Complete examples showing how to add signed, independently verifiable audit trails to AI agent tool calls, including cybersecurity use cases for vulnerability disclosure.
Each example uses protect-mcp to wrap MCP tool servers with Cedar policies and Ed25519-signed receipts. Every tool call produces a cryptographic receipt that can be verified offline by anyone -- without contacting the original issuer.
| Example | Description | Time |
|---|---|---|
| claude-code-hooks | Add protect-mcp as Claude Code hooks. Every tool call gets a signed receipt and Cedar policy check. | ~2 min |
| express-api-gateway | Wrap an Express-based MCP server with JSON policies and rate limiting. | ~5 min |
| mcp-server-signing | Cedar WASM policy engine with per-tool authorization and full audit bundles. | ~10 min |
| takt-workflow-receipts | Add signed receipts to TAKT multi-step workflows. Level 1 external integration. | ~5 min |
| security-vulnerability-disclosure | Receipt-signed vulnerability disclosure lifecycle with Cedar governance policies. For AI security agents. | ~10 min |
- Node.js 20+
- npm 9+
No ScopeBlind account required. All examples run locally.
Every tool call through protect-mcp produces a signed receipt containing:
- Decision -- whether the call was allowed, denied, or logged (shadow mode)
- Policy hash -- SHA-256 of the Cedar or JSON policy that produced the decision
- Timestamp -- when the decision was made
- Tool context -- tool name, truncated input hash, trust tier
- Ed25519 signature -- signs all of the above
Receipts are appended to .protect-mcp-receipts.jsonl (one JSON object per line). Anyone can verify them offline using:
npx @veritasacta/verify .protect-mcp-receipts.jsonlThis checks every signature without contacting any server. The verifier is issuer-blind -- it validates cryptographic integrity without knowing or trusting the original signer.
- scopeblind.com -- project homepage
- protect-mcp on npm -- package documentation
- scopeblind/scopeblind-gateway -- source code
- Cedar language reference -- policy language docs
- scopeblind/scopeblind-gateway -- protect-mcp source code
- VeritasActa/Acta -- open protocol for contestable public records
- VeritasActa/drafts -- IETF internet-draft source
- protect-mcp on npm -- MCP gateway with Cedar policies and signed receipts
- protect-mcp-adk on PyPI -- Google ADK receipt signing plugin (Python)
- @veritasacta/verify on npm -- issuer-blind receipt verification CLI
- acta.today/wiki -- live Knowledge Unit demo
- draft-farley-acta-signed-receipts -- IETF signed receipts draft
- draft-farley-acta-knowledge-units -- IETF knowledge units draft