DefaultVerifier MCP
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@DefaultVerifier MCPVerify this signed SAR receipt."
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
DefaultVerifier MCP — Phase A
Agent-native MCP server for DefaultVerifier. Phase A starts with verification, not emission.
What this is
An MCP server that exposes DefaultVerifier's verification surface to AI agents. It verifies signed SAR v0.1 settlement receipts locally — offline, no network required.
Doctrine:
Capability ≠ Authority
Authority ≠ Execution
Execution ≠ Verification
Verification must leave evidenceRelated MCP server: Web Resource Ledger
Phase A tools
verify_receipt
Verify a signed SAR v0.1 receipt locally.
Offline — no network calls
Canonicalizes using RFC 8785 / JCS
Verifies Ed25519 signature against bundled public key registry
Returns typed result with
status(tool outcome) andverdict(issuer's signed outcome)
Key semantics:
status=PASSmeans the signature and digest are cryptographically validverdictis the issuer-signed outcome from the receipt itself (PASS/FAIL/INDETERMINATE)A valid FAIL receipt returns
{ status:"PASS", verdict:"FAIL" }A tampered receipt returns
{ status:"INVALID" }
get_verification_log
Return entries from DefaultVerifier's local verification log (/var/www/html/verified.json).
Local file only in Phase A
Preserves the file's disclaimer and non-endorsement language
Does not add endorsement language
Boundaries (what DefaultVerifier does NOT claim)
Does not prove payment finality
Does not prove legal settlement finality
Does not execute tasks
Does not approve actions
Does not release or custody funds
Does not imply partnership, endorsement, or official integration
Does not issue TrustScores
How to run
npm install
npm test # run self-tests (requires all tests to pass before commit)
npm start # starts on 127.0.0.1:3013 (dev only — do not deploy directly)Health check: curl http://127.0.0.1:3013/healthz
MCP endpoint: http://127.0.0.1:3013/mcp
Local-first design
verify_receipt requires no network. It uses:
keys/sar-keys.json— bundled public key registry (kid-01, kid-02, kid-03)Node.js built-in
cryptofor Ed25519 verificationcanonicalizenpm package (RFC 8785/JCS) for byte-for-byte parity with the Python verifier
Key registry
Includes three production keys:
sar-prod-ed25519-01— original keysar-prod-ed25519-02— rotation 2sar-prod-ed25519-03— current key (used by recent receipts)
Fixtures
File | Expected result |
| status PASS, verdict PASS |
| status PASS, verdict FAIL |
| status PASS, verdict INDETERMINATE |
| status PASS, kid sar-prod-ed25519-03 |
| status INVALID |
Future phases
Phase B:
resolve_receipt— resolve a receipt_id to its canonical sourcePhase C:
resolve_chain— follow a receipt chainPhase D:
check_issuer— issuer registry lookupPhase E:
emit_receipt_optional— optional emission surfacePhase F: TrustProfile
Port assignment
Dev port: 127.0.0.1:3013 (not proxied — do not expose without nginx config review)
Production settlement-witness-mcp remains on port 3003 and is not modified by this repo.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/nutstrut/defaultverifier-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server