➡️ attestable-mcp-server
@co-browser
关于 ➡️ attestable-mcp-server
Verify that any MCP server is running the intended and untampered code via hardware attestation.
基本信息
配置
工具
未检测到工具
工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。
概览
What is attestable-mcp-server?
attestable-mcp-server is an MCP (Model Context Protocol) server that can be remotely attested by MCP clients. It uses a trusted execution environment (Intel SGX) and RA-TLS to generate a certificate that proves the server is running the exact code built on GitHub Actions. This enables independent verification of the server’s integrity without trusting the hosting provider.
How to use attestable-mcp-server?
Install dependencies: Intel SGX hardware and SDK, Gramine, Python 3.13, and Ubuntu 22.04. Build the Docker image with docker build -t attestable-mcp-server . and run Gramine commands to produce a signed artifact. Start the server on secure hardware with docker run including SGX device mounts, or on a local machine without SGX. MCP clients connect using standard MCP protocol; the RA-TLS handshake provides attestation automatically.
Key features of attestable-mcp-server
- MCP clients can remotely attest the code running on any MCP server.
- MCP servers can optionally remotely attest MCP clients.
- Uses RA-TLS, an extension to TLS that embeds an SGX quote.
- Embeds SGX quote in X.509 certificate with TCG DICE “tagged evidence” OID.
- Enables independent verification via GitHub Actions or local rebuild.
- Docker image signed by GitHub and built in a TEE.
Use cases of attestable-mcp-server
- Ensuring an MCP server runs unmodified code in a confidential computing environment.
- Verifying server integrity before allowing sensitive data or agentic workflows.
- Auditing code provenance through independently reproducible measurements.
- Building bidirectional trust between MCP clients and servers.
FAQ from attestable-mcp-server
What is remote attestation?
Remote attestation uses a trusted execution environment to generate a certificate containing measurements of the running code. The MCP client can verify these measurements against known good values from GitHub Actions, proving the server is running the expected code.
What hardware and software dependencies does attestable-mcp-server require?
It requires Intel SGX hardware, Gramine, Python 3.13, Ubuntu 22.04, and the Intel SGX SDK & PSW. For development, emulated SGX can be used without secure hardware.
How can I independently verify the server code?
You can rebuild the Docker image locally on emulated or real SGX hardware and compare the generated measurements. The GitHub Actions workflow also produces signed artifacts that match the running server.
Does attestable-mcp-server support client attestation?
Yes, MCP servers can optionally remotely attest MCP clients, though the README notes that a client demonstration is still in development.
What protocol does attestable-mcp-server use for attestation?
It uses RA-TLS, an extension to TLS that adds machine- and code-specific measurements. The SGX quote is embedded in an X.509 certificate extension using the TCG DICE “tagged evidence” OID.
其他 分类下的更多 MCP 服务器
Production-ready MCP integrations for AI applications
Klavis-AIKlavis AI: MCP integration platforms that let AI agents use tools reliably at any scale
Reactive Resume
amruthpillaiA one-of-a-kind resume builder that keeps your privacy in mind. Completely secure, customizable, portable, open-source and free forever. Try it out today!

EverArt
modelcontextprotocolModel Context Protocol Servers
🚀 Model Context Protocol (MCP) Curriculum for Beginners
microsoftThis open-source curriculum introduces the fundamentals of Model Context Protocol (MCP) through real-world, cross-language examples in .NET, Java, TypeScript, JavaScript, Rust and Python. Designed for developers, it focuses on practical techniques for building modular, scalable,
Unity MCP ✨
justinpbarnettUnity MCP acts as a bridge between AI assistants and your Unity Editor. Give your LLM tools to manage assets, control scenes, edit scripts, and automate tasks within Unity.
评论