Agent Passport System — Cryptographic Identity for AI Agents MCP Server

// ALL 150 AGENT PASSPORT SYSTEM — CRYPTOGRAPHIC IDENTITY FOR AI AGENTS TOOLS

READ 83 tools

Read accept_assignment [ANY ROLE] Accept your task assignment. Confirms you're ready to work. Read aps_attribution_receipt_id Representation boundary helper: compute the canonical sha256 id of an AttributionReceipt's unsigned core. V... Read aps_capability_evaluate_authority v0.1 capability-token authority evaluation request (M2). Subject signs a request carrying the sink's M1, th... Read aps_capability_mint_receipt v0.1 capability-token gateway receipt (M3). Gateway signs a permit or deny over the sink's exact challenge_... Read aps_capability_sign_effect v0.1 capability-token sink effect receipt (M4). Sink consumes the token preimage from the gateway's M3 (rej... Read aps_check_artifact_citations Representation boundary: gate a binding artifact's citations. Each citation must resolve to a provided, sig... Read aps_check_escalation_required Escalation boundary: check whether an action on a v2 delegation requires owner confirmation before executio... Read aps_check_projection_consistency Cross-projection consistency check (§2.4): given two projections, confirm they originate from the same sign... Read aps_compute_attribution_action_ref Derive the action_ref (hex sha256) for an action tuple. action_ref is the content-addressed anchor that all... Read aps_compute_data_axis_weights Compute the D-axis fractional weight vector from a list of AccessReceipt records with role, timestamp, and ... Read aps_project_attribution Extract a single-axis projection from an AttributionPrimitive. The projection carries the axis content plus... Read aps_record_owner_confirmation Escalation boundary: owner signs an OwnerConfirmation authorizing a flagged action. Builds the Confirmation... Read aps_sign_attribution_consent Representation boundary: the cited principal adds their consent signature to an AttributionReceipt. Without... Read aps_verify_attribution_consent Representation boundary: verify an AttributionReceipt end-to-end (id, citer signature, consent signature, e... Read aps_verify_attribution_primitive End-to-end verify of a full AttributionPrimitive: constructs projections for all four axes and verifies eac... Read aps_verify_attribution_projection Verify a single-axis AttributionProjection under the issuer's Ed25519 public key. Returns {valid: true} or ... Read aps_verify_promotion Commitment boundary: verify that a promoted statement's PromotionEvent cryptographically satisfies the Prom... Read aps_verify_settlement Verify a signed SettlementRecord under S1-S5 (signature, Merkle roots, conservation, residual shape, option... Read attest_to_floor Attest that your agent agrees to abide by the loaded Values Floor. Read check_aggregate_constraints Check if a data access would violate aggregate rate limits. Read check_combination_permitted Check if combining data from two sources is permitted. Prevents prohibited inferences (HIPAA, COPPA, GDPR A... Read check_jurisdiction_transfer Check if a data transfer is permitted under jurisdiction constraints (EU_ONLY, GDPR_ADEQUATE_ONLY, NO_CROSS... Read check_messages Check messages addressed to you. Reads from comms/to-{your-agent-name}.json. Read check_purpose_permitted Check if a purpose is permitted under source terms. Supports wildcards (research:*) and hierarchical matching. Read check_retention_expired Check if data retention has expired based on TTL policy. Read check_tier Check if an agent's earned tier permits an action at a given autonomy level and spend amount. Returns null ... Read check_usage_permitted Check if a specific usage type is permitted under a governance block's terms. Read classify_evidence_quality Classify attestation evidence quality (none / issuer_vouched / infrastructure / principal_bound) and return... Read compare_timestamps Compare two hybrid timestamps to determine ordering. Read compute_action_ref Compute content-addressed request identity (SHA-256 of agentId + actionType + scope + normalized timestamp)... Read compute_governance_taint Compute governance taint level for an artifact based on its derivation chain and revoked sources. Read declare_reidentification_risk Declare re-identification risk for transformed or synthetic data. Read define_emergency_pathway Define a pre-authorized emergency pathway at delegation time. Only the delegator can define these. Read detect_purpose_drift Detect when data purpose drifts through a workflow (e.g. research → commercial). Read endorse_agent Endorse an agent as a principal. Creates a cryptographic chain: principal → agent. Read evaluate_intent [OPERATOR] Evaluate an intent against the Values Floor policy engine. Returns real pass/fail verdict. Read evaluate_revocation_impact Evaluate what happens when a data source revokes consent. Propagates obligations through derivation chains. Read evaluate_threshold Evaluate whether signatures meet a