Skip to main content

MCP server exposing Satsignal tamper-evident anchoring as agent-callable tools.

Project description

satsignal-mcp

MCP server exposing Satsignal tamper-evident anchoring as agent-callable tools.

Any MCP-compatible client (Claude Desktop, Claude Code, agent frameworks that speak MCP over stdio) can call Satsignal directly — no custom SDK required.

What it does

Each anchor call computes a sha256 of the input client-side and sends only the hash to proof.satsignal.cloud. The file/text/JSON bytes never leave the calling machine. The server records the hash on the BSV blockchain and returns a receipt the agent can save or pass on.

Tools

Tool Auth What it does
anchor_file yes sha256 a local file, anchor the digest
anchor_text yes sha256 a UTF-8 string, anchor the digest
anchor_json yes canonicalize JSON (sorted keys, compact, UTF-8), sha256, anchor
lookup_hash no check if a sha256 is on-chain
verify_bundle no open a local .mbnt and chain-confirm via lookup_hash

anchor_* tools accept dry_run: true to preview the sha256 without broadcasting. The Satsignal API itself does not honor dry_run — the flag lives in this MCP layer and short-circuits before any network call.

Configuration

Env var Required Default
SATSIGNAL_API_KEY for anchoring
SATSIGNAL_API_BASE no https://app.satsignal.cloud
SATSIGNAL_MATTER no inbox

Get an API key at https://app.satsignal.cloud. The customer API (POST /api/v1/anchors, bundle download, dashboard) lives on app.satsignal.cloud. proof.satsignal.cloud is the public verifier surface and serves /lookup_hash in mirror-mode — verify_bundle works against either host, but anchoring requires app.*. v0.1.0 shipped with the wrong default and silently 404'd every anchor call.

Install

pip install satsignal-mcp

Claude Desktop config

Add this to claude_desktop_config.json:

{
  "mcpServers": {
    "satsignal": {
      "command": "satsignal-mcp",
      "env": {
        "SATSIGNAL_API_KEY": "sk_...",
        "SATSIGNAL_MATTER": "case-123"
      }
    }
  }
}

Verification model

Each anchor returns a bundle_id, txid, and receipt_url. The proof is independent of Satsignal: anyone can fetch the bundle, verify the on-chain transaction directly against BSV, and check the sha256 matches. satsignal-cli performs the full cryptographic + chain verification; verify_bundle in this MCP server does a faster chain-confirm only (matches the bundle's claimed txid against what the public /lookup_hash index reports for that sha).

Security notes

  • The label, filename, and matter_slug fields you pass are written into the receipt and rendered on the public verifier page. They are also attacker-controllable from any agent calling this server — downstream code that reads these fields should treat them as untrusted text (HTML-escape, never embed in LLM context without an isolation boundary).
  • The API key is sent as Authorization: Bearer … over HTTPS and is never logged or returned in tool output.

License

MIT.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

satsignal_mcp-0.1.3.tar.gz (15.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

satsignal_mcp-0.1.3-py3-none-any.whl (12.0 kB view details)

Uploaded Python 3

File details

Details for the file satsignal_mcp-0.1.3.tar.gz.

File metadata

  • Download URL: satsignal_mcp-0.1.3.tar.gz
  • Upload date:
  • Size: 15.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for satsignal_mcp-0.1.3.tar.gz
Algorithm Hash digest
SHA256 7a8b45a269640d5bd284e2aaf4a5dcd94f79cfe3cd4f95b76cc83e7135992a22
MD5 fc82bceb942d3bae508767d862889867
BLAKE2b-256 a2dbb1936e94917b6bf4a6b9e29a4b1f4abf9bfbc48f69d93130db1c51a51800

See more details on using hashes here.

File details

Details for the file satsignal_mcp-0.1.3-py3-none-any.whl.

File metadata

  • Download URL: satsignal_mcp-0.1.3-py3-none-any.whl
  • Upload date:
  • Size: 12.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for satsignal_mcp-0.1.3-py3-none-any.whl
Algorithm Hash digest
SHA256 b11eaddf816c517201b5c80f4b7e3bf318be2f914f878bd773c8b1a11e964c0f
MD5 626ba88c0dc75991feadd512666986d8
BLAKE2b-256 0f9db1c229a2412a8cca43e41b24f35d17daca696043c57b76bcc878bdadacce

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page