MCP Tools

Sigil MCP Server

A Model Context Protocol server that gives Claude Code, Claude Desktop, and any MCP-compatible agent runtime direct access to Sigil's identity and provenance tools — with no SDK setup required.

Transports

stdioLocal

Default. The agent runtime spawns the MCP server as a child process. Used by Claude Code and Claude Desktop local config. Agent private key stays in the host process environment — never travels over the wire.

SSE / HTTPRemote

Remote agents connect via Server-Sent Events. Enable by setting MCP_HTTP_PORT. The server listens on GET /sse + POST /message. Suitable for cloud-deployed agents that cannot run a local process.

Setup — Stdio (Claude Code / Desktop)

Build

bash

cd mcp-server
pnpm install
pnpm build

Claude Code config (~/.claude/config.json)

~/.claude/config.json

{
  "mcpServers": {
    "sigil": {
      "command": "node",
      "args": ["/path/to/sigil/mcp-server/dist/index.js"],
      "env": {
        "ZERO_G_RPC_URL": "https://evmrpc-testnet.0g.ai",
        "ZERO_G_CHAIN_ID": "16602",
        "SIGIL_REGISTRY_ADDRESS": "0x2C0457F82B57148e8363b4589bb3294b23AE7625",
        "PROVENANCE_NOTARY_ADDRESS": "0xA1103E6490ab174036392EbF5c798C9DaBAb24EE",
        "ZERO_G_STORAGE_RPC": "https://indexer-storage-testnet-turbo.0g.ai",
        "SIGIL_API_BASE_URL": "http://localhost:3000",
        "SIGIL_AGENT_PRIVATE_KEY": "0x...",
        "SIGIL_EXPLORER_URL": "https://chainscan-galileo.0g.ai"
      }
    }
  }
}

Claude Desktop config

claude_desktop_config.json

{
  "mcpServers": {
    "sigil-protocol": {
      "command": "node",
      "args": ["/path/to/sigil/mcp-server/dist/index.js"],
      "env": {
        "ZERO_G_RPC_URL": "https://evmrpc-testnet.0g.ai",
        "SIGIL_REGISTRY_ADDRESS": "0x2C0457F82B57148e8363b4589bb3294b23AE7625",
        "PROVENANCE_NOTARY_ADDRESS": "0xA1103E6490ab174036392EbF5c798C9DaBAb24EE",
        "SIGIL_AGENT_PRIVATE_KEY": "0x...",
        "SIGIL_API_BASE_URL": "http://localhost:3000"
      }
    }
  }
}

Setup — SSE (Remote Agents)

bash

# Start the MCP server in HTTP mode
MCP_HTTP_PORT=4000 \
ZERO_G_RPC_URL=https://evmrpc-testnet.0g.ai \
SIGIL_REGISTRY_ADDRESS=0x2C0457F82B57148e8363b4589bb3294b23AE7625 \
PROVENANCE_NOTARY_ADDRESS=0xA1103E6490ab174036392EbF5c798C9DaBAb24EE \
SIGIL_AGENT_PRIVATE_KEY=0x... \
node mcp-server/dist/index.js

# The server exposes:
#   GET  http://0.0.0.0:4000/sse      — SSE endpoint (remote agents connect here)
#   POST http://0.0.0.0:4000/message  — message handler
#   GET  http://0.0.0.0:4000/health   — health check

For a public URL during development, use a Cloudflare tunnel:

bash

cloudflared tunnel --url http://localhost:4000

NOTEIn SSE mode, sigil__notarize_output rejects any call whose arguments contain a hex string matching a private key pattern. The agent private key must be set in the server's environment — it never travels over the SSE connection.

Tool Reference

sigil__register_agent

Initiate a sponsored registration request or poll an existing one. Call with principalAddress + agentDescription + permissions to create a new request. Call with requestId to poll — the approved response includes the passportId and agentPrivateKey (once).

Parameter	Type	Description
`principalAddress`	`string`	Principal wallet address (0x+40 hex). Required for new requests.
`agentDescription`	`string`	Agent description ≤ 280 chars. Required for new requests.
`permissions`	`object`	Permission manifest. Required for new requests. Fields: whitelistedContracts, maxTxValuePerWindow, authorizedApis, allowedTokens, timeWindowSeconds.
`requestId`	`string`	If provided, polls the status of an existing request instead of creating a new one.

Example — Create

sigil__register_agent({
  "principalAddress": "0xYourWallet",
  "agentDescription": "DeFi risk scoring agent",
  "permissions": {
    "whitelistedContracts": [],
    "maxTxValuePerWindow": { "OG": 0 },
    "authorizedApis": ["0g.compute"],
    "allowedTokens": ["OG"],
    "timeWindowSeconds": 3600
  }
})

// Returns:
// {
//   "requestId": "abc123...",
//   "agentAddress": "0x...",
//   "approvalUrl": "http://localhost:3000/approve/abc123...",
//   "message": "Registration pending. The principal must visit this URL to approve: ..."
// }

Example — Poll

sigil__register_agent({ "requestId": "abc123..." })

// Returns (after approval, first call):
// {
//   "status": "approved",
//   "passportId": "0x...",
//   "agentPrivateKey": "0x...",
//   "message": "Registration approved! passportId=0x...

IMPORTANT: Store your agent private key..."
// }

sigil__resolve_agent

Read an AgentPassport from on-chain. Accepts a passportId or agent address. Returns the full PassportRecord including reputation score, task counts, and active status.

