Skip to main content
Glama
audiencescore

audiencescore

Official

AudienceScore

AudienceScore is an open protocol for review scores gated by cryptographic proof of a real transaction or verified participation. A signed receipt unlocks one review for one versioned offering, and every published score is a signed, recomputable rendering over the ledger.

CI License: Apache-2.0 Spec: CC BY 4.0 Data: ODbL

Status

AudienceScore is a live pilot deployment, pre-cryptographic-audit, not a production issuance system. Pilot receipts, events, and score manifests carry env: "pilot" in signed bodies; the pilot ledger may be reset and receipts may be re-issued after audit.

Two gates remain open before non-pilot issuance:

  1. Independent cryptographic review of the receipt and rendering-signature scheme.

  2. Per-vertical legal review before any regulated profile ships.

Related MCP server: agentforge-trust-mcp

Connect MCP

Add this remote MCP server URL in any client that supports Streamable HTTP:

https://mcp.audiencescore.org/mcp

No account or API key is required. The pilot server exposes read-only get_score and get_score_evidence tools for v0.2 rendering manifests.

Read a Score

Fetch a signed pilot score manifest with one curl:

curl -sS https://mcp.audiencescore.org/v0/scores/field-elevate-demo%40v1

Below the k-anonymity floor, the manifest returns published: false rather than a fabricated score.

Verify that the manifest signature is valid and that its signer is in the published key set:

node - <<'NODE'
const { verifyPayload } = require('./reference-impl/src/crypto');
const scoreUrl = 'https://mcp.audiencescore.org/v0/scores/field-elevate-demo%40v1';
const keysUrl = 'https://audiencescore.org/.well-known/audiencescore-keys.json';

(async () => {
  const signed = await fetch(scoreUrl).then((r) => r.json());
  const keys = await fetch(keysUrl).then((r) => r.json());
  const publishedKeys = new Set((keys.keys || []).map((k) => k.key));
  const inKeySet = publishedKeys.has(signed.signer);
  const valid = verifyPayload(signed.signer, signed.manifest, signed.sig);
  console.log(JSON.stringify({ published: signed.manifest.published, inKeySet, valid }, null, 2));
  if (!inKeySet || !valid) process.exit(1);
})();
NODE

Run Locally

Requires Node.js 24+.

git clone https://github.com/audiencescore/audiencescore.git
cd audiencescore
npm install --prefix reference-impl
npm test --prefix reference-impl
node reference-impl/demo.js

The demo proves the full current loop: receipt issued, review admitted, score rendered, evidence recomputed, and score queried over MCP.

Spec and Governance

  • Spec v0.2a: receipts, roles, attestation levels, versioned offerings, invariants, and threat model.

  • Rendering v1: current score math.

  • Conformance: signed vectors, canonical bytes, and Python verifier.

  • Acceptance tests: AT-1 through AT-25, all executable in CI.

  • Pilot docs: issuer, review, score-reading, and deployment runbooks.

  • Governance: open score math, sealed-admission boundaries, and accountability rules.

  • DRIFT.md: the plain-English record of v0.1 to v0.2 drift decisions.

Contribute

Protocol changes start with the spec. Anything touching receipts, invariants, rendering math, or conformance vectors needs a spec/RFC discussion before code. Implementation changes need tests, DCO sign-off, and passing CI.

Start with CONTRIBUTING.md. Security reports go through SECURITY.md.

A
license - permissive license
-
quality - not tested
C
maintenance

Maintenance

Maintainers
Response time
2dRelease cycle
2Releases (12mo)
Commit activity

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/audiencescore/audiencescore'

If you have feedback or need assistance with the MCP directory API, please join our Discord server