{"id":48805528,"url":"https://github.com/synpareia/trust-mcp","last_synced_at":"2026-05-06T04:07:50.110Z","repository":{"id":351016523,"uuid":"1209136938","full_name":"synpareia/trust-mcp","owner":"synpareia","description":"Identity and trust tools for AI agents — MCP server","archived":false,"fork":false,"pushed_at":"2026-04-21T11:27:54.000Z","size":181,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-21T13:29:18.286Z","etag":null,"topics":["agent-trust","ai-agents","cryptography","did","identity","mcp","mcp-server","python","trust","verification"],"latest_commit_sha":null,"homepage":"https://synpareia.com","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/synpareia.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":null,"code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-04-13T06:07:06.000Z","updated_at":"2026-04-21T11:27:54.000Z","dependencies_parsed_at":null,"dependency_job_id":"5e348081-063b-4caf-a261-4ece82d506bf","html_url":"https://github.com/synpareia/trust-mcp","commit_stats":null,"previous_names":["synpareia/trust-mcp"],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/synpareia/trust-mcp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/synpareia%2Ftrust-mcp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/synpareia%2Ftrust-mcp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/synpareia%2Ftrust-mcp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/synpareia%2Ftrust-mcp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/synpareia","download_url":"https://codeload.github.com/synpareia/trust-mcp/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/synpareia%2Ftrust-mcp/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32677961,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-06T02:33:58.958Z","status":"ssl_error","status_checked_at":"2026-05-06T02:33:39.611Z","response_time":117,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent-trust","ai-agents","cryptography","did","identity","mcp","mcp-server","python","trust","verification"],"created_at":"2026-04-14T05:00:41.849Z","updated_at":"2026-05-06T04:07:50.095Z","avatar_url":"https://github.com/synpareia.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Synpareia Trust Toolkit\n\nIdentity and trust tools for AI agents. One install. Zero friction.\n\nYour agent gets a cryptographic identity, tools to verify other agents, and a tamper-evident interaction log — all working locally. Connect to the synpareia network for reputation, discovery, and selective disclosure.\n\n## What You Get\n\n**Day one, no network needed:**\n\n- **Cryptographic identity** — your agent gets a DID and Ed25519 keypair, persistent across sessions\n- **Signing and verification** — prove authorship, verify claims from other agents\n- **Verified conversations** — tamper-evident interaction records that both parties contribute to\n- **Sealed commitments** — prove your assessment was made before seeing the other party's\n\n**With the synpareia network:**\n\n- **Discovery** — find trustworthy agents by capability, reputation, or criteria\n- **Reputation** — build and check track records that persist across interactions\n- **Selective disclosure** — control exactly what others see about your agent\n\n## Install\n\n### Claude Code / Claude Desktop\n\nAdd to your MCP configuration:\n\n```json\n{\n  \"mcpServers\": {\n    \"synpareia\": {\n      \"command\": \"uvx\",\n      \"args\": [\"synpareia-trust-mcp\"]\n    }\n  }\n}\n```\n\n### Any MCP-compatible agent\n\n```bash\npip install synpareia-trust-mcp\nsynpareia-trust-mcp\n```\n\n## Tools\n\n17 tools across 7 areas. Start by calling `orient` — it summarises every area and points you to the relevant `learn` topic.\n\n| Tool | What it does | Offline? |\n|------|-------------|:-------:|\n| `orient` | Discover all capabilities and which area fits your goal | Yes |\n| `learn` | Get a focused guide for one area (usage, examples, pitfalls) | Yes |\n| `make_claim` | Sign content with your private key — proves authorship | Yes |\n| `verify_claim` | Verify another agent's signature, commitment, or identity claim | Yes |\n| `prove_independence` | Commit to an assessment before seeing the other party's | Yes |\n| `evaluate_agent` | Multi-provider trust evaluation (synpareia, Moltbook, MolTrust) | No |\n| `recording_start` | Begin a verified interaction record | Yes |\n| `recording_append` | Record a message or event | Yes |\n| `recording_end` | Close and optionally rate | Yes |\n| `recording_proof` | Export portable, verifiable proof | Yes |\n| `recording_list` | List recordings (active and closed) | Yes |\n| `witness_info` | Witness identity, public key, service URL | No |\n| `witness_seal_timestamp` | Timestamp seal over a block hash | No |\n| `witness_seal_state` | State seal over a chain head | No |\n| `witness_verify_seal` | Offline verification of either seal type | Yes |\n| `witness_submit_blind` | Submit a blind conclusion through the witness | No |\n| `witness_get_blind` | Retrieve a prior blind conclusion | No |\n\n14 of 17 tools work fully offline. The three network-touching tools (`evaluate_agent`, and the `witness_*` request tools) need a reachable provider or witness service.\n\n### Upgrading from 0.2.0\n\nThe tool surface was reshaped in 0.3.0. `sign_content` → `make_claim`, `verify_signature` → `verify_claim`, `start_conversation`/`end_conversation` → `recording_start`/`recording_end`, and so on. See `CHANGELOG.md` for the full migration table — old names were removed outright, no shim.\n\n## How It Works\n\nThe Trust Toolkit is built on [synpareia](https://pypi.org/project/synpareia/) — cryptographic primitives for AI agent identity. Your agent gets an Ed25519 keypair and a DID (Decentralized Identifier). Every signed statement is verifiable. Every conversation is hash-linked and tamper-evident.\n\n**Identity is local.** Derived from your cryptographic keys, not from a server. Works offline, portable across platforms.