Initial release — verify-mcp v0.1.0

MCP server for offline verification of signed artifacts.
MIT licensed. 4 tools: self_test, verify_receipt, verify_bundle, explain_artifact.
No accounts, no API calls, no ScopeBlind dependency.

Author: ZeroXLauren

.gitignore

@@ -0,0 +1 @@
+node_modules/

Dockerfile

@@ -0,0 +1,10 @@
+FROM node:22-alpine
+
+WORKDIR /app
+
+COPY package.json server.js server.json ./
+COPY samples/ ./samples/
+
+RUN npm install --omit=dev
+
+ENTRYPOINT ["node", "server.js"]

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 ScopeBlind (Tom Farley)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,87 @@
+# @scopeblind/verify-mcp
+
+MCP server for offline verification of ScopeBlind and Veritas Acta artifacts.
+
+It is deliberately narrow:
+- verify a single signed receipt or artifact
+- verify an audit bundle offline
+- explain a signed artifact in normalized form
+- run a packaged self-test so clients can prove the verifier works
+
+This is the registry-worthy MCP surface for the verification lane. It is not a gateway, not a builder, and not a hosted verification service.
+
+## Install
+
+```bash
+npm install -g @scopeblind/verify-mcp
+```
+
+## Claude Desktop / MCP config
+
+```json
+{
+  "mcpServers": {
+    "scopeblind-verify": {
+      "command": "npx",
+      "args": ["-y", "@scopeblind/verify-mcp"]
+    }
+  }
+}
+```
+
+## Tools
+
+### `self_test`
+Runs packaged sample verification.
+
+Returns:
+- sample receipt valid / invalid
+- sample bundle valid / invalid
+- total receipts in the sample bundle
+
+### `verify_receipt`
+Inputs:
+- `artifact_json` or `path`
+- optional `public_key_hex`
+
+Returns:
+- valid / invalid
+- type
+- format
+- issuer
+- kid
+- canonical hash
+
+### `verify_bundle`
+Inputs:
+- `bundle_json` or `path`
+
+Returns:
+- valid / invalid
+- total receipts
+- passed
+- failed
+
+### `explain_artifact`
+Inputs:
+- `artifact_json` or `path`
+
+Returns a normalized summary of:
+- type
+- format
+- issuer
+- kid
+- issued_at / timestamp
+- payload keys
+
+## Notes
+
+- No ScopeBlind servers are contacted.
+- This server verifies local JSON artifacts only.
+- `protect-mcp` remains the local policy gateway.
+- `@scopeblind/passport` remains the local pack builder.
+- `@scopeblind/red-team` remains the local benchmark runner.
+
+## License
+
+MIT

glama.json

@@ -0,0 +1 @@
+{"$schema":"https://glama.ai/mcp/schemas/server.json","maintainers":["tomjwxf"]}

package.json

@@ -0,0 +1,47 @@
+{
+  "name": "@scopeblind/verify-mcp",
+  "version": "0.1.0",
+  "description": "MCP server for offline verification of ScopeBlind and Veritas Acta artifacts.",
+  "license": "MIT",
+  "type": "module",
+  "bin": {
+    "scopeblind-verify-mcp": "server.js"
+  },
+  "files": [
+    "server.js",
+    "README.md",
+    "server.json",
+    "samples/"
+  ],
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.27.1",
+    "@veritasacta/artifacts": "^0.2.0",
+    "zod": "^3.24.0"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "keywords": [
+    "mcp",
+    "model-context-protocol",
+    "scopeblind",
+    "veritasacta",
+    "artifact-verification",
+    "receipts",
+    "offline-verification"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/tomjwxf/scopeblind-gateway.git"
+  },
+  "homepage": "https://scopeblind.com/verify",
+  "bugs": {
+    "url": "https://github.com/tomjwxf/scopeblind-gateway/issues"
+  },
+  "mcpName": "io.github.tomjwxf/verify-mcp",
+  "scripts": {
+    "check": "node --check server.js",
+    "smoke": "node test/smoke.mjs",
+    "prepublishOnly": "npm run check && npm run smoke"
+  }
+}

