Attestable MCP Server

MCPOfficialOpen Source38.0

by co-browser • Security & Privacy

A Model Context Protocol (MCP) server that provides remote attestation of the running server code via RA-TLS and Intel SGX so clients can verify server integrity before exchanging data.

Example Use Cases

1
Verify the integrity and provenance of an MCP server's runtime before exchanging sensitive model context metadata.
2
TLS connections augmented with RA-TLS evidence (SGX quotes and pubkey-hash claims) to ensure the server code matches a reproducible, signed build.
3
Reproduce and validate signed server artifacts locally or on secure hardware using the provided GitHub Actions and Gramine/SGX tooling.

Description

This project implements an MCP server running inside a trusted execution environment (TEE) that embeds SGX quotes and evidence claims into TLS certificates using RA-TLS, enabling clients to cryptographically verify the exact code image the server is running. The server can be built and signed in a reproducible way via GitHub Actions (or locally), and the RA-TLS certificate includes the SGX report, certificate chain, and a pubkey-hash claim tying the ephemeral key to the enclave image. It also supports optional mutual attestation where servers can attest clients, and provides Docker/Gramine integration for running on SGX hardware or local development.

Quick Actions

View on GitHub

Security

Scanned 3 month(s) ago

Risk Level

MINIMAL

Read-only data retrieval, no side effects

Trust Score

D40/100

3/17 checks passed

Scores are informational only and provided “as is” without warranty. AgentHotspot assumes no liability for actions taken based on these ratings.

Quick Stats

Service TypeMCP

Pricing ModelFree

Capabilities0 Tools / 0 Prompts / 0 Resources

Ownerco-browser

CategorySecurity & Privacy

DependenciesStandalone