@veritylayer/mcp
v0.3.0
Published
VerityLayer MCP server — an independent, fail-closed pre-commit guardrail for AI agents. guard_action: wire it into your action loop and get an allow/review/block second opinion before any spend, send, or irreversible step. Plus fact verification with Ed2
Maintainers
Readme
@veritylayer/mcp
VerityLayer — the trust layer for AI agents. This is the official VerityLayer MCP server: a fail-closed, verify-before-you-act gate your agent can call over the Model Context Protocol.
Before an agent publishes a fact, ingests untrusted text, sends data across a trust boundary, or commits something irreversible, it asks VerityLayer — and gets back a calibrated verdict, honest confidence, and (for fact checks) an Ed25519-signed receipt that proves forever what VerityLayer said.
- Engine: https://api.veritylayer.dev · Site: https://veritylayer.dev
- Payment: pay-per-call via x402 — USDC on Base mainnet (
eip155:8453) - This server holds no keys and makes no payments. It surfaces HTTP 402 challenges transparently so your x402-capable client settles the small, disclosed micro-payment. Nothing is ever charged silently.
Quickstart
npx -y @veritylayer/mcpClaude Desktop
Add to claude_desktop_config.json:
{
"mcpServers": {
"veritylayer": {
"command": "npx",
"args": ["-y", "@veritylayer/mcp"]
}
}
}Any MCP client that speaks stdio works the same way. Note: listing and calling the tools is free to try — paid tools answer with a transparent payment_required result until an x402-capable client settles the disclosed price.
Tools
Every tool states its price in its own description — the agent always knows the cost before it calls. The authoritative price is the live x402 challenge itself.
| Tool | What it answers | Price (USDC on Base) |
|---|---|---|
| guard_action ⭐ | Should this action proceed? allow / review / block — the pre-commit loop-gate | quick $0.02 (default) · standard $0.08 · pro $0.20 |
| verify_fact | Is this claim true? verdict + confidence + citations + signed receipt | quick $0.02 · grounded $0.25 (default) · pro $0.35 |
| detect_injection | Is this untrusted text a prompt injection? | quick $0.02 (default) · standard $0.06 · pro $0.15 |
| moderate_content | Is this safe to publish? publish / review / block | quick $0.02 (default) · standard $0.06 · pro $0.15 |
| redact_pii | Does this leak personal data or secrets? + redacted copy | quick $0.02 (default) · standard $0.06 · pro $0.15 |
| verify_receipt | Is this signed VerityLayer receipt genuine? | free |
⭐ Start here: wire guard_action into your loop
The single highest-value way to use VerityLayer is a standing pre-commit gate — call guard_action right before any irreversible step (spend, send, publish, delete, share) and only proceed on allow. It's built to run always-on at the $0.02 quick tier.
→ Copy-paste integration recipes (universal wrapper, MCP host prompt, LangGraph pre-tool hook): examples/guard-action-loop.md
The contract every check honors
- Fail-closed — when unsure, it returns the safe/uncertain verdict, never a confident wrong one. Uncertainty is not "allow".
- Calibrated — confidence and risk scores are honest probabilities, not decoration.
- Never invents — cites only real evidence; grounded tiers judge current facts from live web retrieval, never stale memory.
- No rent-seeking — allow/review/block cost the same; there is no incentive to block you into a bigger bill.
- Refusal is a 200 — a confident abstention is a valid, useful answer.
Signed receipts
Every paid verify_fact verdict ships a self-contained Ed25519-signed receipt: portable, stateless proof that VerityLayer issued exactly that verdict for exactly that claim. Anyone can check one — no account, no payment:
- Public key:
GET https://api.veritylayer.dev/.well-known/verity-pubkey.json - Hosted verification (free):
POST https://api.veritylayer.dev/receipt/verifywith the receipt as the body — or just use theverify_receipttool - Live signing self-test (free):
GET https://api.veritylayer.dev/receipt/selftest
This is the difference between "an API said so" and "here is cryptographic proof of what it said" — useful for audit trails, agent-to-agent trust, and disputes.
How payment works
- Your agent calls a tool (e.g.
verify_fact). - This server POSTs to the VerityLayer endpoint. If the call is unpaid, the endpoint answers HTTP 402 with an x402 challenge.
- The server returns that challenge to your agent transparently — price, currency, network, and the raw challenge included.
- An x402-capable client (or proxy) settles the disclosed USDC micro-payment on Base and retries; the verdict comes back, receipt attached.
This server never holds a wallet key and never pays on your behalf. Optionally, every paid tool accepts an affiliate_id (sent as an X-Verity-Ref header) — a pure metadata routing tag, reserved for a future referral program (no split is paid until public terms are published at veritylayer.dev). It never changes price or behavior.
Configuration
All optional — the defaults point at the live services.
| Env var | Default | Purpose |
|---|---|---|
| VERITY_ENGINE_URL | https://api.veritylayer.dev | Fact-verification engine base URL |
| VERITY_SUITE_URL | https://verity-suite.onrender.com | Trust-suite base URL (injection/moderation/PII/guardrail) |
| VERITY_TIMEOUT | 90 | Request timeout, seconds |
| VERITY_PRICE_QUICK | $0.02 | Disclosed price, verify_fact quick tier |
| VERITY_PRICE_GROUNDED | $0.25 | Disclosed price, verify_fact grounded tier |
| VERITY_PRICE_PRO | $0.35 | Disclosed price, verify_fact pro tier |
| VERITY_PRICE_SUITE | $0.02 | Disclosed price, suite quick tier |
| VERITY_PRICE_SUITE_STD | $0.06 | Disclosed price, suite standard tier |
| VERITY_PRICE_SUITE_PRO | $0.15 | Disclosed price, suite pro tier |
| VERITY_PRICE_GUARD_STD | $0.08 | Disclosed price, guardrail standard tier |
| VERITY_PRICE_GUARD_PRO | $0.20 | Disclosed price, guardrail pro tier |
The VERITY_PRICE_* vars only change what the server discloses (e.g. if you point it at your own deployment) — actual pricing is always enforced by the endpoint's x402 challenge.
Also available
A Python implementation of the VerityLayer MCP server is on PyPI as verity-mcp (MCP registry: io.github.meloliva14/verity-mcp). Note: the npm package named verity-mcp is an unrelated third-party project — VerityLayer's npm package is this one, @veritylayer/mcp.
License
MIT © VerityLayer Labs
