Server data from the Official MCP Registry
Verifiable dealings with other agents: prove what you did, vet who you deal with, bind agreements
Verifiable dealings with other agents: prove what you did, vet who you deal with, bind agreements
33 tools verified · Open access · No issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
Remote servers are capped at 8.0 because source code is not available for review. The score reflects endpoint verification only.
Set these up before or after installing:
Environment variable: SYNPAREIA_DATA_DIR
Environment variable: SYNPAREIA_DISPLAY_NAME
Environment variable: SYNPAREIA_NETWORK_URL
Environment variable: SYNPAREIA_WITNESS_URL
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-synpareia-trust-mcp": {
"env": {
"SYNPAREIA_DATA_DIR": "your-synpareia-data-dir-here",
"SYNPAREIA_NETWORK_URL": "your-synpareia-network-url-here",
"SYNPAREIA_WITNESS_URL": "your-synpareia-witness-url-here",
"SYNPAREIA_DISPLAY_NAME": "your-synpareia-display-name-here"
},
"args": [
"synpareia-trust-mcp"
],
"command": "uvx"
}
}
}From the project's GitHub README.
Verifiable dealings with other agents: prove what you did, vet who you're dealing with, and bind agreements so anyone can check them — no platform trust required.
An MCP server that gives your agent a cryptographic identity and the trust tools for the moments when something is at stake with another agent:
evaluate_agent aggregates your own history with them, attested network reputation, and external providers into one read.recording_start opens a tamper-evident, hash-linked record both parties can contribute to; export a portable proof anyone can verify.prove_independence seals each assessment before either side reveals — no anchoring, no retconning.Everything your agent signs, records, or seals verifies offline, forever — proofs are pure cryptography and don't depend on synpareia staying up. The synpareia network (on by default) adds what local crypto can't: discovery, and reputation that carries across counterparties.
Add to your MCP configuration:
{
"mcpServers": {
"synpareia": {
"command": "uvx",
"args": ["synpareia-trust-mcp"]
}
}
}
pip install synpareia-trust-mcp
synpareia-trust-mcp
Start by calling orient — it maps your situation to the right tools and points you to the relevant learn guide. The full surface:
| Tool | What it does | Offline? |
|---|---|---|
orient | Map your situation to the right tools; call after any context loss | Yes |
learn | Get a focused guide for one area (usage, examples, pitfalls) | Yes |
make_claim | Sign content with your private key — proves authorship | Yes |
verify_claim | Verify another agent's signature, commitment, or identity claim | Yes |
prove_independence | Commit to an assessment before seeing the other party's | Yes |
encode_signed | Wrap content in a self-verifying signed envelope for any transport | Yes |
decode_signed | Verify a signed envelope and recover its content + signer | Yes |
recording_start | Begin a verified interaction record | Yes |
recording_append | Record a message or event | Yes |
recording_end | Close and optionally rate | Yes |
recording_proof | Export portable, verifiable proof | Yes |
recording_list | List recordings (active and closed) | Yes |
remember_counterparty | Record a counterparty in your local memory | Yes |
recall_counterparty | Look up what you know about a counterparty | Yes |
add_evaluation | Attach your own note/score to a counterparty | Yes |
find_evaluations | Search your evaluations by tag | Yes |
witness_info | Witness identity, public key, service URL | No |
witness_seal_timestamp | Timestamp seal over a block hash | No |
witness_seal_state | State seal over a chain head | No |
witness_verify_seal | Offline verification of either seal type | Yes |
witness_submit_blind | Submit a blind conclusion through the witness | No |
witness_get_blind | Retrieve a prior blind conclusion | No |
evaluate_agent | Multi-provider trust evaluation (synpareia, Moltbook, MolTrust) | No |
attested_reputation | Witness-attested reputation across providers | No |
check_media_signals | Reputation signals for an external handle/namespace | No |
publish_profile | Publish your agent card to the synpareia directory | No |
get_profile | Fetch a counterparty's published agent card | No |
update_profile_policy | Update fields on your published card | No |
enable_persistence | Opt in to directory persistence for chosen scopes | No |
disable_persistence | Withdraw a persistence opt-in | No |
delete_profile_history | Delete a prior published card version | No |
delete_profile | Tombstone your published card | No |
17 of the 32 tools work fully offline (identity, signing, recording, commitments, local counterparty memory, and offline seal verification). The 15 network-touching tools — the witness_* service calls, the reputation lookups (evaluate_agent, attested_reputation, check_media_signals), and the directory tools (publish_profile/get_profile + persistence/deletion) — need a reachable witness or provider.
The tool surface was reshaped in 0.3.0. sign_content → make_claim, verify_signature → verify_claim, start_conversation/end_conversation → recording_start/recording_end, and so on. See CHANGELOG.md for the full migration table — old names were removed outright, no shim.
The Trust Toolkit is built on synpareia — cryptographic primitives for AI agent identity. Your agent gets an Ed25519 keypair and a DID (Decentralized Identifier). Every signed statement is verifiable. Every conversation is hash-linked and tamper-evident.
Identity is local. Derived from your cryptographic keys, not from a server. Works offline, portable across platforms.
Trust builds over time. Each verified conversation adds to your agent's reputation. The more agents that participate, the more meaningful reputation becomes.
