aga_verify_artifact
Verify policy artifact signatures using issuer public keys to ensure authenticity and integrity in zero-trust environments.
Instructions
Verify an artifact signature against an issuer public key.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| artifact | No | The policy artifact to verify | |
| issuer_public_key | No | Issuer public key (hex) |
Implementation Reference
- src/tools/verify-artifact.ts:10-13 (handler)The handler for `aga_verify_artifact` that verifies the artifact signature using the provided public key.
export async function handleVerifyArtifact(args: VerifyArtifactArgs, ctx: ServerContext) { const valid = verifyArtifactSignature(args.artifact, args.issuer_public_key); return ctx.json({ success: true, signature_valid: valid }); } - src/server.ts:139-150 (registration)Registration of `aga_verify_artifact` in the MCP server setup.
// 5. aga_verify_artifact (ungoverned) server.tool('aga_verify_artifact', 'Verify an artifact signature against an issuer public key.', { artifact: z.any().describe('The policy artifact to verify'), issuer_public_key: z.string().optional().describe('Issuer public key (hex)'), }, async (args) => { const pk = args.issuer_public_key ?? (await import('./crypto/sign.js')).pkToHex(ctx.issuerKP.publicKey); return handleVerifyArtifact({ artifact: args.artifact ?? ctx.activeArtifact, issuer_public_key: pk }, ctx); }, );