MCPS – Cryptographic identity and message signing for MCP agents
TLS for MCP agents with ECDSA passports and L0-L4 trust levels, zero dependencies.
Content claim signing, policy, watermark, and registry tooling.
Blinded OPRF identities and nuanced verification labels beat C2PA's binary signed/unsigned.
Content creators and AI researchers concerned with training policy enforcement
C2PA · Content Credentials · Truepic
PACT is an open-source toolkit for signing content claims, attaching machine-readable policy metadata to files, and verifying those claims against a hosted trust registry. The initial use case is AI-training policy/provenance: for example, letting a content creator publish a signed “no commercial training” policy record in a way that preserves the privacy of the content and the creator.
Some of the features are: - Actions are append-only (an event log with Merkle batch disclosure) so the registry's full history is publicly auditable. - User identities are registry-scoped to prevent cross-registry tracking, and user identifiers are generated using a blinded OPRF, so the registry never sees raw device data or the derived token - Content commitments are salted, so the registry can hold a valid claim without ever receiving the actual content, and can't be used to reverse-lookup content from the public record - Content commitments are salted, so the registry can hold a valid claim without ever receiving the actual content, and can't be used to reverse-lookup content from the public record. - The ability to dispute potentially fraudulent claims and some initial work to attempt to identify competing claims and possible violations of AI training policies
Im currently hosting a registry instance here: https://ncryptai.com/pact (no login required).
I’d appreciate any feedback and/or requests for features you think might be useful.
TLS for MCP agents with ECDSA passports and L0-L4 trust levels, zero dependencies.
Cryptographic agent messaging protocol—clever identity model, tiny audience.
Cryptographically unlinkable LLM access via blind signatures—genuinely novel privacy layer.
Free browser-only PDF tools with audit trails, but iLovePDF and CyberChef already dominate.
Agent auth via key-signing beats API keys and OAuth for autonomous systems.
Yet another Electron wrapper — tauri and Electron Forge already handle this with more adoption.