TrustAtom MCP Server
Cryptographic receipts for AI decisions. 5 minutes to your first receipt.
Every AI decision in your org is unsigned — and your auditor is going to ask about it. TrustAtom signs every decision with Ed25519 and returns a verifiable receipt in under 3ms.
Quick Start
git clone https://github.com/CWNApps/trustatom-mcp
cd trustatom-mcp
npm install
npm run keygen # Generate Ed25519 key pair
npm test # Run 8 eval tests
Add to Claude Desktop
{
"mcpServers": {
"trustatom": {
"command": "npx",
"args": ["tsx", "src/server.ts"],
"cwd": "/path/to/trustatom-mcp",
"env": { "TRUSTATOM_KEY_PATH": "./keys/trustatom_keys.json" }
}
}
}
Then in Claude: "Sign this AI decision with TrustAtom" → receipt issued automatically.
What It Does
| Tool | Description | When |
|---|---|---|
create_trustatom |
Sign a decision, return receipt | At every AI decision point |
verify_trustatom |
Verify an existing receipt | During audit, dispute resolution |
query_receipts |
Query the receipt ledger | Compliance reporting |
get_compliance_report |
Framework-mapped report | Board report, ATO package |
Example: Healthcare AI Triage (HIPAA)
You: "Our clinical AI just triaged patient #4422 as ESI-3 with 67% confidence.
Sign this decision for HIPAA compliance."
Claude (via TrustAtom MCP):
✅ Receipt ta_7f3a2b signed in 1.2ms
Action: TRIAGE_PATIENT
Decision: ALLOW
Compliance: HIPAA:164.312(b), HL7
Risk Score: 0.80
Signature: ed25519:abc123...
What the auditor sees: "On Mar 7 at 14:22, clinical-ai-v2 classified patient #4422 as ESI-3. Receipt ta_7f3a2b is Ed25519-signed. Control: HIPAA 164.312(b)."
Compliance Frameworks
TrustAtom auto-maps actions to framework controls:
| Action | Frameworks |
|---|---|
TRIAGE_PATIENT |
HIPAA 164.312(b), HL7 |
APPROVE_LOAN |
SOX 302, FCRA |
TRADE_SIGNAL |
SOX 302, SEC 17a-4 |
DEPLOY |
NIST PR, SOC2 CC6.1 |
EXPORT_INTEGRATION |
NIST PR/RS, SOC2 A1.2 |
| Custom | NIST PR (default) |
Performance
- Signing: <3ms average (Ed25519 + SHA-256)
- Verification: <1ms
- Receipt size: ~500 bytes JSON
Architecture
Your AI Agent
↓ (MCP call)
TrustAtom MCP Server (local)
├── Ed25519 key pair (you own the keys)
├── SHA-256 evidence hash
├── Compliance auto-mapping
└── In-memory ledger (pluggable to Neo4j/SQLite)
↓
Receipt returned to your agent
Eval Tests
8 tests covering signing, verification, tampering detection, compliance mapping, risk scoring, and performance:
npm test
# ✅ Signs a decision and returns a valid receipt
# ✅ Verifies an authentic receipt
# ✅ Detects tampered receipt
# ✅ Auto-maps TRIAGE_PATIENT to HIPAA compliance tags
# ✅ Auto-maps APPROVE_LOAN to SOX compliance tags
# ✅ Computes risk score from action when not provided
# ✅ Signs DENY decisions with same integrity
# ✅ Signs within 3ms target for production use
# Results: 8 passed, 0 failed
Enterprise
Need hosted infrastructure with SLA? Contact [email protected]
| Tier | Calls/day | Price |
|---|---|---|
| Developer | 1,000 | Free |
| Professional | 100,000 | $299/mo |
| Enterprise | Unlimited | $2,499/mo |
Built By
Cyber Warrior Network — Trust Gate: Policy-gated AI decisions with cryptographic receipts.
No Receipt. No Trust.