samples/sample-bundle.json

@@ -0,0 +1,78 @@
+{
+  "format": "scopeblind:audit-bundle:v1",
+  "generated_at": "2026-03-22T00:00:00Z",
+  "issuer": "protect-mcp",
+  "description": "Sample audit bundle with 3 receipts from a protect-mcp session.",
+  "verification": {
+    "signing_keys": [
+      {
+        "kty": "OKP",
+        "crv": "Ed25519",
+        "kid": "kPrK_qmxVWaYVA9wwBF6Iuo3vVzz7TxHCTwXBygrS4k",
+        "x": "11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo",
+        "use": "sig"
+      }
+    ]
+  },
+  "receipts": [
+    {
+      "v": 2,
+      "type": "decision_receipt",
+      "algorithm": "ed25519",
+      "kid": "kPrK_qmxVWaYVA9wwBF6Iuo3vVzz7TxHCTwXBygrS4k",
+      "issuer": "sb:test",
+      "issued_at": "2026-01-01T00:00:00Z",
+      "payload": {
+        "decision": "allow",
+        "policy_digest": "sha256:abcdef0123456789",
+        "scope": "my-service",
+        "tool": "read_database",
+        "tier": "signed-known",
+        "mode": "shadow",
+        "reason_code": "policy_match",
+        "request_id": "req_test_001"
+      },
+      "signature": "324a966f8d4e6652e2270311c9682157d5adc01f1f019d84b24a1125220869a5c5a0fc0096ed3afffaa66ac36cfbbd97e60d9c5f7ad632a2cf11c45c2c50fd0d"
+    },
+    {
+      "v": 2,
+      "type": "gateway_restraint",
+      "algorithm": "ed25519",
+      "kid": "kPrK_qmxVWaYVA9wwBF6Iuo3vVzz7TxHCTwXBygrS4k",
+      "issuer": "sb:protect",
+      "issued_at": "2026-01-01T00:01:00Z",
+      "payload": {
+        "tool": "delete_user",
+        "decision": "deny",
+        "reason_code": "tier_insufficient",
+        "policy_digest": "sha256:abcdef0123456789",
+        "agent_id": "sb:agent:test-bot",
+        "tier": "unknown",
+        "mode": "enforce"
+      },
+      "signature": "e0acddfd57dac1d1cd1a7b48d4554c81cede6bf44aa40f97ed5cbf8825e4157ec1fb44527b0b2cc17b24e5853b2190e02e5c7a826c3919592e693f09c04fac0e"
+    },
+    {
+      "v": 2,
+      "type": "trust_ticket",
+      "algorithm": "ed25519",
+      "kid": "kPrK_qmxVWaYVA9wwBF6Iuo3vVzz7TxHCTwXBygrS4k",
+      "issuer": "sb:trust-authority",
+      "issued_at": "2026-01-15T12:00:00Z",
+      "payload": {
+        "tier": "evidenced",
+        "scope": "production",
+        "expires_at": "2026-02-01T00:00:00Z",
+        "agent_id": "sb:agent:verified-bot",
+        "manifest_hash": "sha256:manifest_hash_example",
+        "evidence_summary": {
+          "receipt_count": 150,
+          "epoch_span": 30,
+          "issuer_count": 5
+        }
+      },
+      "signature": "c4e5b0048449d0f6757877410d3066f285dc07d1f73ec1e4f6222ec2f3a95a3953db3f3c9a3079c7a7cef837e36d522791a095884633f52d42876b1b25ae6600"
+    }
+  ],
+  "_note": "Verify with: npx @veritasacta/verify sample-bundle.json --bundle"
+}

samples/sample-receipt.json

@@ -0,0 +1,19 @@
+{
+  "v": 2,
+  "type": "decision_receipt",
+  "algorithm": "ed25519",
+  "kid": "kPrK_qmxVWaYVA9wwBF6Iuo3vVzz7TxHCTwXBygrS4k",
+  "issuer": "sb:test",
+  "issued_at": "2026-01-01T00:00:00Z",
+  "payload": {
+    "decision": "allow",
+    "policy_digest": "sha256:abcdef0123456789",
+    "scope": "my-service",
+    "tool": "read_database",
+    "tier": "signed-known",
+    "mode": "shadow",
+    "reason_code": "policy_match",
+    "request_id": "req_test_001"
+  },
+  "signature": "324a966f8d4e6652e2270311c9682157d5adc01f1f019d84b24a1125220869a5c5a0fc0096ed3afffaa66ac36cfbbd97e60d9c5f7ad632a2cf11c45c2c50fd0d"
+}