Server data from the Official MCP Registry
Evidence layer for agent commerce: signed receipts, verification, dispute evidence envelopes.
Evidence layer for agent commerce: signed receipts, verification, dispute evidence envelopes.
Tersign MCP server is a well-structured cryptographic SDK for agent-commerce receipts and evidence management with sound security practices. Authentication and authorization are properly implemented using EIP-712 signatures and environment variable configuration. The codebase shows good input validation via Zod schemas, proper error handling, and no malicious patterns. Minor code quality issues around environment variable handling and broad exception catches do not materially impact security. Supply chain analysis found 2 known vulnerabilities in dependencies (2 critical, 0 high severity). Package verification found 1 issue.
7 files analyzed · 8 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Set these up before or after installing:
Environment variable: TERSIGN_SELLER_KEY
Environment variable: TERSIGN_ISSUER_NAME
Environment variable: TERSIGN_ISSUER_JURISDICTION
Environment variable: TERSIGN_ISSUER_TAX_ID
Environment variable: TERSIGN_LEDGER_URL
Environment variable: TERSIGN_LEDGER_API_KEY
Environment variable: TERSIGN_LEDGER_SELLER_ID
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-tersignhq-evidence": {
"env": {
"TERSIGN_LEDGER_URL": "your-tersign-ledger-url-here",
"TERSIGN_SELLER_KEY": "your-tersign-seller-key-here",
"TERSIGN_ISSUER_NAME": "your-tersign-issuer-name-here",
"TERSIGN_ISSUER_TAX_ID": "your-tersign-issuer-tax-id-here",
"TERSIGN_LEDGER_API_KEY": "your-tersign-ledger-api-key-here",
"TERSIGN_LEDGER_SELLER_ID": "your-tersign-ledger-seller-id-here",
"TERSIGN_ISSUER_JURISDICTION": "your-tersign-issuer-jurisdiction-here"
},
"args": [
"-y",
"tersign"
],
"command": "npx"
}
}
}From the project's GitHub README.
The evidence layer for the agent economy. When software buys from software, someone has to keep the records straight — this SDK gives agent-commerce sellers counter-signed receipts, tamper-evident action records, and jury-ready evidence envelopes on top of x402 settlement.
npm install tersign
offer-receipt extension (EIP-712), plus compliance records (tax/audit-grade fields: EU Art-226b minimal tier / EN 16931 full tier / HK IRO s.51C retention) bound to the base receipt by digest.ActionRecordV1: digest-bound, GDPR-minimized evidence of agent actions and disclosures, mapped to EU AI Act Art-50 obligations.payment-identifier extension ships the key; this ships the semantics (replay cache, Idempotent-Replayed, 409 in-flight/conflict) with pluggable stores (memory, Cloudflare D1).refundOf (ViDA-style), ACP/UCP adjustment vocabulary verbatim.npx tersign-mcp exposes the full loop (issue / verify / refund / dispute) as Model Context Protocol tools for agent frameworks.npx tersign-verify <receipt.json | 0xdigest> recovers signatures and checks the public chain with no account and no trust in Tersign.import { privateKeyToAccount } from 'viem/accounts';
import { Assure, attachToExtensions } from 'tersign';
const assure = new Assure({
signer: privateKeyToAccount(process.env.SELLER_KEY as `0x${string}`),
issuer: { name: 'Example API Ltd', jurisdiction: 'HK', taxId: 'BR-12345678' },
// ledger: { url: 'https://tersign-ledger.kevinn-zhang.workers.dev', apiKey: '…', sellerId: '…' },
});
// after your x402 middleware reports settlement:
const issued = await assure.issueFor({
network: 'eip155:8453',
resourceUrl: 'https://api.example.com/data',
payer: settlement.payer,
settledAt: Math.floor(Date.now() / 1000),
txHash: settlement.transaction,
supplyDescription: 'Market data, per call',
});
return Response.json(attachToExtensions(body, issued));
The official extension gives you the receipt format. This gives you the operation: replay enforcement (x402 #452 punts it to the app layer), refund records, compliance-grade fields your accountant recognizes, dispute-ready evidence — and third-party verifiability via counter-signed hash chains, so your receipts are exhibits, not testimony.
Every counter-signed record is publicly checkable: live ledger + verification — no account, no API key. Venues rotate; the transcript endures.
v0.1 — EIP-712 receipts, MINIMAL-tier compliance records, action records, disputes v0, evidence envelopes (Internet Court / Kleros / UMA), memory + D1 idempotency stores, MCP server, verify CLI. Wire formats are digest-bound and schema-evolvable; cross-implementation vectors are pinned in CI. MIT.
Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.