Countersign
БесплатноНе проверенKill switch + spend guard for AI agents that spend money: one policy, one sub-second freeze, and one signed audit ledger across every wallet vendor at once (Coi
Описание
Kill switch + spend guard for AI agents that spend money: one policy, one sub-second freeze, and one signed audit ledger across every wallet vendor at once (Coinbase, Turnkey, Openfort + cards). Tools include a pre-flight request_spend guard, freeze, apply_policy, ledger, and x402/AP2 payment-mandate guards — free self-serve key, no account.
README
A neutral, cross-vendor control plane for AI agents that spend money. Countersign holds the policy, the freeze, and the audit ledger across multiple agent-wallet backends at once — the one thing no single wallet vendor can do, because each only governs its own rail. That aggregation is the moat.
Countersign — one policy, one sub-second freeze, one signed ledger, across every wallet vendor
Live version of this loop: countersign.network/demo.html · 60s video
One falsifiable test defines it: can Countersign freeze agents across many backends at once, in under a second, with a unified tamper-evident ledger of every attempt? Proven LIVE across four rails (Coinbase, Turnkey, Openfort, and a Lithic Visa card) in ~432ms on testnet.
This repository is the open-core front door — the Apache-2.0 packages you build against: the integration contract, the typed client, the MCP tools, and the x402 guard. The control-plane "brain" (the policy compiler, the hash-chained ledger, the vendor adapters, and the hosted Core) is separate and proprietary; you reach it over the network via the SDK/MCP, hosted at app.countersign.network.
Quickstart
Drop the kill switch + spend guard into any MCP client (Claude, Cursor, …) — one line:
// claude / cursor mcp config
{ "mcpServers": { "countersign": {
"command": "npx", "args": ["-y", "@countersign/mcp"],
"env": { "COUNTERSIGN_URL": "https://app.countersign.network", "COUNTERSIGN_API_KEY": "csk_…" }
}}}
Or wire it into your own agent with the SDK:
import { CountersignClient } from "@countersign/sdk";
const cs = new CountersignClient({ baseUrl, apiKey });
await cs.evaluate({ agentId, amount, asset, venue }); // may this spend happen? (allow / deny / needs_approval)
await cs.freeze(); // the kill switch — every backend, < 1s
Get a free testnet key at https://app.countersign.network/start?ref=gh-readme.
Agents paying agents? See examples/guarded-payee — the A2A/AP2 pattern where a payee advertises it is governed and the payer verifies that (and guards its own payment) before any mandate is signed.
Packages (this repo — all Apache-2.0)
| Package | Role |
|---|---|
| @countersign/core | the EnforcementProvider interface, branded ids, the unified policy schema, the fail-closed freeze controller — the integration contract every backend implements |
| @countersign/api-contract | OpenAPI + typed REST/ws schema — the single source of truth for the Client↔Core wire interface |
| @countersign/sdk | typed client over the Core API + live ledger subscribe |
| @countersign/mcp | Countersign as MCP tools — kill switch + spend guard inside any MCP client |
| @countersign/x402 | govern x402 (HTTP-402 machine payments) — guard a payment before it pays |
| @countersign/verify | verify a ledger entry offline — hash chain, RFC 6962 Merkle inclusion, Ed25519 signatures |
| @countersign/ap2 | govern AP2 (Agent Payments Protocol) — guard an agent-payment mandate before it executes |
The proprietary brain (policy compiler to each backend's native controls, ledger, Coinbase / Turnkey / Openfort / Lithic adapters, the hosted Core) lives in a separate private repository.
Prime directives (invariants)
- Don't build cryptography — integrate vendor MPC/TEE; session keys, never master keys.
- Build the layer above the wallets; cross-vendor aggregation is the product.
- Fail-closed: no decision / no backend response ⇒ the transaction does not execute.
- Backend-agnostic core; no vendor logic leaks past the
EnforcementProviderinterface. - Append-only, hash-chained ledger is the source of truth.
- Testnet only — mainnet follows a third-party security audit.
Links
- Home: https://countersign.network · Hosted Core: https://app.countersign.network
- npm: @countersign/sdk · @countersign/mcp · @countersign/x402 · @countersign/ap2
- Architecture: docs/architecture.md · Security: SECURITY.md
Apache-2.0. Countersign holds policy, freeze, and a tamper-evident ledger — it never takes custody of funds.
Установка Countersign
У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.
▸ github.com/countersign-network/packagesFAQ
Countersign MCP бесплатный?
Да, Countersign MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Countersign?
Нет, Countersign работает без API-ключей и переменных окружения.
Countersign — hosted или self-hosted?
Доступен hosted-вариант: Unyly запускает сервер в облаке, локальная установка не обязательна.
Как установить Countersign в Claude Desktop, Claude Code или Cursor?
Открой Countersign на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
Stripe
Payments, customers, subscriptions
автор: Stripemalamutemayhem/unclick-agent-native-endpoints
110+ tools for AI agents spanning social media, finance, gaming, music, AU-specific services, and utilities. Zero-config local tools plus platform connectors. n
автор: malamutemayhemwhiteknightonhorse/APIbase
Unified API hub for AI agents with 56+ tools across travel (Amadeus, Sabre), prediction markets (Polymarket), crypto, and weather. Pay-per-call via x402 micropa
автор: whiteknightonhorsetrackerfitness729-jpg/sitelauncher-mcp-server
Deploy live HTTPS websites in seconds. Instant subdomains ($1 USDC) or custom .xyz domains ($10 USDC) on Base chain. Templates for crypto tokens and AI agent pr
Compare Countersign with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории finance
