How do I install Cryptair?

Cryptair is a local plugin. Install it using npm package: @cryptair/mcp-server and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

What credentials does Cryptair need?

Cryptair requires the following credentials or environment variables: CRYPTAIR_API_KEY, CRYPTAIR_EMAIL, CRYPTAIR_BASE_URL. You can find setup instructions on the server detail page.

What AI apps work with Cryptair?

Cryptair uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Cryptair MCP Server

by Syronius

Developer ToolsModerate6.2MCP RegistryLocal

Free

Server data from the Official MCP Registry

Tamper-evident attestation tools for AI agents — on-chain receipts on Hedera Hashgraph mainnet.

About

Tamper-evident attestation tools for AI agents — on-chain receipts on Hedera Hashgraph mainnet.

Security Report

6.2

Moderate6.2Moderate Risk

Cryptair MCP server is well-designed with proper authentication, secure credential handling, and clean code structure. The server appropriately uses API keys stored locally, validates all inputs with Zod schemas, and makes only expected network calls to the Cryptair API. Permissions align well with its stated purpose of cryptographic attestation. Minor observations include broad error handling and lack of request timeout configuration, but these are low-severity quality issues that do not materially impact security. Supply chain analysis found 2 known vulnerabilities in dependencies (0 critical, 2 high severity). Package verification found 1 issue.

6 files analyzed · 6 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

env_vars

Check that this permission is expected for this type of plugin.

File System Read

Reads files on your machine. Normal for tools that analyze or process local data.

File System Write

Writes or modifies files on your machine. Check that this is expected for the tool.

HTTP Network Access

Connects to external APIs or services over the internet.

What You'll Need

Set these up before or after installing:

Optional. Pre-configured Cryptair API key. If unset, the agent can call register_agent at runtime to self-register and the key is silently stored at ~/.cryptair/credentials.json.Required

Environment variable: CRYPTAIR_API_KEY

Optional. Email used as fallback when submit_attestation auto-provisions a counterparty account.Optional

Environment variable: CRYPTAIR_EMAIL

Optional. Override the API base URL for self-hosted or staging environments. Defaults to https://www.cryptair.io.Optional

Environment variable: CRYPTAIR_BASE_URL

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-syronius-cryptair-mcp-server": {
      "env": {
        "CRYPTAIR_EMAIL": "your-cryptair-email-here",
        "CRYPTAIR_API_KEY": "your-cryptair-api-key-here",
        "CRYPTAIR_BASE_URL": "your-cryptair-base-url-here"
      },
      "args": [
        "-y",
        "@cryptair/mcp-server"
      ],
      "command": "npx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

Cryptair MCP Server

Cryptographic attestation for AI agents, exposed as native MCP tools.

Lets any MCP-capable agent (Claude Desktop, Cursor, Cline, Windsurf, Zed, …) prove agreements, certify documents, and verify counterparty claims with on-chain receipts on Hedera Hashgraph. Works zero-config out of the box: agents can self-register and start using attestation immediately, with no email verification or human-in-the-loop signup.

What It Does

Cryptair lets two agents (or an agent and a human) prove they agreed on the same digital artifact at a specific moment. Every confirmed agreement is written as a SHA-256 hash to Hedera Hashgraph, producing a permanent, third-party-verifiable receipt.

This MCP server exposes six tools that map cleanly to how agents think:

Tool	When to call
`certify_document`	"I want to prove this file existed at this moment."
`verify_document`	"Has this document been attested before? Is it tampered?"
`initiate_attestation`	"I want my counterparty to confirm they have the same document I do."
`submit_attestation`	"I received an attestation link from someone — confirm I have the matching file."
`check_attestation`	"What's the status of this attestation session?"
`register_agent`	"Create a Cryptair account for me so I can authenticate."

