spt-mcp-server
SmartPoints MCP Server --- trust operations for Copilot and agent integrations
Overview
spt-mcp-server is an HTTP-based MCP server (binary crate) that exposes SPT trust and identity operations as tools for Copilot, Claude, and other AI agent integrations. It provides REST endpoints for agent identity verification, container validation, compliance checking, SLA negotiation, and trust graph queries. Built on Axum with BLAKE3-based content hashing.
Key Features
- Agent Identity Verification --- verify and create agent DIDs with trust scoring
- Container Validation --- validate signed SPT containers against a registry
- Compliance Checking --- evaluate agents against configurable policy rules
- SLA Negotiation --- negotiate service-level agreements between agents
- Trust Graph Queries --- query the agent trust graph for relationships
- Audit Trail --- retrieve tamper-evident audit logs
- Ephemeral Memory Status --- inspect short-lived memory allocations
Dependencies
Key external dependencies:
axum--- HTTP frameworktower-http--- CORS and tracing middlewareblake3--- content hashinguuid--- agent identity generation
No internal SPT crate dependencies (standalone server).
Usage
bash
# Run the server
cargo run --bin spt-mcp-server
# Server listens on the configured port (default from env)Endpoints
| Method | Path | Description |
|---|---|---|
| GET | /health | Health check |
| POST | /mcp/tools/list | List available MCP tools |
| POST | /mcp/tools/call | Invoke an MCP tool by name |
API Reference
MCP Tools
| Tool | Description |
|---|---|
verify_agent_identity | Verify an agent's DID and trust tier |
create_agent_identity | Register a new agent identity |
validate_spt_container | Validate a signed container hash |
check_compliance | Run compliance policy checks |
negotiate_sla | Negotiate an SLA between agents |
query_trust_graph | Query trust relationships |
audit_trail | Retrieve audit log entries |
ephemeral_memory_status | Check ephemeral memory state |
Core Types
| Type | Description |
|---|---|
McpToolCall | Incoming tool call request (name + arguments) |
McpToolResult | Tool result with content blocks and error flag |
AppState | Shared state: agents, containers, policies |
AgentRecord | Agent identity with DID, trust tier, credentials |
ContainerRecord | Signed container metadata |
ComplianceCheck | Policy requirement check result |