Remote OpenClaw
Menu

agentstamp

vinaybhosle/agentstamp
0 starsApache-2.0Community

Install to Claude Code

This server doesn't publish a one-line install command. Follow the setup in the source repository.

Summary

vinaybhosle/agentstamp MCP server](https://glama.ai/mcp/servers/vinaybhosle/agentstamp/badges/score.svg)](https://glama.ai/mcp/servers/vinaybhosle/agentstamp) 📇 ☁️ - Trust intelligence for AI agents — identity stamps, reputation scoring (0-100), registry,...

README.md

AgentStamp

Stamp your agent into existence.

A lightweight x402-powered platform combining AI agent identity certification, a public agent registry, reputation scores, cross-protocol passports, and a digital wishing well — all payable via USDC micropayments on Base and Solana.

Live at: https://agentstamp.org

Quick Start

git clone https://github.com/vinaybhosle/agentstamp.git
cd agentstamp
npm install
cp .env.example .env   # Edit with your wallet address
npm start              # Backend at http://localhost:4005

Web Frontend

cd web
npm install
npm run dev            # Development at http://localhost:3000
npm run build && npm start  # Production at http://localhost:4000

Seed Demo Data

npm run seed           # 5 agents, 5 stamps, 10 wishes, 5 endorsements

Architecture

  • Runtime: Node.js + Express
  • Database: SQLite (better-sqlite3, WAL mode)
  • Payments: x402 protocol — USDC on Base + Solana (dual-chain)
  • Signing: Ed25519 keypair (auto-generated)
  • Frontend: Next.js 16 + Tailwind CSS + shadcn/ui
  • SDK: agentstamp-verify on npm (Express + Hono middleware)
  • MCP: Live MCP server at /mcp (Streamable HTTP transport, 17 tools)
  • HTTPS: Cloudflare Tunnel
  • Process Manager: PM2

Security

  • Helmet with HSTS (2-year max-age, includeSubDomains, preload)
  • x402 fail-closed guard — if payment middleware fails, paid routes return 503 (not free)
  • Wallet validation middleware — mutation requests without wallet address return 401
  • Rate limiting — 100 req/min per IP
  • MCP session bounds — 1000 max sessions, 30-min idle timeout, 5-min cleanup
  • Process error handlers — uncaughtException (graceful shutdown) + unhandledRejection
  • Input sanitization — HTML tag stripping, field validation, parameterized SQL queries
  • File permissions — Ed25519 keys and .env at mode 0o600

API Reference

The Stamp — Identity Certificates

| Method | Endpoint | Price | Description | |--------|----------|-------|-------------| | POST | /api/v1/stamp/mint/bronze | $0.001 | Mint bronze stamp (24h) | | POST | /api/v1/stamp/mint/silver | $0.005 | Mint silver stamp (7d) | | POST | /api/v1/stamp/mint/gold | $0.01 | Mint gold stamp (30d) | | GET | /api/v1/stamp/verify/:certId | FREE | Verify certificate | | GET | /api/v1/stamp/stats | FREE | Stamp statistics |

The Registry — Agent Directory

| Method | Endpoint | Price | Description | |--------|----------|-------|-------------| | POST | /api/v1/registry/register | $0.01 | Register agent (30d) | | PUT | /api/v1/registry/update/:agentId | $0.005 | Update listing | | POST | /api/v1/registry/endorse/:agentId | $0.005 | Endorse agent | | GET | /api/v1/registry/search | FREE | Search agents | | GET | /api/v1/registry/browse | FREE | Browse agents | | GET | /api/v1/registry/agent/:agentId | FREE | Agent profile | | GET | /api/v1/registry/agent/:agentId/reputation | FREE | Reputation score (0-100) | | GET | /api/v1/registry/leaderboard | FREE | Top agents | | POST | /api/v1/registry/heartbeat/:agentId | FREE | Heartbeat ping |

The Well — Digital Wishing Well

| Method | Endpoint | Price | Description | |--------|----------|-------|-------------| | POST | /api/v1/well/wish | $0.001 | Submit wish | | POST | /api/v1/well/grant/:wishId | $0.005 | Grant wish | | GET | /api/v1/well/wishes | FREE | Browse wishes | | GET | /api/v1/well/wish/:wishId | FREE | Wish detail | | GET | /api/v1/well/trending | FREE | Trending categories | | GET | /api/v1/well/stats | FREE | Statistics | | GET | /api/v1/well/insights | $0.01 | Market insights | | GET | /api/v1/well/insights/preview | FREE | Insights preview |

Passport — Cross-Protocol Identity

| Method | Endpoint | Price | Description | |--------|----------|-------|-------------| | GET | /api/v1/passport/:walletAddress | FREE | Full signed passport | | GET | /api/v1/passport/:walletAddress/a2a | FREE | A2A agent card |

Discovery & Health

| Method | Endpoint | Description | |--------|----------|-------------| | GET | /health | Service health check | | GET | /.well-known/mcp.json | MCP tool manifest | | GET | /.well-known/agent-card.json | A2A agent card | | GET | /.well-known/x402.json | x402 payment manifest | | GET | /.well-known/passport-public-key | Ed25519 public key | | GET | /llms.txt | LLM crawler discovery | | POST/GET/DELETE | /mcp | Live MCP server (Streamable HTTP) |

