MCP.so
Sign In
T

Trust Gate MCP — First post-quantum MCP server. Policy-gated AI agent decisions with hybrid Ed25519 + ML-DSA-65 (NIST FIPS 204) cryptographic receipts. No Receipt. No Trust.

@Cyber-Warrior-Network

About Trust Gate MCP — First post-quantum MCP server. Policy-gated AI agent decisions with hybrid Ed25519 + ML-DSA-65 (NIST FIPS 204) cryptographic receipts. No Receipt. No Trust.

The first production MCP server with NIST FIPS 204 post-quantum receipts. Every AI agent tool call is policy-gated, hybrid-signed (Ed25519 + ML-DSA-65), and forensically provable — offline, forever. Fail-closed architecture: if the Trust Gate backend is unreachable, every decisio

Basic information

Category

AI & Agents

Transports

stdio

Publisher

Cyber-Warrior-Network

Submitted by

CWNApps

Config

Add this server to your MCP-compatible client using the configuration below.

{
  "mcpServers": {
    "trust-gate": {
      "command": "uvx",
      "args": [
        "trust-gate-mcp"
      ],
      "env": {
        "TRUST_GATE_API_KEY": "your-api-key"
      }
    }
  }
}

Tools

No tools detected

We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.

Overview

What is Trust Gate MCP?

Trust Gate MCP is the first production MCP server implementing NIST FIPS 204 post-quantum receipts. It policy-gates every AI agent tool call and produces hybrid Ed25519 + ML-DSA-65 signed receipts, making each decision provable offline, forever. It is designed for AI agents that require auditable, quantum-resistant proof of their actions.

How to use Trust Gate MCP?

Add to Claude Desktop via a JSON configuration entry with command: "uvx" and args: ["trust-gate-mcp"], set the environment variable TRUST_GATE_API_KEY. For Claude Code, run claude mcp add trust-gate -- uvx trust-gate-mcp. Alternatively, install with pip install trust-gate-mcp and run with the API key set. The server exposes four tools: gate_decision, verify_receipt, check_policy, and health.

Key features of Trust Gate MCP

  • Hybrid Ed25519 + ML-DSA-65 (NIST FIPS 204) signing
  • Policy-gated AI agent decisions with risk scores
  • Offline post-quantum receipt verification
  • Three-layer security: sanitization, policy, fail-closed
  • Fail-closed guarantee: outage makes system more conservative
  • 47 passing unit tests, 51 OWASP ASI checks passed

Use cases of Trust Gate MCP

  • Compliance: meeting EU AI Act Article 50 transparency obligations
  • Quantum-proof auditing: retain verifiable receipts beyond the quantum computing era
  • Security: prevent tool poisoning, injection, and exfiltration attacks
  • Deployment guard: gate code deploys, data writes, or user-facing actions

FAQ from Trust Gate MCP

How does Trust Gate MCP achieve post-quantum security?

Every receipt is hybrid-signed: Ed25519 (classical) and ML-DSA-65 (NIST FIPS 204, security level 3) over the same evidence hash, simultaneously. Both signatures and the ML-DSA-65 public key are embedded in the receipt.

Can receipts be verified offline?

Yes. Provide the ml_dsa_signature and ml_dsa_public_key from the receipt to verify the ML-DSA-65 signature. No backend call or network access is required, and verification remains valid even against a quantum adversary.

What happens if the backend is offline or times out?

The system fails closed: it returns allow: false, risk_score: 1.0, and receipt: null. An outage makes the system more conservative,

Comments

More AI & Agents MCP servers