Signet
Open-source MCP server that exposes Signet cryptographic tools over stdio. It provides tools to generate Ed25519 keypairs, sign MCP actions, verify Signet receipts, and compute canonical content hashes for AI agent audit and accountability workflows.
What is Signet?
Signet is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to open-source mcp server that exposes signet cryptographic tools over stdio. it provides tools to generate ed25519 keypairs, sign mcp actions, verify signet receipts, and compute canonical content hashe...
Open-source MCP server that exposes Signet cryptographic tools over stdio. It provides tools to generate Ed25519 keypairs, sign MCP actions, verify Signet receipts, and compute canonical content hashes for AI agent audit and accountability workflows.
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- Open-source MCP server that exposes Signet cryptographic too
Use Cases
Maintainer
Works with
Installation
NPM
npx -y @signet-auth/mcp-toolsManual Installation
npx -y @signet-auth/mcp-toolsConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use Signet
Signet is an open-source MCP server written in Rust that adds cryptographic signing and audit capabilities to AI agent workflows. It exposes tools over stdio for generating Ed25519 keypairs, signing MCP tool invocations, verifying Signet receipts, and computing canonical content hashes — creating a tamper-evident, append-only audit log of every action taken by an AI agent. Teams using Claude Code, Cursor, CrewAI, LangChain, or AutoGen can wrap any MCP server with Signet to achieve accountability and non-repudiation without changing their existing workflow.
Prerequisites
- Node.js 18 or later (for npx-based installation)
- An MCP-compatible client such as Claude Desktop, Claude Code, or Cursor
- Optional: Rust toolchain if building from source via cargo install signet-cli
- Optional: SIGNET_PASSPHRASE environment variable set for non-interactive CI usage
Install the Signet MCP tools package
The quickest way to run the Signet MCP server is via npx, which downloads and executes the @signet-auth/mcp-tools package without a permanent install. This is the recommended approach for Claude Desktop and Claude Code.
npx -y @signet-auth/mcp-toolsGenerate an Ed25519 identity keypair
Before signing actions, create a named keypair. The private key is encrypted at rest in ~/.signet/keys/ by default. You can override the storage location with SIGNET_HOME.
# Using the signet CLI (cargo install signet-cli)
signet identity generate --name my-agentAdd the server to your MCP client configuration
Register the Signet MCP server in your client config. The server communicates over stdio and requires no network access. Set environment variables to control signing behavior and key storage.
{
"mcpServers": {
"signet": {
"command": "npx",
"args": ["-y", "@signet-auth/mcp-tools"],
"env": {
"SIGNET_HOME": "~/.signet",
"SIGNET_REQUIRE_SIGNATURE": "true",
"SIGNET_MAX_AGE": "300"
}
}
}
}Sign a tool action using the proxy mode
Signet can wrap any existing MCP stdio server transparently, signing every tool call that passes through it. Point --target at the command that starts your underlying MCP server and --key at your named identity.
signet proxy --target "npx -y @modelcontextprotocol/server-filesystem" --key my-agentInspect and verify the audit log
All signed actions are appended to ~/.signet/audit/ with SHA-256 hash-chaining. Use the CLI to review recent actions or open a browser-based dashboard to verify receipt signatures interactively.
signet audit # List recent signed actions
signet audit --verify # Verify all receipt signatures
signet dashboard # Open browser UI at localhostSignet Examples
Client configuration (claude_desktop_config.json)
Configuration block for Claude Desktop using the Signet MCP tools package with signature enforcement enabled.
{
"mcpServers": {
"signet": {
"command": "npx",
"args": ["-y", "@signet-auth/mcp-tools"],
"env": {
"SIGNET_HOME": "/Users/you/.signet",
"SIGNET_REQUIRE_SIGNATURE": "true",
"SIGNET_PASSPHRASE": "your-passphrase",
"SIGNET_MAX_AGE": "600"
}
}
}
}Prompts to try
Example prompts that demonstrate Signet's cryptographic and audit capabilities.
- "Generate a new Ed25519 keypair named 'ci-bot' for signing agent actions"
- "Sign this MCP tool invocation with my 'my-agent' key and return the receipt"
- "Verify the signature on this Signet receipt and confirm it hasn't been tampered with"
- "Compute the canonical content hash of this JSON payload"
- "Show me the audit log of all signed actions from the last hour"Troubleshooting Signet
signet audit --verify reports invalid signatures
Ensure SIGNET_HOME points to the same directory used when signing. If you moved or copied the audit directory, the hash chain may be broken. Re-verify using the original key stored in SIGNET_HOME/keys/.
npx -y @signet-auth/mcp-tools fails with ENOENT or permission errors
Clear the npx cache with `npm cache clean --force` and retry. If running in a sandboxed environment, ensure network access to the npm registry is allowed, or pre-install with `npm install -g @signet-auth/mcp-tools` and use the installed binary path instead of npx.
Passphrase prompt blocks non-interactive CI runs
Set the SIGNET_PASSPHRASE environment variable to supply the passphrase non-interactively. Store it in your CI secret vault and inject it into the environment at runtime rather than hardcoding it in the MCP config file.
Frequently Asked Questions about Signet
What is Signet?
Signet is a Model Context Protocol (MCP) server that open-source mcp server that exposes signet cryptographic tools over stdio. it provides tools to generate ed25519 keypairs, sign mcp actions, verify signet receipts, and compute canonical content hashes for ai agent audit and accountability workflows. It connects AI assistants to external tools and data sources through a standardized interface.
How do I install Signet?
Install via npm with the command: npx -y @signet-auth/mcp-tools. Then add the server configuration to your AI client's JSON config file (e.g., claude_desktop_config.json or .cursor/mcp.json).
Which AI clients work with Signet?
Signet works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is Signet free to use?
Yes, Signet is open source and available under the Apache 2.0 license. You can use it freely in both personal and commercial projects.
Signet Alternatives — Similar Security Servers
Looking for alternatives to Signet? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
★ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
★ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
HexStrike AI
★ 8.9kHexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
IDA Pro MCP
★ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
★ 6.6k754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
★ 5.1k🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up Signet in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use Signet?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.