Command Palette

Search for a command to run...

UnylyUnyly
Весь каталог

@Ledgerproof/ Server

БесплатноНе проверен

Let any MCP client issue and verify EU AI Act Article 50 transparency receipts for AI-generated content, anchored to Bitcoin.

GitHubEmbed

Описание

Let any MCP client issue and verify EU AI Act Article 50 transparency receipts for AI-generated content, anchored to Bitcoin.

README

A Model Context Protocol server that lets any MCP client (Claude Desktop, Claude Code, IDEs, agents) issue and verify EU AI Act Article 50 transparency receipts through @ledgerproof/sdk.

LedgerProof implements the IETF SCITT architecture drafts (draft-ietf-scitt-architecture-22) with COSE Receipts (draft-ietf-cose-merkle-tree-proofs-18), and additionally anchors a daily Merkle root to Bitcoin (OP_RETURN). It is an early implementation of live IETF Internet-Drafts — not an RFC, not a standard, not certified, not "SCITT compliant." That precision is deliberate; please keep it in any derived copy.

Issuing a receipt is a real, deliberate action: each receipt's daily Merkle root is anchored to Bitcoin, which costs a Bitcoin transaction fee. Do not wire agents to auto-issue on loose triggers. The bundled ledgerproof_when_to_issue prompt spells out when issuance is (and isn't) appropriate.

Transports

This server speaks the two current MCP transports. The deprecated HTTP+SSE transport is intentionally not used.

  • stdio (default) — for local clients that launch the server as a subprocess.
  • Streamable HTTP (StreamableHTTPServerTransport) — for networked clients. In this mode ledgerproof_issue_receipt requires precomputed_sha256 and rejects raw payloads, so artifact bytes never cross the network.

Tools

Tool Purpose
ledgerproof_issue_receipt Produce an Article-50 record for AI-generated content and register it. Exactly one of artifact or precomputed_sha256, plus aiSystemId, deployerName, contentCategory, etc. Mirrors publishAiArticle50. Returns {sequence, entry_hash, verify_url, anchor_status:"pending"}.
ledgerproof_verify_receipt Verify by {sequence} (API lookup) or {transparent_statement} (SCITT bundle, trust-minimized §7 check → {issuerSignatureValid, inclusionProofValid, receiptSignatureValid, bitcoinConfirmed, valid}).
ledgerproof_check_anchor Poll a {sequence} for Bitcoin anchor status (pendinganchored with txid, block, Merkle proof).
ledgerproof_hash_artifact SHA-256 a {payload} locally so raw content never leaves the machine.

Prompt

  • ledgerproof_when_to_issue — scoped guidance: issue only when deliberately "producing an Article-50 transparency record for AI-generated content," and a reminder that anchoring costs a Bitcoin tx fee, so do not auto-fire on loose triggers.

Honest behavior notes / gaps

  • Anchoring is asynchronous. Issuance always returns anchor_status: "pending". The server never reports a fabricated "anchored" status — ledgerproof_check_anchor reports anchored only when the API returns a real Bitcoin txid. Poll until then.
  • Raw payloads stay local even on stdio. The SDK hashes the artifact locally and only the artifact_hash (never the bytes) is sent to the LedgerProof API. Streamable HTTP additionally keeps the bytes off the MCP hop by requiring precomputed_sha256.
  • SCITT verification is guarded. verifyTransparentStatement lives in the SDK's scitt/ module, which is being built in parallel and may not be exported yet. If it's absent, ledgerproof_verify_receipt (Transparent Statement mode) returns a clear "not available in the installed SDK" error instead of failing the build. Sequence-mode verification works today.
  • precomputed_sha256 issuance depends on an SDK feature. The base publishAiArticle50 always hashes raw bytes and exposes no precomputed-hash entrypoint. The server passes the hash through optimistically (forward-compat); if the installed SDK can't accept it, the tool returns a precise error rather than registering a record with the wrong artifact_hash. Until the SDK adds a precomputed-hash publish path, issue from raw artifact over stdio.

Configuration (environment variables)

Variable Required Default Notes
LEDGERPROOF_PUBLISHER_ID yes Legal-entity id (LEI/EUID/VAT/DID). Not an email.
LEDGERPROOF_DEPLOYER_COUNTRY yes ISO country code, e.g. DE.
LEDGERPROOF_API_KEY yes LedgerProof API key.
LEDGERPROOF_API_BASE no https://api-eu.ledgerproofhq.io API base URL (api-eu.ledgerproofhq.io).
LEDGERPROOF_SIGNING_KEY_HEX no ephemeral Ed25519 signing seed (hex). Never logged.
LEDGERPROOF_KEY_PATH no Path to a file containing the hex seed (alt to _HEX).
LEDGERPROOF_KEY_ID no default Key id registered with the service.

HTTP-only (optional): PORT/LEDGERPROOF_MCP_PORT (default 3000), LEDGERPROOF_MCP_HOST (default 127.0.0.1), LEDGERPROOF_MCP_TRANSPORT=http (same as --http).

The Ed25519 signing key is never logged, never returned by any tool, and never serialized. Only its presence (provided vs ephemeral) is printed at boot.

Install / build

npm install
npm run build      # tsc → dist/
npm run lint       # tsc --noEmit

Run

# stdio (default)
npx @ledgerproof/mcp-server

# Streamable HTTP on http://127.0.0.1:3000/mcp
npx @ledgerproof/mcp-server --http --port 3000

MCP client config

stdio

{
  "mcpServers": {
    "ledgerproof": {
      "command": "npx",
      "args": ["-y", "@ledgerproof/mcp-server"],
      "env": {
        "LEDGERPROOF_PUBLISHER_ID": "LEI:5493001KJTIIGC8Y1R12",
        "LEDGERPROOF_DEPLOYER_COUNTRY": "DE",
        "LEDGERPROOF_API_KEY": "sk_live_...",
        "LEDGERPROOF_API_BASE": "https://api-eu.ledgerproofhq.io",
        "LEDGERPROOF_SIGNING_KEY_HEX": "<32-byte-hex-ed25519-seed>",
        "LEDGERPROOF_KEY_ID": "default"
      }
    }
  }
}

Streamable HTTP

Start the server (npx @ledgerproof/mcp-server --http --port 3000), then point the client at the URL:

{
  "mcpServers": {
    "ledgerproof": {
      "type": "streamable-http",
      "url": "http://127.0.0.1:3000/mcp"
    }
  }
}

Over Streamable HTTP, call ledgerproof_hash_artifact first and pass the result to ledgerproof_issue_receipt as precomputed_sha256 — raw payloads are rejected on this transport by design.

License

Apache-2.0

from github.com/vsdawkins-creator/ledgerproof-mcp-server

Установка @Ledgerproof/ Server

У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.

▸ github.com/vsdawkins-creator/ledgerproof-mcp-server

FAQ

@Ledgerproof/ Server MCP бесплатный?

Да, @Ledgerproof/ Server MCP бесплатный — установка в пару кликов через Unyly без оплаты.

Нужен ли API-ключ для @Ledgerproof/ Server?

Нет, @Ledgerproof/ Server работает без API-ключей и переменных окружения.

@Ledgerproof/ Server — hosted или self-hosted?

Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.

Как установить @Ledgerproof/ Server в Claude Desktop, Claude Code или Cursor?

Открой @Ledgerproof/ Server на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.

Похожие MCP

Compare @Ledgerproof/ Server with

Не уверен что выбрать?

Найди свой стек за 60 секунд

Автор?

Embed-бейдж для README

Похожее

Все в категории ai