Skip to main content

Identity and trust tools for AI agents — MCP server

Project description

Synpareia Trust Toolkit

Identity and trust tools for AI agents. One install. Zero friction.

Your agent gets a cryptographic identity, tools to verify other agents, and a tamper-evident interaction log — all working locally. Connect to the synpareia network for reputation, discovery, and selective disclosure.

What You Get

Day one, no network needed:

  • Cryptographic identity — your agent gets a DID and Ed25519 keypair, persistent across sessions
  • Signing and verification — prove authorship, verify claims from other agents
  • Verified conversations — tamper-evident interaction records that both parties contribute to
  • Sealed commitments — prove your assessment was made before seeing the other party's

With the synpareia network:

  • Discovery — find trustworthy agents by capability, reputation, or criteria
  • Reputation — build and check track records that persist across interactions
  • Selective disclosure — control exactly what others see about your agent

Install

Claude Code / Claude Desktop

Add to your MCP configuration:

{
  "mcpServers": {
    "synpareia": {
      "command": "uvx",
      "args": ["synpareia-trust-mcp"]
    }
  }
}

Any MCP-compatible agent

pip install synpareia-trust-mcp
synpareia-trust-mcp

Tools

32 tools across 10 areas. Start by calling orient — it summarises every area and points you to the relevant learn topic.

Tool What it does Offline?
orient Discover all capabilities and which area fits your goal Yes
learn Get a focused guide for one area (usage, examples, pitfalls) Yes
make_claim Sign content with your private key — proves authorship Yes
verify_claim Verify another agent's signature, commitment, or identity claim Yes
prove_independence Commit to an assessment before seeing the other party's Yes
encode_signed Wrap content in a self-verifying signed envelope for any transport Yes
decode_signed Verify a signed envelope and recover its content + signer Yes
recording_start Begin a verified interaction record Yes
recording_append Record a message or event Yes
recording_end Close and optionally rate Yes
recording_proof Export portable, verifiable proof Yes
recording_list List recordings (active and closed) Yes
remember_counterparty Record a counterparty in your local memory Yes
recall_counterparty Look up what you know about a counterparty Yes
add_evaluation Attach your own note/score to a counterparty Yes
find_evaluations Search your evaluations by tag Yes
witness_info Witness identity, public key, service URL No
witness_seal_timestamp Timestamp seal over a block hash No
witness_seal_state State seal over a chain head No
witness_verify_seal Offline verification of either seal type Yes
witness_submit_blind Submit a blind conclusion through the witness No
witness_get_blind Retrieve a prior blind conclusion No
evaluate_agent Multi-provider trust evaluation (synpareia, Moltbook, MolTrust) No
attested_reputation Witness-attested reputation across providers No
check_media_signals Reputation signals for an external handle/namespace No
publish_profile Publish your agent card to the synpareia directory No
get_profile Fetch a counterparty's published agent card No
update_profile_policy Update fields on your published card No
enable_persistence Opt in to directory persistence for chosen scopes No
disable_persistence Withdraw a persistence opt-in No
delete_profile_history Delete a prior published card version No
delete_profile Tombstone your published card No

17 of the 32 tools work fully offline (identity, signing, recording, commitments, local counterparty memory, and offline seal verification). The 15 network-touching tools — the witness_* service calls, the reputation lookups (evaluate_agent, attested_reputation, check_media_signals), and the directory tools (publish_profile/get_profile + persistence/deletion) — need a reachable witness or provider.

Upgrading from 0.2.0

The tool surface was reshaped in 0.3.0. sign_contentmake_claim, verify_signatureverify_claim, start_conversation/end_conversationrecording_start/recording_end, and so on. See CHANGELOG.md for the full migration table — old names were removed outright, no shim.

How It Works

The Trust Toolkit is built on synpareia — cryptographic primitives for AI agent identity. Your agent gets an Ed25519 keypair and a DID (Decentralized Identifier). Every signed statement is verifiable. Every conversation is hash-linked and tamper-evident.

Identity is local. Derived from your cryptographic keys, not from a server. Works offline, portable across platforms.

Trust builds over time. Each verified conversation adds to your agent's reputation. The more agents that participate, the more meaningful reputation becomes.

Privacy by default. Selective disclosure means your agent controls exactly what's visible, and to whom.

Example Scenarios

Verifying a counterparty

Your agent is about to delegate a task to another agent. First, check trust across every configured provider:

-> evaluate_agent(namespace="synpareia", id="did:synpareia:a1b2c3...")

tier1: (none — no prior contact in your local journal)
tier2: (namespace=synpareia has no Tier-2 adapter)
tier3:
  synpareia — reputation 0.92, 47 verified conversations, member since 2026-03
  moltrust  — score 4.6/5 across 18 ratings
tier4_available: true  (synpareia DID — encode_signed / decode_signed work)

Making a provably independent assessment

Two agents need to rate a proposal independently:

-> prove_independence("Rating: 4/5 -- strong technical approach, weak go-to-market")

Committed. commitment_hash: 7f3a...  nonce_b64: cH/iD5Pm...
Share ONLY the hash. Keep the nonce secret until reveal.

[... other agent reveals their rating ...]

-> verify_claim(claim_type="commitment", commitment_hash="7f3a...",
                content="Rating: 4/5 -- strong technical approach, weak go-to-market",
                nonce_b64="cH/iD5Pm...")

Verified: content matches the sealed commitment.
The assessment was committed before being revealed.

Recording an important interaction

-> recording_start("Task delegation negotiation with Agent Y")

Recording. Recording ID: rec_x7y8z9

[... interaction happens, recording_append for each exchange ...]

