Prove Your MCP Server Hasn't Been Tampered With

Stop wondering if the MCP server handling your sensitive data is actually running the code you think it is. This attestable MCP server uses Intel SGX hardware attestation to provide cryptographic proof that your server is running untampered, verified code.

The Trust Problem You Didn't Know You Had

When you connect to an MCP server, you're trusting it with your data and compute. But how do you actually know it's running the intended code? Traditional approaches rely on DNS, certificates, and hope. That's not enough when you're processing financial data, healthcare records, or proprietary AI models.

This server solves that with remote attestation—your client gets cryptographic proof that the server is running exactly the code built from this GitHub repository, unmodified and running inside a secure Intel SGX enclave.

Hardware-Backed Code Verification

The magic happens through RA-TLS (Remote Attestation TLS), which embeds SGX attestation quotes directly into TLS certificates. During the handshake, your client receives:

• SGX Quote: Hardware-generated proof of the running code's measurements
• Certificate Chain: Complete Intel SGX verification chain
• Pubkey Hash: Hash of the ephemeral key generated by the TEE

You can independently verify these measurements match the exact same values generated by building and running this code locally—whether on secure hardware or in simulation mode.

Real-World Security Scenarios

Financial Services: Prove your AI risk models are running unmodified code before processing transaction data. Auditors can verify the same measurements independently.

Healthcare Data Processing: Demonstrate HIPAA compliance by showing patient data is processed by verified, untampered code running in a hardware-protected enclave.

Zero-Trust Architectures: Replace "trust but verify" with "verify then trust" by requiring attestation before any sensitive operations.

Compliance Workflows: Meet regulatory requirements that demand proof of code integrity for systems processing sensitive data.

Drop-In Attestation for Existing Workflows

The server runs as a standard MCP server with attestation as an additional verification layer. Your existing MCP clients work unchanged—they just gain the ability to verify code integrity before connecting.

# Standard development setup
docker run -p 8000:8000 --rm gsc-attestable-mcp-server

# Production with SGX hardware attestation
docker run --device=/dev/sgx_provision:/dev/sgx/provision \
  --device=/dev/sgx_enclave:/dev/sgx/enclave \
  -v /var/run/aesmd/aesm.socket:/var/run/aesmd/aesm.socket \
  -p 8000:8000 --rm gsc-attestable-mcp-server

Verifiable Builds

Every build runs on GitHub Actions inside a TEE, producing signed attestations. The Docker images are GitHub-signed, and you can independently reproduce the same attestation measurements by building locally. No black boxes—complete transparency from source to running binary.

Enterprise-Ready Security

This isn't experimental crypto—it's built on Intel SGX, industry-standard X.509 certificates, and TCG DICE specifications. The attestation chain includes Intel's root of trust, making verification straightforward for enterprise security teams.

The server handles both directions: clients can attest the server, and optionally, servers can attest connecting clients for mutual verification.

Perfect for environments where "trust me" isn't good enough, and you need mathematical proof your code is running as intended.