MCP tool-call receipt signing — Cedar policy decisions linked to governance receipts
Project description
MCP Receipt Governed
MCP tool-call receipt signing integration for Agent Governance Toolkit.
Every MCP tool invocation optionally produces a signed governance receipt linking the Cedar policy decision to the tool call, providing a cryptographically verifiable audit trail for agent operations.
Quick Start
from mcp_receipt_governed import McpReceiptAdapter
adapter = McpReceiptAdapter(
cedar_policy="""
permit(principal, action == Action::"ReadData", resource);
forbid(principal, action == Action::"DeleteFile", resource);
""",
cedar_policy_id="policy:mcp-tools:v1",
signing_key_hex="a" * 64, # Replace with real Ed25519 seed
)
# Govern a tool call — produces a signed receipt
receipt = adapter.govern_tool_call(
agent_did="did:mesh:agent-1",
tool_name="ReadData",
tool_args={"path": "/data/report.csv"},
)
print(f"Decision: {receipt.cedar_decision}")
print(f"Receipt ID: {receipt.receipt_id}")
print(f"Signed: {receipt.signature is not None}")
Features
- Cedar policy binding: Receipt payload includes the Cedar policy ID and allow/deny decision
- Ed25519 signatures: Non-repudiable receipt signing with HMAC-SHA256 fallback
- Canonical JSON hashing: JCS-style deterministic serialization for verifiable receipts
- Receipt store: In-memory audit trail with filtering by agent, tool, or decision
- Zero required dependencies: Works with stdlib only; Ed25519 signing available via
pip install agentmesh-mcp-receipts[crypto]
Installation
# From the repository root
pip install -e agent-governance-python/agentmesh-integrations/mcp-receipt-governed
# With Ed25519 signing support
pip install -e "agent-governance-python/agentmesh-integrations/mcp-receipt-governed[crypto]"
Testing
cd agent-governance-python/agentmesh-integrations/mcp-receipt-governed
pip install -e ".[dev]"
pytest tests/ -v
Architecture
MCP Tool Call
│
▼
┌────────────────────┐
│ McpReceiptAdapter │
│ ┌──────────────┐ │
│ │ Cedar Policy │──┼──▶ allow / deny
│ │ Evaluator │ │
│ └──────────────┘ │
│ ┌──────────────┐ │
│ │ Receipt │──┼──▶ GovernanceReceipt
│ │ Generator │ │ (tool, agent, policy, decision)
│ └──────────────┘ │
│ ┌──────────────┐ │
│ │ Ed25519 │──┼──▶ Signed receipt
│ │ Signer │ │
│ └──────────────┘ │
│ ┌──────────────┐ │
│ │ ReceiptStore │──┼──▶ Audit trail
│ └──────────────┘ │
└────────────────────┘
License
MIT — see LICENSE.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file agentmesh_mcp_receipts-3.6.0.tar.gz.
File metadata
- Download URL: agentmesh_mcp_receipts-3.6.0.tar.gz
- Upload date:
- Size: 11.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: RestSharp/106.13.0.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
707af0d8026b53a1d16bfed39aeb3c5548d5615f61f3895edaa222d7c5212d4c
|
|
| MD5 |
8923b8f1c7851afd81c6a375d17cf9a0
|
|
| BLAKE2b-256 |
1cf844d282bef28f1e6008a7930d9fd39f4074b29108d2c71cd9c38a1b64ef89
|
File details
Details for the file agentmesh_mcp_receipts-3.6.0-py3-none-any.whl.
File metadata
- Download URL: agentmesh_mcp_receipts-3.6.0-py3-none-any.whl
- Upload date:
- Size: 8.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: RestSharp/106.13.0.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
5bc77e4d6d1a44c72250d99a097e43330467d6ddd7489e2f7b7adf244964a789
|
|
| MD5 |
ca0d0e3fec3a302ad100fc727b06c044
|
|
| BLAKE2b-256 |
cdb4bf60313f8932ab5a89f7069c6255d6ef1660cd1357e8d12a7765a0cfa0b5
|
