agent key, source_agent must match
+    if (req.authenticatedAgent && source_agent !== req.authenticatedAgent) {
+      return res.status(403).json({
+        error: `Agent identity mismatch: authenticated as "${req.authenticatedAgent}" but source_agent is "${source_agent}"`,
+      });
+    }
+
     // Scrub credentials
     const cleanContent = scrubCredentials(content);