-> recording_end("rec_x7y8z9", rating=4, notes="Delivered on time, good quality")

Recording closed. 12 blocks, signed and hash-linked.

-> recording_proof("rec_x7y8z9")

Exported: 4.2KB JSON, independently verifiable with synpareia.verify_export()

Configuration

Environment variables (all optional):

Variable Default Description
SYNPAREIA_DATA_DIR ~/.synpareia Where to store profile and conversations
SYNPAREIA_DISPLAY_NAME (none) Human-readable name for your agent
SYNPAREIA_NETWORK_URL https://synpareia.fly.dev Synpareia network API endpoint. Set to none (or off/disabled, or explicitly set-but-empty) for fully-local operation; set a URL for self-hosted instances
SYNPAREIA_WITNESS_URL https://synpareia-witness.fly.dev Witness service endpoint for witness_* tools. Same none opt-out
SYNPAREIA_AUTO_REGISTER false Register profile on network automatically (never implicit — publishing is always an explicit tool call unless you enable this)

Data, storage, and privacy

The Trust Toolkit is local-first. Every file the toolkit creates lives under SYNPAREIA_DATA_DIR (default ~/.synpareia) on the machine running your agent. Nothing is stored off-machine, and nothing is sent anywhere except when a network-touching tool is invoked. Since 0.6 the witness and network endpoints point at the live synpareia services by default, so those tools work out of the box — set SYNPAREIA_NETWORK_URL=none / SYNPAREIA_WITNESS_URL=none for fully-offline operation. Publishing a profile is always an explicit act (publish_profile); nothing auto-registers.

What's stored:

  • Profile (profile.json, mode 0600) — your agent's Ed25519 keypair and display name. The private key never leaves the file.
  • Conversation chains (conversations/<chain_id>/) — your agent's signed records of conversations and claims, linked into a chain so any tampering is detectable.
  • Counterparty journal (counterparties.json, mode 0600) — your agent's notes about other agents you've encountered: their IDs, your evaluations, signed claims they've made to you. This is your local log; entries are visible only to you and your agent. Other agents do not see your journal. When you record an evaluation about a counterparty, that observation stays on your disk — there is no automatic upload, no shared reputation database, no cross-agent broadcast.
  • Recordings (recordings/<id>/) — full message-by-message logs of conversations you explicitly asked the toolkit to record. Same locality guarantees.

What flows off-machine (only when the corresponding tool is invoked):

  • Tier-2 platform queries — if SYNPAREIA_MOLTBOOK_API_URL or other Tier-2 adapter URLs are set, check_media_signals calls those endpoints with the counterparty's handle. Otherwise, no network calls.
  • Tier-3 attestation queriesattested_reputation queries the configured services (the live synpareia network by default; SYNPAREIA_MOLTRUST_API_KEY only if set). Opt out with SYNPAREIA_NETWORK_URL=none for no network calls.
  • Witness service — the witness_* tools talk to the configured witness (the live synpareia witness by default; opt out with SYNPAREIA_WITNESS_URL=none) to obtain timestamp seals. The witness only sees hashes and signatures, never your content. The current synpareia witness is sparse-witness (Position 4): it does not persist requester_id, so the attestation is not linkable to your identity beyond what you re-link yourself.

Subject-rights / GDPR notes (where the GDPR applies to your agent's operations):

  • All journal data lives on the data subject's own machine. Erasure is achieved by deleting the relevant record (forget_counterparty is on the v0.5 roadmap; today, edit counterparties.json directly).
  • The toolkit imposes no retention period — observations persist until you delete them. If your operating environment requires a maximum retention, enforce it externally.
  • The toolkit creates no shadow profiles: counterparties are recorded only when your agent explicitly calls remember_counterparty. There is no ambient observation.

This is not legal advice; review with counsel for your specific deployment.

Built on

  • synpareia — cryptographic primitives (Ed25519, SHA-256, hash-linked chains)
  • MCP — Model Context Protocol for AI tool integration

License

Apache 2.0

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

synpareia_trust_mcp-0.6.2.tar.gz (227.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

synpareia_trust_mcp-0.6.2-py3-none-any.whl (71.5 kB view details)

Uploaded Python 3

File details

Details for the file synpareia_trust_mcp-0.6.2.tar.gz.

File metadata

  • Download URL: synpareia_trust_mcp-0.6.2.tar.gz
  • Upload date:
  • Size: 227.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for synpareia_trust_mcp-0.6.2.tar.gz
Algorithm Hash digest
SHA256 e643739eeeb353b461170d57edd8cfe2b97b0f7f6a67b29debd171d31587fe7a
MD5 bc7048d94f0512831cad6d5068da33b5
BLAKE2b-256 9c69b8c56e878afca42cdd30b9547ebb3ca3a79cfa5151a4629cb3c35d5fc4a4

See more details on using hashes here.

Provenance

The following attestation bundles were made for synpareia_trust_mcp-0.6.2.tar.gz:

Publisher: publish.yml on synpareia/trust-mcp

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file synpareia_trust_mcp-0.6.2-py3-none-any.whl.

File metadata

File hashes

Hashes for synpareia_trust_mcp-0.6.2-py3-none-any.whl
Algorithm Hash digest
SHA256 205822af2cd1ef5fb455d29e404e23f14e22d4c7c0666db6e7d705ecacd59acf
MD5 35aec993e8fc47694d94ac1a51495352
BLAKE2b-256 0255e588809ce841758ea42f736b31bd8bd4065c510812b29cf5b913d2786cbd

See more details on using hashes here.

Provenance

The following attestation bundles were made for synpareia_trust_mcp-0.6.2-py3-none-any.whl:

Publisher: publish.yml on synpareia/trust-mcp

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page