\n\n**Trust builds over time.** Each verified conversation adds to your agent's reputation. The more agents that participate, the more meaningful reputation becomes.\n\n**Privacy by default.** Selective disclosure means your agent controls exactly what's visible, and to whom.\n\n## Example Scenarios\n\n### Verifying a counterparty\n\nYour agent is about to delegate a task to another agent. First, check trust across every configured provider:\n\n```\n-\u003e evaluate_agent(namespace=\"synpareia\", id=\"did:synpareia:a1b2c3...\")\n\ntier1: (none — no prior contact in your local journal)\ntier2: (namespace=synpareia has no Tier-2 adapter)\ntier3:\n  synpareia — reputation 0.92, 47 verified conversations, member since 2026-03\n  moltrust  — score 4.6/5 across 18 ratings\ntier4_available: true  (synpareia DID — encode_signed / decode_signed work)\n```\n\n### Making a provably independent assessment\n\nTwo agents need to rate a proposal independently:\n\n```\n-\u003e prove_independence(\"Rating: 4/5 -- strong technical approach, weak go-to-market\")\n\nCommitted. commitment_hash: 7f3a...  nonce_b64: cH/iD5Pm...\nShare ONLY the hash. Keep the nonce secret until reveal.\n\n[... other agent reveals their rating ...]\n\n-\u003e verify_claim(claim_type=\"commitment\", commitment_hash=\"7f3a...\",\n                content=\"Rating: 4/5 -- strong technical approach, weak go-to-market\",\n                nonce_b64=\"cH/iD5Pm...\")\n\nVerified: content matches the sealed commitment.\nThe assessment was committed before being revealed.\n```\n\n### Recording an important interaction\n\n```\n-\u003e recording_start(\"Task delegation negotiation with Agent Y\")\n\nRecording. Recording ID: rec_x7y8z9\n\n[... interaction happens, recording_append for each exchange ...]\n\n-\u003e recording_end(\"rec_x7y8z9\", rating=4, notes=\"Delivered on time, good quality\")\n\nRecording closed. 12 blocks, signed and hash-linked.\n\n-\u003e recording_proof(\"rec_x7y8z9\")\n\nExported: 4.2KB JSON, independently verifiable with synpareia.verify_export()\n```\n\n## Configuration\n\nEnvironment variables (all optional):\n\n| Variable | Default | Description |\n|----------|---------|------------|\n| `SYNPAREIA_DATA_DIR` | `~/.synpareia` | Where to store profile and conversations |\n| `SYNPAREIA_DISPLAY_NAME` | *(none)* | Human-readable name for your agent |\n| `SYNPAREIA_NETWORK_URL` | *(none)* | Synpareia network API endpoint |\n| `SYNPAREIA_AUTO_REGISTER` | `true` | Register profile on network automatically |\n\n## Data, storage, and privacy\n\nThe Trust Toolkit is **local-first**. Every file the toolkit creates lives under\n`SYNPAREIA_DATA_DIR` (default `~/.synpareia`) on the machine running your agent;\nnothing is sent off-machine unless you explicitly configure a network endpoint.\n\nWhat's stored:\n\n- **Profile** (`profile.json`, mode `0600`) — your agent's Ed25519 keypair and\n  display name. The private key never leaves the file.\n- **Conversation chains** (`conversations/\u003cchain_id\u003e/`) — your agent's signed\n  records of conversations and claims, linked into a chain so any tampering is\n  detectable.\n- **Counterparty journal** (`counterparties.json`, mode `0600`) — your agent's\n  notes about other agents you've encountered: their IDs, your evaluations,\n  signed claims they've made to you. **This is your local log; entries are\n  visible only to you and your agent.** Other agents do not see your journal.\n  When you record an evaluation about a counterparty, that observation stays on\n  your disk — there is no automatic upload, no shared reputation database, no\n  cross-agent broadcast.\n- **Recordings** (`recordings/\u003cid\u003e/`) — full message-by-message logs of\n  conversations you explicitly asked the toolkit to record. Same locality\n  guarantees.\n\nWhat flows off-machine (only with explicit configuration):\n\n- **Tier-2 platform queries** — if `SYNPAREIA_MOLTBOOK_API_URL` or other\n  Tier-2 adapter URLs are set, `check_media_signals` calls those endpoints with\n  the counterparty's handle. Otherwise, no network calls.\n- **Tier-3 attestation queries** — if `SYNPAREIA_NETWORK_URL` or\n  `SYNPAREIA_MOLTRUST_API_KEY` are set, `attested_reputation` queries those\n  services. Otherwise, no network calls.\n- **Witness service** — if `SYNPAREIA_WITNESS_URL` is set, the `witness_*`\n  tools talk to that service to obtain timestamp seals. The witness only sees\n  hashes and signatures, never your content. The current synpareia witness is\n  sparse-witness (Position 4): it does not persist `requester_id`, so the\n  attestation is not linkable to your identity beyond what you re-link\n  yourself.\n\nSubject-rights / GDPR notes (where the GDPR applies to your agent's\noperations):\n\n- All journal data lives on the data subject's own machine. Erasure is\n  achieved by deleting the relevant record (`forget_counterparty` is on the\n  v0.5 roadmap; today, edit `counterparties.json` directly).\n- The toolkit imposes no retention period — observations persist until you\n  delete them. If your operating environment requires a maximum retention,\n  enforce it externally.\n- The toolkit creates no shadow profiles: counterparties are recorded only\n  when your agent explicitly calls `remember_counterparty`. There is no\n  ambient observation.\n\nThis is not legal advice; review with counsel for your specific deployment.\n\n## Built on\n\n- [synpareia](https://pypi.org/project/synpareia/) — cryptographic primitives (Ed25519, SHA-256, hash-linked chains)\n- [MCP](https://modelcontextprotocol.io/) — Model Context Protocol for AI tool integration\n\n## License\n\nApache 2.0\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsynpareia%2Ftrust-mcp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsynpareia%2Ftrust-mcp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsynpareia%2Ftrust-mcp/lists"}