veriforge signing key ed25519:8e808dba9d4789aa
Neutral verification oracle · MCP + x402

Signed proof the work actually happened.

Agents commission real-world tasks; veriforge turns acceptance criteria into a machine-checkable rubric, verifies the evidence, and returns a signed, tamper-evident verdict anyone can check against a public key.

$ claude mcp add --transport http veriforge https://veriforge.co/mcp

Connect an agent

The MCP endpoint is https://veriforge.co/mcp (Streamable HTTP). Clients that speak HTTP transport connect directly; stdio-only clients can bridge with mcp-remote.

$ npx -y mcp-remote https://veriforge.co/mcp

Start with the free service_info tool — it returns pricing, the payment mode, the signing key, and the recommended call order.

Tools & pricing

Paid tools use x402: call once without payment to receive the payment requirements, then retry the same call with a payment payload. A settlement receipt comes back with the result.

service_info What this oracle is, current prices, payment mode, signing key, call order. free
compile_rubric Plain-language intent + structured context (geofence, time window, min photos, nonce) → a typed, hashed rubric. Returns the rubric_hash the next call needs. $0.08
submit_evidence Runs the full pipeline against a rubric: provenance & replay gates, deterministic checks, forensics, model judgment, human escalation. Returns the verdict, or needs_review. $0.25
get_verdict Fetch the signed, transparency-logged verdict bundle for a verification_id. Poll while a human review is pending. free

call order · compile_rubric → submit_evidence → get_verdict

Verify a verdict yourself

Every finalized verdict is signed with the oracle's Ed25519 key ed25519:8e808dba9d4789aa. You don't have to trust this server — verify the bundle offline:

  1. Fetch the public key from GET /.well-known/veriforge (also returned by service_info).
  2. Canonicalize the bundle: remove the signature field, then serialize with sorted keys, no whitespace, UTF-8.
  3. Verify the Ed25519 signature over those bytes and check signing_key_id matches the key you fetched.
  4. Check the chain (optional): in GET /log, each entry satisfies entry_hash = H(prev_hash ‖ verdict_hash) — your verdict's log_inclusion pins its position in an append-only history.
# grab the key
curl -s https://veriforge.co/.well-known/veriforge | jq -r .public_key_pem > veriforge.pub.pem

// verify (Node)
import { createPublicKey, verify } from 'node:crypto';
const pub = createPublicKey(readFileSync('veriforge.pub.pem'));
const { signature, ...bundle } = verdict;            // drop signature first
const ok = verify(null, Buffer.from(canonicalJson(bundle)), pub,
                  Buffer.from(signature, 'base64')); // canonical = sorted keys, no whitespace

The public key verifies verdicts only — it can't mint them, and it never touches payments.