playbooks

home / mcp / attestix mcp server

Attestix MCP Server

Provides an attestation infrastructure for AI agents, enabling verifiable identities, credentials, compliance, and provenance with cryptographic proofs.

Installation
Add the following to your MCP client configuration file.

Configuration

View docs
{
  "mcpServers": {
    "vibetensor-attestix": {
      "command": "python",
      "args": [
        "/path/to/attestix/main.py"
      ]
    }
  }
}

Attestix is an attestation infrastructure that enables cryptographically verifiable proofs for AI agents, covering agent identities, credentials, delegation, compliance with the EU AI Act, provenance, and blockchain anchoring. It is designed to produce machine-readable proofs that can be presented to regulators, other agents, or systems, while operating offline for core functions and using Ed25519-based signatures and hash-chained audit trails to ensure tamper-resistance and verifiability.

How to use

You run the Attestix MCP server as a local process and connect to it from your MCP client or automation scripts. Your client can request identity creation, issue credentials, generate verifiable presentations for regulators, and query or update compliance, reputation, and provenance records. All artifacts are cryptographically signed and verifiable, enabling trust between autonomous agents and external systems.

How to install

Prerequisites: you need Python installed on your system. Ensure you have pip available for installing dependencies.

Step 1: Install the Attestix package from Python's package index.

Step 2: If you want to run from source, clone the repository, install dependencies, and start the server.

Step 3: Start the MCP server using the provided runtime command line.

Configuration and running notes

The server exposes a set of tools and services you can invoke through MCP clients. Core security features include Ed25519-based signatures for all artifacts, a hash-chained audit trail, SSRF protection, and optional encrypted key storage when a password is provided. No external API calls are required for core operations.

Security and compliance notes

Security is built into every artifact: identities, credentials, and compliance records are digitally signed with Ed25519, and the audit log uses a SHA-256 chain to ensure integrity. Access control and privacy considerations are enforced for sensitive data, and GDPR-related erasure is supported for identity data when applicable.

Available tools

create_agent_identity

Create a Unified Agent Identity Token (UAIT) from any identity source.

resolve_identity

Auto-detect token type and register the identity pipeline.

verify_identity

Check existence, revocation, expiry, and signature on an identity.

translate_identity

Convert an identity to A2A, DID Document, OAuth, or a summary.

list_identities

List UAITs with protocol and revocation filters.

get_identity

Retrieve full UAIT details.

revoke_identity

Mark a UAIT as revoked.

purge_agent_data

Erase agent data across all stores per GDPR Article 17.

parse_agent_card

Parse an A2A Agent Card JSON.

generate_agent_card

Generate agent.json for hosting.

discover_agent

Fetch /.well-known/agent.json from a URL.

create_did_key

Generate ephemeral did:key with Ed25519 keypair.

create_did_web

Generate did:web DID Document for self-hosting.

resolve_did

Resolve any DID to its DID Document.

create_delegation

Create a UCAN-style capability delegation token.

verify_delegation

Verify JWT signature, expiry, and structure.

list_delegations

List delegations by agent and role.

revoke_delegation

Revoke a delegation token.

record_interaction

Record an interaction and update trust score.

get_reputation

Retrieve reputation score with category breakdown.

query_reputation

Search agents by reputation criteria.

create_compliance_profile

Create EU AI Act profile with risk categorization.

get_compliance_profile

Retrieve a full compliance profile.

update_compliance_profile

Update an existing compliance profile.

get_compliance_status

Perform gap analysis between completed and missing requirements.

record_conformity_assessment

Record self or third-party conformity assessment (Article 43).

generate_declaration_of_conformity

Generate Annex V declaration and issue a VC.

list_compliance_profiles

Filter profiles by risk category and compliance status.

issue_credential

Issue a W3C VC with Ed25519Signature2020 proof.

verify_credential

Check VC signature, expiry, and revocation.

verify_credential_external

Verify a VC JSON from an external source.

revoke_credential

Revoke a Verifiable Credential.

get_credential

Get full details of a VC.

list_credentials

Filter credentials by agent, type, and validity.

create_verifiable_presentation

Bundle VCs into a signed VP for a verifier.

verify_presentation

Verify a VP with embedded credentials.

record_training_data

Record training data source (Article 10).

record_model_lineage

Record model chain and metrics (Article 11).

log_action

Log an agent action with a hash-chained audit trail (Article 12).

get_provenance

Retrieve full provenance record.

get_audit_trail

Query audit log with filters.

anchor_identity

Anchor identity hash to Base L2 via EAS.

anchor_credential

Anchor credential hash to Base L2 via EAS.

anchor_audit_batch

Merkle batch anchor of audit log entries.

verify_anchor

Verify an on-chain anchor against local data.

get_anchor_status

Get anchoring status for an artifact.

estimate_anchor_cost

Estimate gas cost for anchoring.