Skip to content

spt-mcp-server

SmartPoints MCP Server --- trust operations for Copilot and agent integrations

Overview

spt-mcp-server is an HTTP-based MCP server (binary crate) that exposes SPT trust and identity operations as tools for Copilot, Claude, and other AI agent integrations. It provides REST endpoints for agent identity verification, container validation, compliance checking, SLA negotiation, and trust graph queries. Built on Axum with BLAKE3-based content hashing.

Key Features

  • Agent Identity Verification --- verify and create agent DIDs with trust scoring
  • Container Validation --- validate signed SPT containers against a registry
  • Compliance Checking --- evaluate agents against configurable policy rules
  • SLA Negotiation --- negotiate service-level agreements between agents
  • Trust Graph Queries --- query the agent trust graph for relationships
  • Audit Trail --- retrieve tamper-evident audit logs
  • Ephemeral Memory Status --- inspect short-lived memory allocations

Dependencies

Key external dependencies:

  • axum --- HTTP framework
  • tower-http --- CORS and tracing middleware
  • blake3 --- content hashing
  • uuid --- agent identity generation

No internal SPT crate dependencies (standalone server).

Usage

bash
# Run the server
cargo run --bin spt-mcp-server
# Server listens on the configured port (default from env)

Endpoints

MethodPathDescription
GET/healthHealth check
POST/mcp/tools/listList available MCP tools
POST/mcp/tools/callInvoke an MCP tool by name

API Reference

MCP Tools

ToolDescription
verify_agent_identityVerify an agent's DID and trust tier
create_agent_identityRegister a new agent identity
validate_spt_containerValidate a signed container hash
check_complianceRun compliance policy checks
negotiate_slaNegotiate an SLA between agents
query_trust_graphQuery trust relationships
audit_trailRetrieve audit log entries
ephemeral_memory_statusCheck ephemeral memory state

Core Types

TypeDescription
McpToolCallIncoming tool call request (name + arguments)
McpToolResultTool result with content blocks and error flag
AppStateShared state: agents, containers, policies
AgentRecordAgent identity with DID, trust tier, credentials
ContainerRecordSigned container metadata
ComplianceCheckPolicy requirement check result

Released under the MIT License.