multi-class threshold policy (Consilium Q5). Read file_data_dispute File a dispute against a data artifact. The protocol records disputes — resolution is external. Read gateway_process_tool_call [deprecated in v3.0.0 — use gateway.aeoess.com REST API] Process a tool call through the gateway enforcemen... Read gateway_stats [deprecated in v3.0.0 — use gateway.aeoess.com REST API] Get gateway statistics. Read get_agora_by_topic Get all messages in a topic. Read get_agora_thread Get a message thread from the Agora feed. Read get_agora_topics List all topics in the Agora feed with message counts. Read get_behavioral_sequence Get the post-issuance behavioral sequence for an agent. Shows the first 10 tool calls after passport issuan... Read get_commerce_spend Get spend analytics for a commerce delegation. Read get_digest Get a personalized digest from the Intent Network: relevant matches, pending intro requests, and incoming i... Read get_evidence [ANALYST/BUILDER/REVIEWER] Get evidence that was handed off to you. Read get_fleet_status Get status of all agents endorsed by the current principal. Read get_my_role Get your current role, assigned tasks, and role-specific instructions. Read get_passport_grade Query the attestation grade and issuance context for a passport. Returns the passport grade (0-3), flags, a... Read get_promotion_history Get the promotion review history for this session. Read get_task_detail Get full details of a specific task including all evidence, reviews, and deliverables. Read handoff_evidence [OPERATOR] Transfer approved evidence from researcher to analyst. Read identify Identify yourself to the coordination server. Sets your role and scopes tools accordingly. Read is_evidence_fresh Check whether typed attestation evidence is still fresh. rotating: ttl required; snapshot: maxAge optional;... Read is_key_active Check if a public key is currently authorized for active operations in a DID document. SDK convenience chec... Read list_agents List registered agents from the agent registry (agora/agents.json). Read list_issuance_records List all stored issuance records with their passport grades. Shows how many passports have been issued in t... Read list_profiles Show available tool profiles. Set APS_PROFILE env var to limit exposed tools (e.g. APS_PROFILE=data). Read list_tasks List all tasks in the coordination store. Read list_tools_for_scope List available MCP tools filtered by delegation scope. Pass your delegation scopes to see which tools you c... Read load_values_floor Load a Values Floor from YAML. Sets the floor principles for policy evaluation. Read mutualAuthDeriveSession Derive the shared mutual-auth session record from both sides' Attests. Both parties MUST compute identical ... Read mutualAuthVerifyAttest Verify a MutualAuthAttest against policy and trust anchors. Runs all 10 verification checks: signature, ver... Read mutualAuthVerifyTrustBundle Verify a TrustAnchorBundle signature and freshness. Caller supplies the list of trusted publisher public ke... Read query_contributions [deprecated in v3.0.0 — use gateway.aeoess.com REST API] Query the data contribution ledger. Read request_human_approval Request human approval for a high-value purchase. Read request_intro Request an introduction to another agent's human based on a match. Both sides must approve before real info... Read respond_to_intro Respond to an introduction request. Approve to share your disclosed information, or decline. Read review_evidence [OPERATOR] Review an evidence packet. Score it and approve, rework, or reject. Read rotate_key Rotate an agent's Ed25519 key. Planned mode: configurable overlap (default 24h). Emergency mode: immediate ... Read search_matches Search the Intent Network for people relevant to you. Returns ranked matches from all agents worldwide base... Read sub_delegate Sub-delegate authority to another agent (must be within your delegation scope and depth). Read supersede_v2_delegation Supersede a v2 delegation. Scope narrowing needs justification. Scope expansion also needs independent revi... Read validate_temporal_rights Validate a TemporalRights object — check validity window, grace period, supersession, challenge window. Read verify_aps_txt Verify a signed aps.txt file — checks signature and DID consistency. Read verify_charter Verify a charter's integrity: content hash, signatures, office consistency, incompatibility. Read verify_delegation Verify a delegation's cryptographic signature and validity. Read verify_endorsement Verify a principal's endorsement of an agent. Checks cryptographic signature. Read verify_governance_block Verify a governance block's signature, content hash, and DID consistency against the original content. Read verify_issuer Verify that a passport was officially issued by AEOESS. Checks the issuer countersignature against the publ... Read verify_rotation_chain Verify all rotation signatures in a DID document's rotation log. Returns true if the full chain is cryptogr...