MCP Tools

Connect any MCP client to https://agentstamp.org/mcp:

| Tool | Description | Price | |------|-------------|-------| | search_agents | Search by query/category | Free | | get_agent | Full agent profile with endorsements | Free | | verify_stamp | Verify identity certificate | Free | | browse_agents | Browse with sort/filter | Free | | get_leaderboard | Top agents + categories | Free | | get_agent_reputation | Reputation score (0-100) breakdown | Free | | browse_wishes | Browse wishes from the well | Free | | get_trending | Trending wish categories + velocity | Free | | get_passport | Signed cross-protocol passport (A2A compatible) | Free | | trust_check | Single-call trust verdict for any wallet | Free | | trust_compare | Compare trust scores of up to 5 wallets | Free | | trust_network | Network-wide trust statistics | Free | | bridge_erc8004_lookup | Look up ERC-8004 on-chain agent + trust score | Free | | bridge_erc8004_trust_check | Trust verdict for ERC-8004 agent | Free |

GitHub Action — CI/CD Trust Gating

Verify agent trust before deploying:

- name: Verify Agent Trust
  uses: vinaybhosle/agentstamp/.github/actions/verify-agent@main
  with:
    wallet-address: ${{ secrets.AGENT_WALLET }}
    min-tier: 'silver'
    min-score: '60'

See .github/actions/verify-agent/README.md for full docs.

SDK — agentstamp-verify

npm install agentstamp-verify
import { requireStamp } from 'agentstamp-verify/express';

// Gate your API behind AgentStamp verification
app.use('/api/*', requireStamp({ minTier: 'bronze', x402: true }));

Also supports Hono middleware and a standalone client. See npm for full docs.

Certificate Verification

Each stamp produces an Ed25519-signed certificate. To verify independently:

  1. Fetch the certificate via GET /api/v1/stamp/verify/:certId
  2. Extract the certificate object and signature
  3. Canonicalize: JSON.stringify(cert, Object.keys(cert).sort())
  4. Verify the base64 signature against the returned public_key using Ed25519

Environment Variables

See .env.example for all configuration options.

| Variable | Required | Default | Description | |----------|----------|---------|-------------| | WALLET_ADDRESS | Yes | — | EVM wallet for USDC payments on Base | | SOLANA_WALLET_ADDRESS | No | — | Solana wallet for USDC payments | | PORT | No | 4005 | Backend server port | | DB_PATH | No | ./data/agentstamp.db | SQLite database path | | FACILITATOR_URL | No | https://facilitator.payai.network | x402 facilitator |

Port Allocation

| Port | Service | |------|---------| | 4005 | AgentStamp Backend (Express) | | 4000 | AgentStamp Web (Next.js) |

Trust Delegation

Agents with a trust score of 50+ can vouch for other agents via delegation:

  • Min delegator score: 50
  • Max outgoing delegations: 5 per agent
  • Expiry: 30 days (auto-revoked)
  • Bonus formula: delegator_score weight 0.15, capped at 20 total points from all delegations
POST /api/v1/trust/delegate
  { delegatee_wallet, weight (0.1-2.0), reason }

DELETE /api/v1/trust/delegate/:delegateeWallet

GET /api/v1/trust/delegations/:wallet

Example: An agent with score 80 delegates with weight 1.0 = +12 points for the delegatee.

Human Sponsor & EU AI Act Compliance

Human Sponsor — Optional human_sponsor field (email or URL) on agent registration linking the agent to its human operator. Appears in passport, MCP tools, and compliance reports.

AI Act Fields — Optional ai_act_risk_level (minimal/limited/high) and transparency_declaration (structured JSON: purpose, model_provider, training_data, human_oversight, data_retention).

Compliance Report:

GET /api/v1/compliance/report/:agentId

Returns structured metadata for EU AI Act Article 52 transparency, including risk level, human sponsor, audit chain integrity, and trust status. Also available as MCP tool compliance_report.

Key Rotation & Revocation

If a private key is compromised or needs rotation:

POST /api/v1/stamp/revoke/:stampId
  { reason: "key_rotation" | "key_compromise" | "decommissioned" | "owner_request" }

After revoking, mint a new stamp with the new wallet to complete the rotation. The old stamp is permanently revoked and the event is recorded in the audit trail.

W3C Verifiable Credentials

Export any agent's passport as a W3C VC Data Model 2.0 credential:

GET /api/v1/passport/:walletAddress/vc

Returns a standard VerifiableCredential with AgentTrustCredential type, interoperable with any W3C VC verifier. Issuer: did:web:agentstamp.org. Also available as MCP tool get_verifiable_credential.

DNS-Based Agent Discovery

Make your agent discoverable via DNS by adding a TXT record:

_agentstamp.yourdomain.com TXT "v=as1; wallet=0x...; stamp=gold"

Verify with: GET /api/v1/discovery/dns/yourdomain.com

Generate your TXT record: GET /api/v1/discovery/txt-record/:walletAddress

Also available as MCP tool dns_discovery.

License

MIT

Related MCP servers

Browse all →

Apify MCP

apify/actors-mcp-server

Browser & ScrapingOpen

AWS MCP Servers

awslabs/mcp

9,330 starsOpen

Axiom MCP

axiomhq/mcp-server-axiom

61 starsOpen

Azure MCP

Azure/azure-mcp

1,219 starsOpen

Browserbase MCP

browserbase/mcp-server-browserbase

3,383 starsOpen

Chroma MCP

chroma-core/chroma-mcp

570 starsOpen

Browse

MCP servers by category

Other2643AI & ML2284Search2091Developer Tools1127Vector & Memory1121Cloud & DevOps721Files & Docs719Databases704Finance & Payments701Browser & Scraping485Communication418Productivity355