Receipt-signing middleware for MCP server frameworks

## Problem

MCP server implementations (Express, Hono, Cloudflare Workers) need a simple way to add receipt signing without adopting the full protect-mcp gateway. Developers want `app.use(receiptMiddleware())` — not a separate proxy process.

## Proposal

A lightweight middleware that plugs into existing MCP server frameworks:

```javascript
import { receiptMiddleware } from 'protect-mcp/middleware';

// Express
app.use('/mcp', receiptMiddleware({
  keyPath: './keys/gateway.json',
  policy: './protect-mcp.json'
}));

// Hono
app.use('/mcp/*', receiptMiddleware({ ... }));
```

### What the middleware does

1. Intercepts `tools/call` requests
2. Evaluates against policy (JSON, Cedar, or external PDP)
3. Signs the decision as an Ed25519 receipt
4. Attaches the receipt to the response headers
5. Logs to `.protect-mcp-receipts.jsonl`

### What it doesn't do

- No process wrapping — runs in-process
- No stdio proxying — HTTP only
- No approval gates — those require the full gateway

## Verification

```bash
npx @veritasacta/verify .protect-mcp-receipts.jsonl
```

## Related

- [IETF draft-farley-acta-signed-receipts-01](https://datatracker.ietf.org/doc/draft-farley-acta-signed-receipts/)
- [Google ADK RFC #5164](https://github.com/google/adk-python/issues/5164) — same pattern for Python


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Receipt-signing middleware for MCP server frameworks #4

Problem

Proposal

What the middleware does

What it doesn't do

Verification

Related

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Receipt-signing middleware for MCP server frameworks #4

Description

Problem

Proposal

What the middleware does

What it doesn't do

Verification

Related

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions