nobulex-mcp-server
This server provides AI agent behavioral governance through covenant-based rules, runtime enforcement, and cryptographically verifiable audit trails.
Set Covenant Rules (
set_rules): Define behavioral policies usingpermit,forbid, andrequiresyntax (e.g.,'forbid delete_user','permit read_data'), establishing what actions are allowed or blocked.Check Action Compliance (
check_action): Evaluate whether a specific action (with optional parameters) is permitted or blocked under the active rules, enabling pre-execution enforcement before an action runs.Retrieve Audit Log (
get_audit_log): Fetch the full hash-chained audit trail of all compliance checks, providing a tamper-evident history of every action evaluation.Verify Log Integrity (
verify_log): Independently verify the cryptographic integrity of the audit log to detect any tampering, ensuring the trustworthiness of the agent's behavioral history.
Provides GitHub repository hosting for the Nobulex project, including source code, documentation, and issue tracking for the proof-of-behavior protocol.
Hosts the Nobulex repository with CI/CD workflows, documentation, and community collaboration features for the proof-of-behavior protocol development.
Provides drop-in compliance middleware for LangChain, allowing behavioral rule enforcement and cryptographic proof of agent actions within LangChain applications.
Provides npm package distribution for the Nobulex SDK and related packages, enabling installation and integration via npm ecosystem.
Provides PyPI distribution for langchain-nobulex package, enabling Python developers to integrate proof-of-behavior verification into LangChain applications.
Provides TypeScript SDK and packages for implementing proof-of-behavior protocol, with strict TypeScript support for type-safe behavioral rule definition and verification.
Nobulex
Credit scores for AI agents. Autonomy earned, not granted.
AI agents get full access on day one and build zero track record. Nobulex fixes that.
Every agent starts restricted. As it performs reliably, it earns Trust Capital that unlocks higher autonomy, bigger transaction limits, lower insurance premiums, and enterprise approval. Agents that deviate lose access before the damage spreads. The same way credit scores turned lending into a scalable economic system, Trust Capital turns agent governance into one where reputation has real economic value.
If this is useful, star the repo to help others find it.
Adopted by
Microsoft merged the core primitive into their Agent Governance Toolkit (PRs #1302, #1333)
OpenLineage (Linux Foundation) accepted Nobulex into their ecosystem
AAIF (Linux Foundation, founded by Anthropic/OpenAI/Google/Microsoft/AWS/Block) has the project under staff review
State of Agent Security 2026 litepaper lists @nobulex/crypto as 10/10 conformance validated
Quick Start
npm install @nobulex/core
npx tsx examples/trust-capital-demo.tsAgent starts at RESTRICTED tier (Trust Capital: 0)
Action 1: read_data — ALLOWED ✓ (Trust Capital: 12)
Action 2: read_data — ALLOWED ✓ (Trust Capital: 24)
Action 3: process_payment — BLOCKED ✗ (insufficient trust for financial ops)
Action 4: read_data — ALLOWED ✓ (Trust Capital: 36)
Action 5: read_data — ALLOWED ✓ (Trust Capital: 48)
Agent promoted to STANDARD tier
Action 6: process_payment — ALLOWED ✓ (Trust Capital: 65)
Action 7: approve_contract — BLOCKED ✗ (requires TRUSTED tier)
Agent promoted to TRUSTED tier (Trust Capital: 89)
Action 8: approve_contract — ALLOWED ✓
Try it live · Policy Designer · Quickstart · Compare · Receipt Schema · Pricing · IETF Draft
What is Trust Capital?
You can't audit a neural network. But you can audit actions against stated commitments — and accumulate that audit history into a reputation that has real economic value.
verify(covenant, actionLog) → { compliant: boolean, violations: Violation[], trustCapital: number }This is always decidable, always deterministic, always efficient. No ML, no heuristics — mathematical proof.
Trust Capital means every autonomous agent action is:
Declared — behavioral rules defined before deployment in a formal covenant
Enforced — violations blocked at runtime, before execution
Proven — every action hash-chained into a tamper-evident audit trail that third parties can independently verify
Accumulated — verified behavior builds Trust Capital that gates future autonomy, transaction limits, insurance eligibility, and enterprise approval
Quick Start
npm install @nobulex/sdkimport { createDID, parseSource, EnforcementMiddleware, verify } from '@nobulex/core';
// 1. Create an agent identity
const agent = await createDID();
// 2. Write behavioral rules
const spec = parseSource(`
covenant SafeTrader {
permit read;
permit transfer (amount <= 500);
forbid transfer (amount > 500);
forbid delete;
}
`);
// 3. Enforce at runtime
const mw = new EnforcementMiddleware({ agentDid: agent.did, spec });
// $300 transfer — allowed
await mw.execute(
{ action: 'transfer', params: { amount: 300 } },
async () => ({ success: true }),
);
// $600 transfer — BLOCKED before execution
await mw.execute(
{ action: 'transfer', params: { amount: 600 } },
async () => ({ success: true }), // never runs
);
// 4. Prove compliance
const result = verify(spec, mw.getLog());
console.log(result.compliant); // true
console.log(result.violations); // []Cross-Agent Verification Handshake
Before two agents transact, they verify each other's Trust Capital. No proof, no transaction.