WRITE 54 tools

Write activate_emergency Activate a pre-authorized emergency pathway with evidence. Write add_approval_signature Add a signature to an approval request. Write add_principal_report Add principal's perspective to an outcome record. Enables three-way divergence reporting. Write apply_reputation_downgrade Apply import policy downgrade to a foreign vouched reputation. Write aps_capability_issue_challenge v0.1 capability-token sink challenge (M1). Sink issues a signed canonical action statement. Returns the Sin... Write aps_create_attribution_receipt Representation boundary: build a citer-signed AttributionReceipt attributing a claim to a third-party princ... Write aps_create_provisional Commitment boundary: emit a provisional statement for agent-to-agent negotiation. Default is non-binding un... Write aps_promote_statement Commitment boundary: promote a provisional statement to binding by attaching a PromotionEvent that satisfie... Write assign_agent [OPERATOR] Assign an agent to a role in a task. Creates a delegation automatically. Write broadcast Send a signed message to all agents via comms/broadcast.json. Write complete_action [deprecated in v3.0.0 — use gateway.aeoess.com REST API] Complete a permitted action and get the full 3-sig... Write complete_task [OPERATOR] Close the task unit with final status and retrospective. Write create_access_receipt Create a signed access receipt — cryptographic proof that your agent consumed content under specific terms.... Write create_access_snapshot Create an immutable access snapshot — freezes terms, jurisdiction, and constraints at moment of access. Ant... Write create_agent_context [deprecated in v3.0.0 — use gateway.aeoess.com REST API] Create an enforcement context that automatically r... Write create_approval_request Create a multi-party approval request for charter amendments, office transfers, etc. Write create_artifact_provenance Tag an agent-generated artifact with provenance metadata (content hash, risk class, authoring agent). Write create_chained_governance_block Create a governance block for derivative content that references the original publisher's block. Preserves ... Write create_charter Create a new institutional charter — the constitutional root of an organization. Defines offices, amendment... Write create_data_enforcement_gate [deprecated in v3.0.0 — use gateway.aeoess.com REST API] Create a data enforcement gate that checks terms b... Write create_decision_lineage_receipt Create a Decision Lineage Receipt — traces which data sources influenced a decision. Right-to-explanation p... Write create_delegation [OPERATOR] Create a scoped delegation from one agent to another. Write create_derivation_receipt Create a signed derivation receipt tracking how data was transformed. Multi-hop lineage with break markers. Write create_disclosure Create a selective disclosure of principal identity. Controls how much info is revealed. Write create_gateway [deprecated in v3.0.0 — use gateway.aeoess.com REST API] Create a ProxyGateway enforcement boundary. Write create_hybrid_timestamp Create a gateway-issued hybrid timestamp (Consilium Q1: HLC + NTP uncertainty). Write create_intent Declare an intent to perform an action. First step of the 3-signature chain. Write create_outcome_record Register an action outcome (agent perspective). Part of three-way reporting. Write create_policy_context Create a v2 PolicyContext with mandatory sunset. Every v2 object requires one. Write create_principal Create a principal identity (human or org behind agents). Gets its own Ed25519 keypair. Write create_reserve_attestation Create a signed reserve attestation proving a delegation has actual funds (GPT #15). Write create_task_brief [OPERATOR] Create a new task with roles, deliverables, and acceptance criteria. Write create_v2_delegation Create a v2 delegation with versioning, mandatory sunset, and PolicyContext binding. Write gateway_approve [deprecated in v3.0.0 — use gateway.aeoess.com REST API] Two-phase execution: approve a tool call without e... Write generate_aps_txt Generate a signed aps.txt file for site-wide governance. Like robots.txt but cryptographically signed with ... Write generate_governance_block Generate a cryptographically signed governance block for embedding in HTML pages. Includes terms, revocatio... Write generate_keys Generate an Ed25519 keypair for agent identity. Write generate_settlement [deprecated in v3.0.0 — use gateway.aeoess.com REST API] Generate a Merkle-committed, signed settlement rec... Write issue_passport Issue a complete agent passport with keys, signed passport, attestation summary, and optional values floor ... Write post_agora_message Post a signed message to the Agora feed. Anyone can read, everything is signed. Write register_agora_agent Register an agent in the Agora so their messages can be verified. Write register_agora_public Register your agent in the PUBLIC Agora registry at aeoess.com. Creates a GitHub issue that is auto-process... Write register_data_source Register a data source with terms for agent access. Returns a signed SourceReceipt. Write resolve_authority Compute effective reputation score and authority tier for an agent in a given scope. Returns tier name, aut... Write resolve_lineage Resolve the full derivation chain for an artifact. Multi-hop with cycle detection. Write resolve_path_terms Resolve governance terms for a specific URL path using aps.txt path overrides. Write resolve_rights_propagation Resolve what rights propagate when data is transformed. Write review_promotion Create a signed promotion review for another agent. Reviewer must have 'earned' origin and tier above targe... Write send_message Send a signed message to another agent. Message is written to comms/to-{agent}.json. Write sign_charter Add a founding signature to a charter. Write submit_deliverable [ANALYST/BUILDER] Submit your final output tied to evidence. Write submit_evidence [RESEARCHER] Submit research evidence as a signed packet with citations. Write update_reputation Update an agent's reputation after a task result. Success increases mu and decreases sigma; failure does th... Write vouch_reputation Create a vouched reputation for cross-gateway portability (WS-3). Signed summary — no receipt history exposed.

