Server data from the Official MCP Registry
Free proof-of-existence attestation for digital files, MCP tools for the imgauth service.
Free proof-of-existence attestation for digital files, MCP tools for the imgauth service.
Valid MCP server (2 strong, 3 medium validity signals). No known CVEs in dependencies. Package registry verified. Imported from the Official MCP Registry.
8 files analyzed · 1 issue found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Set these up before or after installing:
Environment variable: IMGAUTH_API_KEY
Environment variable: IMGAUTH_BASE_URL
Environment variable: IMGAUTH_CERT_PAGE_BASE
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-spazio-genesi-attest-mcp": {
"env": {
"IMGAUTH_API_KEY": "your-imgauth-api-key-here",
"IMGAUTH_BASE_URL": "your-imgauth-base-url-here",
"IMGAUTH_CERT_PAGE_BASE": "your-imgauth-cert-page-base-here"
},
"args": [
"-y",
"@spazio-genesi/attest-mcp"
],
"command": "npx"
}
}
}From the project's GitHub README.
MCP server for Spazio Genesi's attestation service — attest, verify, and check the existence of digital works from any MCP-capable AI agent (Claude Code, Claude Desktop, etc.).
Full privacy: file bytes never leave your device. The fingerprint (SHA-256) is computed locally, streamed from disk — only the hash and optional metadata are sent.
The attestation service timestamps a file's SHA-256 fingerprint, signs it (HMAC), and can produce a signed PDF certificate plus an OpenTimestamps proof anchored in Bitcoin. This server exposes that service as MCP tools, so an agent can attest and verify works on your behalf without a browser.
Several MCP servers can submit a hash to an OpenTimestamps calendar. As far as we know, this is the only one that hands back a complete proof of existence — a signed PDF certificate, a recognized RFC 3161 timestamp, and a Bitcoin anchor — for free, with the file's bytes never leaving the caller's machine. No account, no upload, no paid notarization chain. If you know of another MCP server with the same combination (full certificate + free + local hashing), we'd genuinely like to hear about it — open an issue.
Claude Desktop — one command, no manual JSON editing:
npx -y @spazio-genesi/attest-mcp-setup
This finds your claude_desktop_config.json (Windows/macOS/Linux), adds the
attest-mcp entry, and backs up the original file first. It refuses to touch
anything if the existing file isn't valid JSON — it never guesses. Restart
Claude Desktop afterwards. To remove it again: add --uninstall. To preview
without writing: add --dry-run.
Claude Code:
claude mcp add attest-mcp -- npx -y @spazio-genesi/attest-mcp
Manual / other clients — add this to your MCP client's config:
{
"mcpServers": {
"attest-mcp": {
"command": "npx",
"args": ["-y", "@spazio-genesi/attest-mcp"]
}
}
}
Two ways to authenticate, matching the underlying service:
IMGAUTH_API_KEY environment variable.authorize tool with no
arguments. It returns a URL — open it, approve with the human-verification
widget, then call authorize again with the returned code. The session
token (24h, 20 attestations) is saved to ~/.config/attest-mcp/credentials.json
(permissions 600 where supported) and used automatically after that.Either way, the credential only unlocks the anti-bot check on attestation — the server-side timestamp, cryptographic signature, and rate limits are unchanged.
| Tool | What it does |
|---|---|
authorize | Start or continue the device-flow authorization. |
attest_file | Hash a local file (streamed) and attest it. |
get_certificate_pdf | Mint a fresh signed PDF, or recover an already-archived one, saved to disk. |
verify_file | Hash a local file and check it against a declared hash + signature. |
verify_certificate | Verify a certificate's signature without a local file. |
check_anchor | Check/download the OpenTimestamps (Bitcoin) proof. |
service_status | Traffic-light status of the attestation service. |
| Env var | Default | Purpose |
|---|---|---|
IMGAUTH_API_KEY | — | API key credential, bypasses the device flow. |
IMGAUTH_BASE_URL | https://imgauth.spaziogenesi.org | Override for local development (http://localhost:8787). |
IMGAUTH_CERT_PAGE_BASE | https://attestazione.spaziogenesi.org | Override for the permanent-certificate-page base URL. |
The certificate PDF and its text are in Italian (Spazio Genesi is an Italian non-profit and the certificate is a legal-facing document). The MCP tool descriptions and this README are in English for an international audience.
npm install
npm test # unit tests (hash vectors)
IMGAUTH_BASE_URL=http://localhost:8787 npm start # against a local `wrangler dev`
MIT — see LICENSE. This is a client for the attestation service; the service itself (imgauth) is AGPL-3.0.
Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Web content fetching and conversion for efficient LLM usage
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.