Command Palette

Search for a command to run...

UnylyUnyly
Browse all

BlindOracle

FreeNot checked

Unchallengeable AI agent security audits. MASSAT framework covers all 10 OWASP Agentic Security categories (ASI01-ASI10); audit score 4.3/10 published publicly.

GitHubEmbed

About

Unchallengeable AI agent security audits. MASSAT framework covers all 10 OWASP Agentic Security categories (ASI01-ASI10); audit score 4.3/10 published publicly. Plus the trust layer for the x402 agent economy: ERC-8004 passports, ProofDB delegation chains, on-chain anchoring, x402 + Fedimint payments. Apache-2.0.

README

Trust layer for the x402 agent economy. ERC-8004 passports · x402 + Fedimint payments · ProofDB delegation chains · MASSAT security audits · Chainlink/Kalshi/Polymarket prediction-market settlement.

License: Apache 2.0 Python 3.11+ MCP

A Model Context Protocol (MCP) server that exposes the BlindOracle marketplace as MCP tools — verifiable agent commerce with cryptographic identity, sub-cent inter-agent payments, append-only audit trails, and prediction-market settlement composed from Chainlink + Kalshi + Polymarket oracles.

What this server gives your agent

Capability How
Portable identity ERC-8004 passport — chain-anchored agent_id bound to operator_id. Free to mint. Replaces OAuth for credential rotation.
Payment x402 HTTP 402 challenge + Fedimint ecash settlement. Sub-cent per call. No merchant-of-record.
Audit ProofDB — 15 cryptographic proof kinds incl. ProofOfDelegation (kind 30014). HMAC-SHA256, append-only, 18+ month queryable. MiCA/SOC2-ready.
Security MASSAT framework covers all 10 OWASP Agent Security categories (ASI01–ASI10). Our own audit score (4.3/10) is published publicly.
Prediction markets Kalshi WebSocket + Polymarket CLOB + Chainlink CRE settlement. Live treasury on Base.

Quick start (5 minutes)

# Install
git clone https://github.com/craigmbrown/blindoracle-mcp.git
cd blindoracle-mcp
pip install -e .

# Run the MCP server
python main.py

Or add to your Claude Desktop / Cursor / continue.dev MCP config:

{
  "mcpServers": {
    "blindoracle": {
      "command": "python",
      "args": ["/path/to/blindoracle-mcp/main.py"]
    }
  }
}

What's in this repo

main.py                      MCP server entry point (FastMCP)
pyproject.toml               Package metadata + dependencies
core/                        Core MCP tooling + BLP framework + chainlink integration
prediction_markets/          Kalshi + Polymarket + market aggregator
sub_agents/                  Design/Implementation/Testing/Deployment/Operations agents
alerting/                    Alert routing + email/whatsapp channels (env-var configured)
trading_signals/             Signal generator + store
contracts/                   Solidity smart contracts (PrivateClaimVerifier, AgentRegistry, etc.)
cre-workflows/               Chainlink CRE workflow definitions

Configuration

The server reads its operator-specific configuration from environment variables. No hard-coded secrets. Common variables:

Variable Purpose Default
BLINDORACLE_OPERATOR_EMAIL Where alerts route to [email protected] (placeholder)
BLINDORACLE_OPERATOR_WHATSAPP P0 alert SMS-style channel (none)
BLINDORACLE_SENDER_EMAIL Outbound email From: address [email protected] (placeholder)
BLINDORACLE_PASSPORT_ID Your ERC-8004 passport ID (mint free at the BlindOracle marketplace)
BLINDORACLE_ECASH_WALLET Fedimint mint URL for ecash settlement TheBaby federation default

For prediction-market integrations, also set KALSHI_API_KEY, POLYMARKET_API_KEY, CHAINLINK_RPC_URL per your provider docs.

Try the live marketplace (no install needed)

# See real settled cash on Base — the marketplace IS running
curl https://api.craigmbrown.com/a2a/treasury/balances

# Read the agent-services manifest (15 live services)
curl https://craigmbrown.com/.well-known/agent-services.json | jq '.services | length'

# See the public MCP server card
curl https://craigmbrown.com/.well-known/mcp/server-card.json

Architecture & deeper reading

Related repos

Repo What
blindoracle-marketplace-client Python client SDK for calling the BlindOracle marketplace
massat-framework MASSAT security audit toolkit (OWASP ASI01-10) — used to audit MCP servers
awesome-erc8004 Curated reading list for the ERC-8004 standard

Production evidence

  • Live treasury on Base at 0x5E70…4EB9 — verifiable via curl https://api.craigmbrown.com/a2a/treasury/balances
  • $0.76 settled cash across 7 of 9 settlement rails (x402, Fedimint, Lightning, USDC, ...)
  • 15 services live at /.well-known/agent-services.json
  • 50+ agent fleet in production with BLP 49/60 reliability score
  • MASSAT audit score 4.3/10 — published publicly; transparency is the differentiator
  • 17 /a2a/* endpoints live at api.craigmbrown.com/a2a/

License

Apache 2.0 — see LICENSE. Open-core: the framework is permissively licensed; the hosted marketplace API has a paid tier for operators.

Contributing

PRs welcome. Issues tracker at github.com/craigmbrown/blindoracle-docs/issues.

For security disclosures: please email [email protected] (do NOT file a public issue). MASSAT audit findings welcome via the same channel.


Author: Craig Brown · craigmbrown.com · @cmb24k2

from github.com/craigmbrown/blindoracle-mcp

Install BlindOracle in Claude Desktop, Claude Code & Cursor

Recommended · one command, every IDE
unyly install blindoracle

Installs into Claude Desktop, Claude Code, Cursor & VS Code — handles npx, uvx and build-from-source repos for you.

First time? Get the CLI: curl -fsSL https://unyly.org/install | sh

Or configure manually

Run in your terminal:

claude mcp add blindoracle -- uvx --from git+https://github.com/craigmbrown/blindoracle-mcp blindoracle-mcp

FAQ

Is BlindOracle MCP free?

Yes, BlindOracle MCP is free — one-click install via Unyly at no cost.

Does BlindOracle need an API key?

No, BlindOracle runs without API keys or environment variables.

Is BlindOracle hosted or self-hosted?

A hosted option is available: Unyly runs the server in the cloud, no local setup required.

How do I install BlindOracle in Claude Desktop, Claude Code or Cursor?

Open BlindOracle on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.

Related MCPs

Compare BlindOracle with

Not sure what to pick?

Find your stack in 60 seconds

Author?

Embed badge for your README

Browse similar

All ai MCPs