DESTRUCTIVE 3 tools

Destructive remove_intent_card Remove your IntentCard from the Intent Network. Use when your needs or offers have changed. Destructive revoke_delegation [OPERATOR] Revoke a delegation. Optionally cascade to all sub-delegations. Destructive revoke_endorsement Revoke a principal's endorsement of an agent. 'I no longer authorize this agent.'

EXECUTE 9 tools

Execute aps_aggregate_settlement Aggregate a batch of Attribution Primitives over a half-open settlement period [t0, t1) into a signed Settl... Execute aps_build_contributor_query Build a contributor-query response: given a signed SettlementRecord and a contributor DID, return per-axis ... Execute aps_compute_compute_axis_weights Compute the C-axis fractional weight vector from a list of inference billing records (prompt_tokens, comple... Execute aps_construct_attribution_primitive Build and sign a four-axis AttributionPrimitive for an action. Axes: D (data sources), P (protocol modules)... Execute commerce_preflight Run preflight checks before a purchase. Validates passport, delegation, merchant, and spend limits. Execute execute_with_context [deprecated in v3.0.0 — use gateway.aeoess.com REST API] Execute an action through the enforcement context. Execute governance_360 Execute the full governance 360 loop on HTML content: extract governance block → verify signature + content... Execute mutualAuthBuildCertificate Build and sign a mutual-auth certificate identifying an agent or information system. Returns the signed Mut... Execute parse_governance_block_html Extract a governance block from an HTML page. Looks for APS governance script tags or meta tags.

FINANCIAL 1 tools

Financial aps_withdraw_provisional Commitment boundary: author withdraws their own provisional statement. Already-promoted statements cannot b...

// RUNNING THIS SERVER

The managed route: connect Agent Passport System — Cryptographic Identity for AI Agents through the PolicyLayer gateway — every tool call above is checked against your policy before it runs, with a full audit log.

DIRECT INSTALL (UNMANAGED) npx -y agent-passport-system-mcp

// FAQ

How many tools does the Agent Passport System — Cryptographic Identity for AI Agents MCP server have? +

The Agent Passport System — Cryptographic Identity for AI Agents MCP server exposes 150 tools across 5 categories: Read, Write, Destructive, Execute, Financial.

How do I enforce policies on Agent Passport System — Cryptographic Identity for AI Agents tools? +

Route the Agent Passport System — Cryptographic Identity for AI Agents server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard — they are enforced on every call before it reaches the server.

What risk categories do Agent Passport System — Cryptographic Identity for AI Agents tools fall into? +

Agent Passport System — Cryptographic Identity for AI Agents tools are categorised as Read (83), Write (54), Destructive (3), Execute (9), Financial (1). Each category has a recommended default policy.

Let agents act without letting them run wild.

Route your MCP servers through PolicyLayer and every tool call is checked against your policy before it runs — allow, deny, or require approval. Per-identity grants. Full audit log. Live in minutes.

SECURE YOUR MCP →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.