Install

npm install -g @cryptair/mcp-server

Or run directly via npx (no install needed):

npx -y @cryptair/mcp-server

Configuration

Claude Desktop

Edit ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows):

{
  "mcpServers": {
    "cryptair": {
      "command": "npx",
      "args": ["-y", "@cryptair/mcp-server"]
    }
  }
}

Cursor

Edit ~/.cursor/mcp.json:

{
  "mcpServers": {
    "cryptair": {
      "command": "npx",
      "args": ["-y", "@cryptair/mcp-server"]
    }
  }
}

Cline / Windsurf / Zed

All MCP-capable clients use the same config shape. Point them at npx -y @cryptair/mcp-server.

Optional: Pre-configure Credentials

If you already have a Cryptair API key, you can supply it via env so the agent skips registration:

{
  "mcpServers": {
    "cryptair": {
      "command": "npx",
      "args": ["-y", "@cryptair/mcp-server"],
      "env": {
        "CRYPTAIR_API_KEY": "ctr_live_..."
      }
    }
  }
}

Otherwise, the agent will call register_agent the first time it needs authentication, and the API key is silently stored at ~/.cryptair/credentials.json for future use.

Example Agent Prompts

After installing, try prompts like:

"Certify the contents of ~/Documents/proposal-v3.pdf so we have a timestamped receipt."

"Send ~/Documents/contract.pdf to Acme Corp and get them to formally acknowledge receipt — generate the link."

"Acme sent me this Cryptair link: https://www.cryptair.io/attest/abc...?token=xyz. Confirm ~/Downloads/contract.pdf matches what they sent."

"What's the status of attestation session abc-123?"

The agent will pick the right tool and handle credential bootstrapping automatically.

How Attestation Works

Single-party (certify_document)

The MCP server hashes the file locally with SHA-256.
The hash is sent to Cryptair, which writes it to a Hedera Consensus Service topic.
You get back a Hedera transaction ID, consensus timestamp, and a public certificate URL.
Anyone can verify by re-hashing the file and calling verify_document — the file content never has to leave your machine.

Two-party (initiate_attestation + submit_attestation)

Agent A initiates with a document hash and counterparty name. Cryptair returns a shareable URL.
Agent A sends the URL to Agent B via any channel (email, Slack, etc.).
Agent B opens the URL and submits the file they have. Their MCP server hashes it locally.
Cryptair compares hashes server-side:
- Match → both parties' agreement is written to Hedera. Permanent record.
- Mismatch → tamper event is written to Hedera. Both parties are notified.

Agent B does not need a Cryptair account to participate. If Agent B supplies an email when submitting, an account is auto-provisioned for them and the API key is silently persisted by their MCP server — so they can initiate their own attestations later without any signup friction.

Why MCP, Not Skills

This server is cross-vendor by design. Anthropic Skills are Claude-only; MCP works across Claude Desktop, Cursor, Cline, Windsurf, Zed, and any future MCP-capable client. One install, every agent ecosystem.

Environment Variables

Variable	Purpose	Default
`CRYPTAIR_API_KEY`	Pre-configured API key. Skips `register_agent`.	(none)
`CRYPTAIR_EMAIL`	Email used for `submit_attestation` auto-provisioning if omitted from the call.	(none)
`CRYPTAIR_BASE_URL`	API base URL. Override for self-hosted or staging.	`https://www.cryptair.io`

Development

git clone https://github.com/Syronius/cryptair-mcp-server
cd mcp-server
npm install
npm run build
npm start

The server speaks JSON-RPC over stdio. To test manually, send tools/list to confirm all six tools are registered.

Free Tier & Pricing

The Cryptair free tier currently lets every account originate a small number of attestations per month. Counterparty completion (submit_attestation) is always free. Heavy users can top up with prepaid credits — see cryptair.io/pricing for details.

License

MIT

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

Cryptair MCP Server

About

Security Report

Findings (6)Action required

Permissions Required

What You'll Need

How to Install

Documentation

Cryptair MCP Server

What It Does

Install

Configuration

Claude Desktop

Cursor

Cline / Windsurf / Zed

Optional: Pre-configure Credentials

Example Agent Prompts

How Attestation Works

Why MCP, Not Skills

Environment Variables

Development

Free Tier & Pricing

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Git

Toleno

mcp-creator-python

MarkItDown

mcp-creator-typescript

Google Workspace MCP