import { generateProof, verifyCounterparty } from '@nobulex/sdk';
// Agent A generates its Trust Capital proof
const proof = await generateProof({
identity: agentA,
covenant: spec,
actionLog: middleware.getLog(),
});
// Agent B verifies Agent A before transacting
const result = await verifyCounterparty(proof);
if (!result.trusted) {
console.log('Refusing transaction:', result.reason);
return; // No proof, no transaction
}
// Safe to transact — Agent A is verified
await executeTransaction(proof.agentDid, amount);The handshake checks eight things in order: covenant signature, proof signature, log integrity, compliance, minimum history, required covenant, audience binding, and task class scoping. If any check fails, the transaction is refused.
Why Trust Capital Matters
What exists today | What's missing |
Guardrails filter prompts and outputs | No proof the agent followed rules at the action layer |
Monitoring watches what agents do after the fact | No enforcement before execution |
Identity verifies who the agent is | No verification of what the agent did |
Governance platforms provide dashboards and policies | No cryptographic evidence a third party can independently verify |
Trust Capital fills the gap: declare → enforce → prove → accumulate.
Conceptual Comparison
Bitcoin | Ethereum | Nobulex | |
What it verifies | Monetary transfers | Contract execution | Agent behavior |
Mechanism | Proof of Work | Proof of Stake | Trust Capital |
What's proven | Transaction validity | State transitions | Behavioral compliance |
Guarantee | Trustless money | Trustless contracts | Trustless agents |
Live Demo
npx tsx examples/demo.tsCreates two agents, defines behavioral rules, enforces at runtime, blocks a forbidden transfer, generates Trust Capital proof, runs the 8-step handshake, and then shows the same handshake rejecting a third agent whose log was tampered with.
npx tsx examples/langchain-agent.ts # covenant enforcement around a mocked LangChain agent
npx tsx examples/trust-capital-demo.ts # watch an agent earn credit through verified behavior
npx tsx benchmarks/bench.ts # protocol performance on your hardwareSecurity Audit
We've conducted an internal security review. Here's what we tested and what we found:
Verified secure:
Hash chain integrity: modifying any entry breaks the chain (property-tested with fast-check across random chains of varying length).
Signature forgery: invalid signatures are rejected 100% of the time.
Replay attack prevention: audience-bound proofs fail when replayed to a different verifier (property-tested).
Covenant enforcement: forbidden actions are blocked before execution, never after.
Known limitations:
No key revocation mechanism yet.
No rate limiting on handshake verification.
Single-threaded chain verification.
Clock skew tolerance is 0.
See docs/threat-model.md for the full threat model.
Development
git clone https://github.com/arian-gogani/nobulex.git
cd nobulex
npm install
npx vitest run # full test suite (incl. fast-check property tests)
npx tsx examples/demo.ts # see the protocol run end-to-end
npx tsx benchmarks/bench.tsStandards
IETF Internet-Draft —
draft-gogani-nobulex-proof-of-behavior-00: Trust Capital Protocol for Autonomous AI AgentsLangChain RFC #35691 — ComplianceCallbackHandler, 10+ implementations converging
NIST RFI Response — Formal comments to NIST AI Agent Standards Initiative
Microsoft AGT — Bilateral receipt primitive merged (PRs #1302, #1333)
Ecosystem
Projects building on or composing with Nobulex:
Partner | Layer | Integration |
Governance toolkit | Bilateral receipt primitive (PR #1333) | |
Receipt schema | 10/10 byte-match on bilateral-delegation fixtures | |
CTEF vectors | Cross-implementation byte-match validation | |
Identity layer | Claim type convergence | |
Compliance | Bilateral receipt endorsement | |
Envelope layer | JCS canonicalization alignment | |
Pre-call trust scores | Feeds trust_score into covenant | |
Signing layer | Bilateral co-signing, policy attestation |
Documentation
API Reference — Full API docs generated with TypeDoc (
npm run docs:api)Trust Capital Spec — Formal standard specification (CC-BY-4.0)
White Paper — Formal protocol specification
Receipt Schema — Every field, verification steps, examples
Getting Started — Developer guide
Links
Website: nobulex.com
Try it: nobulex.com/try
npm: @nobulex
License
MIT
Maintenance
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/arian-gogani/nobulex'
If you have feedback or need assistance with the MCP directory API, please join our Discord server