Skip to content
@ScopeBlind

ScopeBlind

Trust infrastructure for machine decisions/human-ai coordination. Signed receipts, policy enforcement, portable agent identity, independent offline verification
README.md

ScopeBlind

Trust infrastructure for machine decisions.

Signed receipts for every AI agent decision. Shadow, simulate, enforce, sign, verify. Your agents execute tool calls, access credentials, and modify production — ScopeBlind turns every decision into portable, signed evidence verifiable by anyone, offline.

Products

Package What it does Install
protect-mcp Security gateway for MCP servers. Cedar policy engine, per-tool enforcement, signed receipts. npx protect-mcp -- node server.js
@scopeblind/passport Agent credential wrapping — runtime packs, OpenClaw config, policy templates npm i @scopeblind/passport
@scopeblind/core Core primitives for the ScopeBlind receipt protocol npm i @scopeblind/core

How it works

MCP Client ← protect-mcp → MCP Server
                  │
          ┌───────┴───────┐
          │  Cedar WASM   │ ← per-tool policies (.cedar or .json)
          │  policy eval  │
          └───────┬───────┘
                  │
          ┌───────┴───────┐
          │  Ed25519 sign  │ ← every decision gets a signed receipt
          │  receipt emit  │
          └───────┬───────┘
                  │
          ┌───────┴───────┐
          │   Verify       │ ← npx @veritasacta/verify receipt.json
          │   (offline)    │    anyone, anywhere, no API call
          └────────────────┘

Key differentiators

  • Issuer-blind verification — verify a receipt is valid without learning who issued it (patent pending)
  • Cedar policy engine — AWS-backed formal policy language with WASM evaluation
  • IETF standards trackdraft-farley-acta-signed-receipts-01
  • 4 patents pending — VOPRF metering, verifier nullifiers, offline enforcement, configurable disclosure
  • Progressive enforcement — shadow (log only) → simulate → enforce → sign

The stack

ScopeBlind (MIT) ─── commercial managed service, dashboards, enforcement
    │
    ├── protect-mcp (MIT) ─── free gateway, Cedar engine, CLI
    ├── @scopeblind/passport (Apache-2.0) ─── agent credentials
    ├── @scopeblind/core (Apache-2.0) ─── receipt primitives
    │
Veritas Acta (Apache-2.0) ─── open protocol layer
    ├── @veritasacta/verify ─── issuer-blind VOPRF verification
    ├── @veritasacta/artifacts ─── signed artifact envelopes
    └── @veritasacta/protocol ─── receipt format primitives

Apache-2.0 packages include explicit patent grant (Section 3). MIT packages are distribution-tier — use freely without restriction.

Links

Popular repositories Loading

  1. verify-mcp verify-mcp Public

    MCP server for offline verification of signed artifacts. Receipts, manifests, bundles. Apache-2.0.

    JavaScript 2 3

  2. scopeblind-gateway scopeblind-gateway Public

    Forked from tomjwxf/scopeblind-gateway

    Signed receipts and Cedar policies for AI agent tool calls. Claude Code hooks, MCP gateway, IETF Internet-Draft. npx protect-mcp

    TypeScript 1

  3. .github .github Public

    ScopeBlind organization profile

  4. agent-governance-toolkit agent-governance-toolkit Public

    Forked from microsoft/agent-governance-toolkit

    AI Agent Governance Toolkit — Policy enforcement, zero-trust identity, execution sandboxing, and reliability engineering for autonomous AI agents. Covers 10/10 OWASP Agentic Top 10.

    Python

Repositories

Showing 4 of 4 repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Top languages

Loading…

Most used topics

Loading…