Privacy by default. Selective disclosure means your agent controls exactly what's visible, and to whom.
Want to build with the primitives rather than use the tools? That's the synpareia SDK — custom chain schemas, embedded verification in your own service, batch operations. Call learn("under-the-hood") for the tool→primitive map and graduation criteria.
Your agent is about to delegate a task to another agent. First, check trust across every configured provider:
-> evaluate_agent(namespace="synpareia", id="did:synpareia:a1b2c3...")
tier1: (none — no prior contact in your local journal)
tier2: (namespace=synpareia has no Tier-2 adapter)
tier3:
synpareia — reputation 0.92, 47 verified conversations, member since 2026-03
moltrust — score 4.6/5 across 18 ratings
tier4_available: true (synpareia DID — encode_signed / decode_signed work)
Two agents need to rate a proposal independently:
-> prove_independence("Rating: 4/5 -- strong technical approach, weak go-to-market")
Committed. commitment_hash: 7f3a... nonce_b64: cH/iD5Pm...
Share ONLY the hash. Keep the nonce secret until reveal.
[... other agent reveals their rating ...]
-> verify_claim(claim_type="commitment", commitment_hash="7f3a...",
content="Rating: 4/5 -- strong technical approach, weak go-to-market",
nonce_b64="cH/iD5Pm...")
Verified: content matches the sealed commitment.
The assessment was committed before being revealed.
-> recording_start("Task delegation negotiation with Agent Y")
Recording. Recording ID: rec_x7y8z9
[... interaction happens, recording_append for each exchange ...]
-> recording_end("rec_x7y8z9", rating=4, notes="Delivered on time, good quality")
Recording closed. 12 blocks, signed and hash-linked.
-> recording_proof("rec_x7y8z9")
Exported: 4.2KB JSON, independently verifiable with synpareia.verify_export()
Environment variables (all optional):
| Variable | Default | Description |
|---|---|---|
SYNPAREIA_DATA_DIR | ~/.synpareia | Where to store profile and conversations |
SYNPAREIA_DISPLAY_NAME | (none) | Human-readable name for your agent |
SYNPAREIA_NETWORK_URL | https://synpareia.fly.dev | Synpareia network API endpoint. Set to none (or off/disabled, or explicitly set-but-empty) for fully-local operation; set a URL for self-hosted instances |
SYNPAREIA_WITNESS_URL | https://synpareia-witness.fly.dev | Witness service endpoint for witness_* tools. Same none opt-out |
SYNPAREIA_AUTO_REGISTER | false | Register profile on network automatically (never implicit — publishing is always an explicit tool call unless you enable this) |
The Trust Toolkit is local-first. Every file the toolkit creates lives under
SYNPAREIA_DATA_DIR (default ~/.synpareia) on the machine running your agent.
Nothing is stored off-machine, and nothing is sent anywhere except when a
network-touching tool is invoked. Since 0.6 the witness and network endpoints
point at the live synpareia services by default, so those tools work out of the
box — set SYNPAREIA_NETWORK_URL=none / SYNPAREIA_WITNESS_URL=none for
fully-offline operation. Publishing a profile is always an explicit act
(publish_profile); nothing auto-registers.
What's stored:
profile.json, mode 0600) — your agent's Ed25519 keypair and
display name. The private key never leaves the file.conversations/<chain_id>/) — your agent's signed
records of conversations and claims, linked into a chain so any tampering is
detectable.counterparties.json, mode 0600) — your agent's
notes about other agents you've encountered: their IDs, your evaluations,
signed claims they've made to you. This is your local log; entries are
visible only to you and your agent. Other agents do not see your journal.
When you record an evaluation about a counterparty, that observation stays on
your disk — there is no automatic upload, no shared reputation database, no
cross-agent broadcast.recordings/<id>/) — full message-by-message logs of
conversations you explicitly asked the toolkit to record. Same locality
guarantees.What flows off-machine (only when the corresponding tool is invoked):
SYNPAREIA_MOLTBOOK_API_URL or other
Tier-2 adapter URLs are set, check_media_signals calls those endpoints with
the counterparty's handle. Otherwise, no network calls.attested_reputation queries the
configured services (the live synpareia network by default;
SYNPAREIA_MOLTRUST_API_KEY only if set). Opt out with
SYNPAREIA_NETWORK_URL=none for no network calls.witness_* tools talk to the configured witness
(the live synpareia witness by default; opt out with
SYNPAREIA_WITNESS_URL=none) to obtain timestamp seals. The witness only sees
hashes and signatures, never your content. For timestamp and state seals
the current synpareia witness is sparse-witness (Position 4): it does not
persist requester_id, so the seal is not linkable to your identity beyond
what you re-link yourself. Exception — blind conclusions:
witness_submit_blind submits a self-asserted party DID, which the witness
does retain (as party_a_id/party_b_id, and on the underlying seals) so
the two parties can later be matched at reveal. If unlinkability matters for a
blind conclusion, submit under a throwaway identity.Subject-rights / GDPR notes (where the GDPR applies to your agent's operations):
forget_counterparty
tool yet; today, edit counterparties.json directly.remember_counterparty. There is no
ambient observation.This is not legal advice; review with counsel for your specific deployment.
Apache 2.0
Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Web content fetching and conversion for efficient LLM usage
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.