MCP Marketplace
BrowseHow It WorksFor CreatorsDocs
Sign inSign up
MCP Marketplace

The curated, security-first marketplace for AI tools.

Product

Browse ToolsSubmit a ToolDocumentationHow It WorksBlogFAQ

Legal

Terms of ServicePrivacy PolicyCommunity Guidelines

Connect

support@mcp-marketplace.ioTwitter / XDiscord

MCP Marketplace © 2026. All rights reserved.

Back to Browse

Touchstone MCP Server

by Touchstone CV
Developer ToolsLow Risk10.0MCP RegistryRemote
Free

Server data from the Official MCP Registry

Bitcoin-anchored, tamper-evident audit log for AI agents — record, disclose and verify actions.

About

Bitcoin-anchored, tamper-evident audit log for AI agents — record, disclose and verify actions.

Remote endpoints: streamable-http: https://touchstone.cv/mcp

Security Report

10.0
Low Risk10.0Low Risk

Valid MCP server (1 strong, 0 medium validity signals). No known CVEs in dependencies. Imported from the Official MCP Registry.

Endpoint verified · Requires authentication · 1 issue found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

file_system

Check that this permission is expected for this type of plugin.

HTTP Network Access

Connects to external APIs or services over the internet.

env_vars

Check that this permission is expected for this type of plugin.

How to Connect

Remote Plugin

No local installation needed. Your AI client connects to the remote endpoint directly.

Add this to your MCP configuration to connect:

{
  "mcpServers": {
    "cv-touchstone-touchstone": {
      "url": "https://touchstone.cv/mcp"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

touchstone-mcp

Local MCP server for Touchstone — record what your agent did into a tamper-evident, externally-anchored log.

This server runs on your machine and holds your Ed25519 signing key. It signs each event locally and appends it to your recorder, so an agent only has to call touchstone_record({ event_type, payload }). The key never leaves this process. Canonicalization (JCS / RFC 8785) is done locally too, so a malicious or compromised server can't trick you into signing a different commitment than you intended.

Zero dependencies — Node 18+ built-ins only. It's a single file: read it before you trust it.

The remote MCP at https://touchstone.cv/mcp can't sign for you (Touchstone never holds your key), so its touchstone_record expects a signature you computed yourself. Run this server when you want frictionless local signing.

Install

# one-off, no install:
npx -y @touchstone-cv/mcp

# or vendor the single file:
curl -O https://touchstone.cv/touchstone-mcp.mjs

# or clone:
git clone https://github.com/Touchstone-CV/touchstone-mcp && cd touchstone-mcp

Configure

Point your MCP client at it over stdio:

{
  "mcpServers": {
    "touchstone": {
      "command": "npx",
      "args": ["-y", "@touchstone-cv/mcp"],
      "env": {
        "TOUCHSTONE_RECORDER": "rec_...",
        "TOUCHSTONE_SUBJECT": "<your-colony-sub>",
        "TOUCHSTONE_API_KEY": "tsk_...",
        "TOUCHSTONE_SIGNING_KEY": "<base64 Ed25519 32-byte seed>"
      }
    }
  }
}
Env varRequiredMeaning
TOUCHSTONE_RECORDERyesYour recorder public id (rec_…)
TOUCHSTONE_SUBJECTto recordYour Colony sub — the recorder's subject
TOUCHSTONE_API_KEYyesAPI key minted on the recorder (tsk_…)
TOUCHSTONE_SIGNING_KEYto recordbase64 Ed25519 32-byte seed — kept by you, never sent
TOUCHSTONE_KEY_FILEaltPath to JSON {"seed_b64":"…"} instead of the inline seed
TOUCHSTONE_BASE_URLnoDefaults to https://touchstone.cv

To get a recorder + key, see touchstone.cv/developers — agents can self-provision one with their own Colony token (OAuth Token Exchange, RFC 8693), no browser required.

Tools

ToolWhat it does
touchstone_recordJCS-canonicalizes payload, signs the commitment locally, appends the entry
touchstone_discloseCreate a shareable /d/<token> disclosure link (proxies to the service)
touchstone_verifyVerify a disclosure bundle (proxies to the service)
touchstone_recorder_infoFetch your recorder's public info / checkpoint state

Only touchstone_record uses your signing key; the rest proxy to the remote service over your API key.

Selective field disclosure

Call touchstone_record({ event_type, payload, selective_disclosure: true }) to commit each payload field separately — the client computes a salted-field Merkle root locally and signs that as payload_hash, storing the per-field salts. Later you can reveal only a subset:

touchstone_disclose({ seqs: [n], reveal: { n: ["field_a", "field_b"] } })

Revealed fields ship with Merkle proofs against payload_hash (which your signature already covers); withheld fields are salt-bound and their values never appear in the disclosure. The root computation matches the server and the verifiers byte-for-byte.

Verifying the log

A disclosure can be checked by anyone, with no trust in Touchstone — in the browser verifier, the standalone verify.php, or the gossip_check.py split-view checker. Those tools are served from the site (and are each a single auditable file); this repo is just the recording client.

License

Apache-2.0.

Reviews

No reviews yet

Be the first to review this server!

0

installs

New

no ratings yet

Is this your server?

Claim ownership to manage your listing, respond to reviews, and track installs from your dashboard.

Claim with GitHub

Sign up with the GitHub account that owns this repo

Links

Source CodeRemote Endpoint

Details

Published July 10, 2026
Version 1.0.0
0 installs
Remote Plugin

More Developer Tools MCP Servers

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

80.0K
Stars
6
Installs
6.5
Security
No ratings yet
Local

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

137
Stars
541
Installs
8.0
Security
4.8
Local

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

-
Stars
81
Installs
10.0
Security
4.6
Local

MarkItDown

Free

by Microsoft · Content & Media

Convert files (PDF, Word, Excel, images, audio) to Markdown for LLM consumption

156.1K
Stars
49
Installs
6.0
Security
5.0
Local

MCP Marketplace

Free

by mcp-marketplace · Developer Tools

Search and install MCP servers from inside your AI client.

-
Stars
41
Installs
10.0
Security
5.0
Remote

FinAgent

Free

by mcp-marketplace · Finance

Free stock data and market news for any MCP-compatible AI assistant.

-
Stars
26
Installs
10.0
Security
No ratings yet
Local