Verify that any MCP server is running the intended and untampered code via hardware attestation.
Overview
What is attestable-mcp-server?
The attestable-mcp-server is a project designed to verify that any MCP server is running the intended and untampered code via hardware attestation, ensuring security and integrity in remote environments.
How to use attestable-mcp-server?
To use the attestable-mcp-server, you need to set up a trusted execution environment (TEE) and follow the quickstart guide provided in the documentation to build and run the server using Docker.
Key features of attestable-mcp-server?
- Remotely attest the code running on any MCP server.
- Optionally, MCP servers can also remotely attest MCP clients.
- Utilizes RA-TLS for secure client-server communication.
Use cases of attestable-mcp-server?
- Ensuring the integrity of code running on cloud-based MCP servers.
- Verifying the authenticity of software in remote attestation scenarios.
- Supporting secure communications between clients and servers in sensitive applications.
FAQ from attestable-mcp-server?
- What is remote attestation?
Remote attestation is a process that allows a client to verify the integrity of a server's code and environment before establishing a connection.
- What hardware is required?
The project requires Intel SGX hardware to function properly.
- Is there a way to independently verify the server's code?
Yes! You can build and run the code locally on emulated hardware or secure hardware to validate the attestation.