Metadata-Version: 2.4
Name: attesto-mcp
Version: 0.1.0
Summary: Attesto MCP server: log actions and verify evidence from MCP clients (contains no AI)
Author-email: Attesto <support@attesto.eu>
License-Expression: Apache-2.0
Project-URL: Homepage, https://attesto.eu
Project-URL: Documentation, https://docs.attesto.eu
Requires-Python: >=3.10
Description-Content-Type: text/markdown
Requires-Dist: attesto>=0.3.0
Requires-Dist: mcp>=1.0
Provides-Extra: dev
Requires-Dist: build>=1; extra == "dev"
Requires-Dist: pytest>=8; extra == "dev"
Requires-Dist: ruff>=0.7; extra == "dev"

# attesto-mcp

An MCP server exposing Attesto evidence tools to MCP clients (Claude
Desktop, Claude Code, or any MCP-compatible host). It contains **no AI**:
five deterministic tools over the Attesto SDK.

| Tool | What it does |
|---|---|
| `log_action` | Log one action to a stream; returns the signed receipt |
| `get_receipt` | Fetch the receipt for an event |
| `verify_receipt` | Verify a receipt **offline** against a pinned witness key |
| `get_stream_head` | Read a stream's current head |
| `verify_completeness` | Prove a seq-range is gap-free + chained, locally |

Payloads are refused if they contain the value of any secret-looking
environment variable (`*_KEY`, `*_TOKEN`, `*_SECRET`, `*_PASSWORD`) — an
MCP host's environment can never leak into committed evidence
(test-enforced).

## Install & configure

```bash
pip install attesto-mcp
```

Claude Desktop (`claude_desktop_config.json`) or Claude Code (`.mcp.json`):

```json
{
  "mcpServers": {
    "attesto": {
      "command": "attesto-mcp",
      "env": {
        "ATTESTO_API_KEY": "atto_...",
        "ATTESTO_BASE_URL": "https://api.attesto.eu"
      }
    }
  }
}
```

Verification tools run locally (the P1.1/P1.3 offline verifiers): the only
trust anchor is the witness public key you pass in.
