tatastu-proof
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@tatastu-proofStamp the text 'Hello, world!'"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Tatastu Proof
One API call stamps any content with a permanent, publicly verifiable provenance record. Works from any language, any agent, any pipeline.
import { stamp, hashText } from "@tatastu/proof"
const hash = await hashText("Hello, world!")
const receipt = await stamp({ contentHash: hash, title: "My post" })
console.log(receipt.verifyUrl)
// → https://tatastu.dev/p/prf_01jz...Live service: proof.tatastu.dev — verification is always free.
What it does
A stamp takes the SHA-256 of any content (text, file, JSON, code, binary) and records:
Who signed it (a creator identity you provide, or anonymous)
When it was signed (millisecond-precision, bounded by the daily Merkle anchor)
An Ed25519 signature from the Tatastu Proof service's key-transparency log
Within 24 hours, stamps are batched into an RFC 6962 Merkle tree. The root is anchored to Arweave (permanent storage) and Base (EVM on-chain calldata). After anchoring, you can verify the stamp with zero network calls using the offline verifier in this repo.
What a stamp does not prove: authorship truth. The service records "this signer
claimed this content at this time." The claimed time (signedAt) and proven time
(anchored) are distinct and both shown on every verify page.
Related MCP server: hive-mcp-origin
Install
npm install @tatastu/proofOr use without installing:
npx tsx examples/eu-ai-act-label.tsQuickstart
Stamp text
import { stamp, hashText } from "@tatastu/proof"
const hash = await hashText("The report content goes here.")
const receipt = await stamp({ contentHash: hash, title: "Q3 Report" })
console.log(receipt.verifyUrl) // https://tatastu.dev/p/prf_...
console.log(receipt.byline) // "Verified · https://tatastu.dev/p/prf_..."Stamp a file (Node.js)
import { stamp, hashNodeBuffer } from "@tatastu/proof"
import { readFile } from "node:fs/promises"
const bytes = await readFile("./report.pdf")
const receipt = await stamp({
contentHash: await hashNodeBuffer(bytes),
contentType: "application/pdf",
title: "Q3 Financial Report",
apiKey: process.env.TATASTU_API_KEY,
})Verify any content
import { verify, hashText } from "@tatastu/proof"
const { proofs } = await verify(await hashText("The report content goes here."))
if (proofs.length > 0) {
console.log("Authentic:", proofs[0].verifyUrl)
console.log("Status:", proofs[0].status) // SIGNED | ANCHORED | CONFIRMED
}Stamp a file in the browser (drag-and-drop)
import { stamp, hashBlob } from "@tatastu/proof"
const file = dropEvent.dataTransfer.files[0]
const receipt = await stamp({
contentHash: await hashBlob(file),
title: file.name,
})See examples/browser-drop.html for a complete self-contained verify page with no build step.
MCP (agent use)
Add proof.tatastu.dev/mcp to your Claude Code, Cursor, or Windsurf config:
{
"mcpServers": {
"tatastu-proof": {
"url": "https://proof.tatastu.dev/mcp"
}
}
}The agent can then call create_proof and verify_proof directly. See
examples/agent-mcp.md for the full config and tool reference.
EU AI Act compliance
EU AI Act Article 50(4) requires machine-readable provenance on AI-generated content. The deadline is 2 August 2026.
import { stamp, hashText } from "@tatastu/proof"
const aiOutput = "AI-generated text goes here."
const receipt = await stamp({ contentHash: await hashText(aiOutput) })
const labeledOutput = {
text: aiOutput,
_proof: {
contentHash: receipt.contentHash,
proofId: receipt.proofId,
verifyUrl: receipt.verifyUrl,
signedAt: receipt.signedAt,
bylineHtml: receipt.bylineHtml,
},
}Run the full example with no setup:
npx tsx examples/eu-ai-act-label.tsSee docs/eu-ai-act.md for the compliance guide.
How verification works
Every stamp is:
Signed immediately with an Ed25519 key from the service's transparency log
Batched daily into an RFC 6962 Merkle tree (0x00/0x01 domain-separated prefixes)
Anchored — the Merkle root written to Arweave (permanent) and Base (on-chain calldata)
Confirmed once the Arweave transaction has sufficient confirmations
After anchoring you can verify with the public key and inclusion path — no network, no trust, no service required.
Four verified layers on every verify page
Ed25519 signature — the service signed the canonical receipt
RFC 6962 Merkle inclusion — the stamp is in the anchored batch
Arweave anchor — the Merkle root is on Arweave
Base calldata — the root is in an EVM transaction on Base
Offline verification
After a stamp reaches ANCHORED status, you can verify it with no network calls:
import { getBundle, hashNodeBuffer } from "@tatastu/proof"
import { verifyOffline } from "@tatastu/proof/verify/offline"
import { readFile } from "node:fs/promises"
const bytes = await readFile("./report.pdf")
const bundle = await getBundle("prf_01jz...")
const result = await verifyOffline(bundle, await hashNodeBuffer(bytes))
console.log(result.valid, result.signatureVerified, result.merkleVerified)verify/offline.ts is a single 200-line file with zero dependencies. Copy it into
any project. It uses only the Web Crypto API (SubtleCrypto), available in Node 18+,
Deno, and modern browsers.
Pricing
Tier | Price | Stamps |
Free | $0 | 25/month |
Starter bundle | $8 | 100 (no expiry) |
Creator bundle | $35 | 500 (no expiry) |
Creator subscription | $12/month | 500/month |
Pay-per-stamp (x402) | $0.10 or $0.05 with API key | — |
Verification is always free and requires no account.
Full pricing: docs/pricing.md and tatastu.dev/proof.
Contributing
See CONTRIBUTING.md. The service, Worker, and D1 schema are in a private repo — this repo contains only the public SDK, offline verifier, and examples.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/Tatastu-Labs/proof'
If you have feedback or need assistance with the MCP directory API, please join our Discord server