Parameter	Type	Description
`query`	`string`	PassportId (0x+64 hex) or agent address (0x+40 hex). Optional — defaults to SIGIL_AGENT_ADDRESS env var.

Example

sigil__resolve_agent({ "query": "0x87c4d2f5..." })

// Returns:
// {
//   "passportId": "0x87c4d2f5...",
//   "principal": "0x...",
//   "agentAddress": "0x...",
//   "active": true,
//   "reputationScore": 1000,
//   "taskCount": 12,
//   "failureCount": 0,
//   "provenanceRecordCount": "12",
//   "createdAt": "2026-05-01T10:00:00.000Z"
// }

sigil__notarize_output

IMPORTANTLocal (stdio) transport only. Reads SIGIL_AGENT_PRIVATE_KEY from the server environment. Never pass private keys in tool arguments.

Notarize an AI-generated artifact on 0G Chain. Encrypts and uploads the input context to 0G Storage, builds a provenance envelope with the output and model receipt, and calls ProvenanceNotary.notarize() on-chain.

Parameter	Type	Description
`passportId`required	`string`	The agent's passportId (0x+64 hex).
`output`required	`string`	The full text of the artifact to notarize.
`inputContext`required	`string`	The input prompt or context (encrypted before upload).
`artifactType`	`string`	One of: CODE_AUDIT, RISK_ASSESSMENT, GENERIC_REPORT, CONTRACT_CLAUSE, FINANCIAL_MODEL, DUE_DILIGENCE, GOVERNANCE_ANALYSIS. Default: GENERIC_REPORT.
`modelId`	`string`	Model used to generate the output. Default: qwen/qwen-2.5-7b-instruct.

Example

sigil__notarize_output({
  "passportId": "0x87c4d2f5...",
  "output": "The DeFi protocol has a risk score of 7/10 based on...",
  "inputContext": "Analyze the risk of Aave V3 on Ethereum mainnet",
  "artifactType": "RISK_ASSESSMENT"
})

// Returns:
// {
//   "recordId": "0x...",
//   "txHash": "0x...",
//   "outputHash": "0x...",
//   "explorerUrl": "https://chainscan-galileo.0g.ai/tx/0x...",
//   "message": "Notarized on-chain. recordId=0x...
Tx: ..."
// }

sigil__resolve_provenance

Resolve a ProvenanceRecord from on-chain. Supports lookup by recordId, outputHash (keccak256 of the artifact), or passportId (to list all records for an agent).

Parameter	Type	Description
`recordId`	`string`	The ProvenanceRecord ID (bytes32).
`outputHash`	`string`	keccak256 of the artifact output — resolves to the recordId first.
`passportId`	`string`	List all records for this passport (paginated).
`offset`	`number`	Pagination offset. Default: 0.
`limit`	`number`	Max records to return (1–50). Default: 10.

Example — by recordId

sigil__resolve_provenance({ "recordId": "0x..." })

// Returns:
// {
//   "recordId": "0x...",
//   "passportId": "0x...",
//   "agent": "0x...",
//   "modelId": "qwen/qwen-2.5-7b-instruct",
//   "artifactType": "RISK_ASSESSMENT",
//   "verified": true,
//   "timestamp": "2026-05-01T12:00:00.000Z"
// }

sigil__verify_agent

Trust-gate another agent before delegating work to it. Returns ACCEPT, CAUTION, or REJECT based on the agent's on-chain reputation and activity record.

Trust Level	Condition	Recommended Action
ACCEPT	reputation ≥ 600 AND failureCount == 0	Proceed with delegation
CAUTION	reputation 200–599 OR failureCount > 0	Delegate with oversight or reduced scope
REJECT	reputation < 200 OR active == false	Do not delegate — agent is untrustworthy or revoked

Parameter	Type	Description
`query`required	`string`	PassportId (0x+64 hex) or agent address (0x+40 hex) to verify.

Example

sigil__verify_agent({ "query": "0x87c4d2f5..." })

// Returns:
// {
//   "trustLevel": "ACCEPT",
//   "reputationScore": 1000,
//   "taskCount": 12,
//   "failureCount": 0,
//   "active": true,
//   "reasons": ["Reputation 1000/1000, 12 tasks completed, 0 failures"],
//   "message": "ACCEPT — Reputation 1000/1000, 12 tasks completed, 0 failures"
// }

Environment Variables

Parameter	Type	Description
`ZERO_G_RPC_URL`required	`string`	0G Chain JSON-RPC endpoint. Default: https://evmrpc-testnet.0g.ai
`ZERO_G_CHAIN_ID`	`number`	Chain ID. Default: 16602
`SIGIL_REGISTRY_ADDRESS`	`string`	SigilRegistry contract address. Default: 0x2C0457F82B57148e8363b4589bb3294b23AE7625
`PROVENANCE_NOTARY_ADDRESS`	`string`	ProvenanceNotary contract address. Default: 0xA1103E6490ab174036392EbF5c798C9DaBAb24EE
`ZERO_G_STORAGE_RPC`	`string`	0G Storage indexer URL. Required for notarize.
`SIGIL_AGENT_PRIVATE_KEY`	`string`	Agent signing key. Required for sigil__notarize_output. Never passed in tool call payloads.
`SIGIL_API_BASE_URL`	`string`	Base URL of the Next.js app for the registration API. Default: http://localhost:3000
`SIGIL_EXPLORER_URL`	`string`	Block explorer base URL for links. Default: https://chainscan-galileo.0g.ai
`MCP_HTTP_PORT`	`number`	If set, starts an SSE/HTTP server on this port instead of using stdio.