npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@authproof/mcp-server

v0.3.0

Published

Secure API access for AI agents. AuthProof lets agents discover projects, self-register, and make signed, non-replayable requests without shared API keys.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

kaethebaekaethebae

Keywords

authenticationsecurityai-agentsmcpapiapi-authagent-identityrequest-signingerc8128authproof

Readme

@authproof/mcp-server

MCP (Model Context Protocol) server for AuthProof. It lets AI agents discover AuthProof projects, self-register, and make signed, non-replayable HTTP requests without carrying shared API keys.

What it does

AuthProof replaces shared API keys with signed, per-request authentication:

  • Agents can discover APIs that accept AuthProof registrations
  • Agents can generate a wallet locally and self-register
  • Each outbound request is signed and attributable to a specific agent
  • The private key never leaves the agent runtime
  • Replayed requests are rejected server-side

This package gives MCP-compatible clients a native tool layer for that flow.

Distribution modes

  • stdio MCP: install with npx -y @authproof/mcp-server
  • remote MCP: host the server at an HTTP endpoint such as https://authproof.io/mcp

Install

Most MCP clients can launch the server directly with npx:

{
  "mcpServers": {
    "authproof": {
      "command": "npx",
      "args": ["-y", "@authproof/mcp-server"],
      "env": {
        "AUTHPROOF_SERVER": "https://authproof.io"
      }
    }
  }
}

If the agent already has a wallet, also provide AGENT_PRIVATE_KEY. If not, the register_authproof_agent tool can generate one during onboarding.

Autonomous flow

  1. Call discover_authproof_projects to find APIs accepting agents
  2. Call register_authproof_agent to generate a wallet and request access
  3. Call check_authproof_registration_status if approval is pending
  4. Call send_signed_authproof_request to make authenticated requests
  5. If credits run out (402), use send_paid_authproof_request to auto-pay with USDC and retry

Tools

discover_authproof_projects

Browse projects on an AuthProof server that accept autonomous agents.

| Parameter | Type | Required | Description | |-----------|------|----------|-------------| | limit | number | No | Max projects to return. Defaults to 10. |

register_authproof_agent

Generate a wallet locally and register the agent with a project.

| Parameter | Type | Required | Description | |-----------|------|----------|-------------| | projectId | string | Yes | Project to register with | | name | string | No | Human-readable agent name |

Returns the generated private key when one did not already exist. Persist it immediately.

check_authproof_registration_status

Poll whether the current agent wallet has been approved for a project.

| Parameter | Type | Required | Description | |-----------|------|----------|-------------| | projectId | string | Yes | Project to check |

send_signed_authproof_request

Make an authenticated HTTP request. Each request is signed with the agent wallet per ERC-8128.

| Parameter | Type | Required | Description | |-----------|------|----------|-------------| | url | string | Yes | URL to fetch | | method | string | No | HTTP method. Defaults to GET. | | headers | object | No | Request headers | | body | string | No | Request body |

send_paid_authproof_request

Same as send_signed_authproof_request, but automatically handles 402 Payment Required responses by paying on-chain with USDC. Requires AUTHPROOF_RPC_URL to be set.

When a 402 is returned, the tool:

  1. Requests a payment quote from the server
  2. Sends a USDC transfer on-chain
  3. Verifies the payment with the server
  4. Retries the original request

The response includes a payment object with txHash, receiptId, and amount when a payment was made.

| Parameter | Type | Required | Description | |-----------|------|----------|-------------| | url | string | Yes | URL to fetch | | method | string | No | HTTP method. Defaults to GET. | | headers | object | No | Request headers | | body | string | No | Request body |

get_authproof_wallet_info

Return the current wallet address and chain ID.

Environment variables

| Variable | Required | Description | |----------|----------|-------------| | AUTHPROOF_SERVER | No | AuthProof host. Defaults to http://localhost:3000. | | AGENT_PRIVATE_KEY | No | Existing agent wallet private key. Optional because register_authproof_agent can generate one. | | AUTHPROOF_CHAIN_ID | No | Chain ID used for signing. Defaults to 84532 (Base Sepolia). | | AUTHPROOF_RPC_URL | No | JSON-RPC URL for the payment chain (e.g. https://mainnet.base.org). Required for paid_fetch. |

Example

discover_authproof_projects({})
register_authproof_agent({ projectId: "proj_123", name: "research-agent" })
check_authproof_registration_status({ projectId: "proj_123" })
send_signed_authproof_request({
  url: "https://api.example.com/orders",
  method: "POST",
  headers: { "content-type": "application/json" },
  body: "{\"sku\":\"hoodie-001\"}"
})

Related surfaces

  • Docs: https://authproof.io/docs
  • Agent-readable docs: https://authproof.io/llms.txt
  • Full LLM context: https://authproof.io/llms-full.txt
  • Agent integration spec: https://authproof.io/agents.json
  • Discovery endpoint: https://authproof.io/.well-known/authproof
  • ERC-8128 discovery: https://authproof.io/.well-known/erc8128
  • Remote MCP endpoint: https://authproof.io/mcp