Metadata-Version: 2.4
Name: openterms-mcp
Version: 1.0.0
Summary: MCP server for OpenTerms — cryptographic consent receipts + policy engine + provider verification for AI agents.
Author-email: OpenTerms <hello@openterms.com>
License: Apache-2.0
Project-URL: Homepage, https://openterms.com
Project-URL: Documentation, https://openterms.com/docs
Project-URL: Repository, https://github.com/jstibal/openterms-mcp
Project-URL: Bug Tracker, https://github.com/jstibal/openterms-mcp/issues
Keywords: openterms,mcp,ai,agents,receipts,policy,llm,langchain,crewai
Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Requires-Python: >=3.9
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: httpx>=0.24
Requires-Dist: mcp>=1.0
Dynamic: license-file

Openterms

Open source cryptographic consent receipts + programmable guardrails + provider verification for AI agents.

Your agent proves what it agreed to. Your policy controls what it's allowed to do. The API provider can verify both.

License Tests

Live Demo · Quickstart · Self-Host · MCP Server · Contributing · Open Receipt Spec

What It Does
Openterms sits between your AI agent and the actions it takes. Three layers:

1. Receipts — Before your agent calls an API, it gets an Ed25519-signed receipt. Canonical JSON (RFC 8785), SHA-256 hash, real cryptography. Anyone can verify it using public keys — no API key needed, no trust in the server required.

2. Policy Engine — Daily spending caps, action type whitelists, escalation thresholds. The policy engine evaluates before the receipt is signed. Denied actions never get a receipt.

3. Provider Verification — API providers register their terms URL and verify agent consent before serving requests. One public GET call. Both sides of the transaction trust the proof.

Quickstart
60 seconds to your first receipt:

git clone https://github.com/jstibal/openterms.git
cd openterms
pip install flask pyjwt cryptography pyyaml
bash quickstart.sh
Or with Docker:

git clone https://github.com/jstibal/openterms.git
cd openterms
docker compose up --build
# In another terminal:
bash quickstart.sh
Receipt issuance is free — no wallet, no deposit, no payment required.

Self-Host
Run your own Openterms instance:

# Option 1: Direct
pip install flask pyjwt cryptography pyyaml
python run.py
# Server at http://localhost:5000

# Option 2: Docker
docker compose up --build

# Option 3: Point MCP server at your instance
export OPENTERMS_API_URL=http://localhost:5000
python openterms_mcp_server.py
Everything runs locally. SQLite database, no external dependencies.

Hosted Service
Don't want to self-host? Use the hosted instance at openterms.com — same open source code, managed for you.

MCP Server
10 tools for AI agents:

Tool	What it does
issue_receipt	Signed receipt before any action, with provider verification headers
verify_receipt	Verify receipt cryptographic integrity (public)
verify_receipt_by_hash	Look up and verify by canonical hash (public)
check_balance	Workspace balance
get_pricing	Per-receipt pricing
list_receipts	Recent receipts
get_policy	Active guardrails — call on startup
simulate_policy	Pre-check: would this action be allowed?
policy_decisions	Audit trail of every allow/deny/escalate
provider_activity	Receipt stats for your API (provider auth)
MCP Config
{
  "mcpServers": {
    "openterms": {
      "command": "python3",
      "args": ["openterms_mcp_server.py"],
      "env": {
        "OPENTERMS_API_URL": "https://openterms.com",
        "OPENTERMS_API_KEY": "openterms_your_key_here"
      }
    }
  }
}

How Provider Verification Works
Agent                    Openterms                  API Provider
  |                         |                           |
  |-- issue_receipt ------->|                           |
  |<-- receipt + headers ---|                           |
  |                         |-- webhook notification -->|
  |                         |                           |
  |-- API call + headers ---|-------------------------->|
  |                         |<-- verify/{hash} ---------|
  |                         |-- receipt data ---------->|
  |<--------- response -----|---------------------------|
  
Agent issues receipt → gets X-Openterms-Receipt header
Agent includes header in API call
Provider calls GET /v1/receipts/verify/{hash} — public, no auth
Valid → serve. Invalid → reject.

API Endpoints

Core
Method	Path	Auth	Description
POST	/v1/receipts	Bearer	Issue signed receipt
POST	/v1/receipts/verify	None	Verify receipt
GET	/v1/receipts/verify/{hash}	None	Verify by hash
GET	/v1/receipts	Bearer	List receipts
GET	/.well-known/jwks.json	None	Public signing keys
Policy Engine
Method	Path	Auth	Description
GET	/v1/policy	Bearer	Active policy
PUT	/v1/policy	Admin	Create/update policy
POST	/v1/policy/simulate	Bearer	Test hypothetical action
GET	/v1/policy/decisions	Bearer	Decision audit trail
Provider Verification
Method	Path	Auth	Description
POST	/v1/providers	None	Register as provider
POST	/v1/providers/verify	Provider	Verify domain
GET	/v1/provider/stats	Provider	Receipt stats
GET	/v1/provider/receipts	Provider	Recent receipts

Tests

make test
# 120 tests passing (80 core + 40 provider verification)
Architecture
openterms/
├── app.py                    # Flask API (1135 lines)
├── db.py                     # SQLite database (15 tables)
├── openterms_mcp_server.py   # MCP server + CLI (10 tools)
├── core/
│   ├── canonical.py          # RFC 8785 canonicalization
│   └── signing.py            # Ed25519 signing + JWKS
├── services/
│   ├── receipt_service.py    # Receipt pipeline
│   ├── ledger_service.py     # Balance tracking
│   └── policy_engine.py      # Rule evaluation
├── tests/
│   ├── test_core.py          # 80 tests
│   └── test_mvp3.py          # 40 tests
├── Dockerfile
├── docker-compose.yml
├── quickstart.sh
└── .env.example

Roadmap

Phase	Status	What it does
MVP1	✅ Shipped	Signed receipts — record what happened
MVP2	✅ Shipped	Policy engine — enforce what's allowed
MVP3	✅ Shipped	Provider verification — both sides trust the proof

ORS Spec	🔄 In progress	Open Receipt Specification — portable format

Integrations	🔄 In progress	LangChain, CrewAI one-line callbacks

MVP4	Planned	Receipt chaining, agent certification

Contributing

See CONTRIBUTING.md. We especially welcome framework integrations, language SDKs, and feedback on the Open Receipt Specification.

License
Apache 2.0 — see LICENSE.

Copyright 2026 Staticlabs Inc.
