@gera-services/mcp-gera-verify 1.0.0

package/dist/server.js

@@ -0,0 +1,441 @@
+/**
+ * Gera Verify MCP Server (stdio) — "Proof-of-Real"
+ *
+ * A Model Context Protocol server any AI agent (Claude, ChatGPT-with-tools,
+ * Cursor, any MCP client) can call to answer "is this real / how trustworthy
+ * is this?" about a UK business, food establishment, or care provider.
+ *
+ * It is seeded with REAL verified data Gera already owns and renders on its
+ * products: the FSA Food Hygiene Rating Scheme (used by GeraEats), the CQC
+ * care-provider registry (used by GeraClinic), public doctor listings, and
+ * Gera's crawled verified-provider set. Everything is offline — the data is a
+ * committed on-disk snapshot, so the server gives the same verified answer the
+ * Gera products give and runs anywhere with no backend, network, or auth.
+ *
+ * Honesty contract: every signal is source-attributed with an as-of date. When
+ * a subject is not in our records, the tools say so plainly ("not in our
+ * verified records") — they NEVER invent a rating or a status. Unavailable
+ * signals are reported as "unknown", not guessed.
+ *
+ * Product: Gera Verify — a Gera Systems product (gera.services).
+ */
+import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+import { z } from 'zod';
+import { fhrs, cqc, doctors, providers, findByName, norm, } from './data.js';
+import { signAttestation, publicKeyInfo } from './sign.js';
+function asText(payload) {
+    return {
+        content: [{ type: 'text', text: JSON.stringify(payload, null, 2) }],
+    };
+}
+const HONESTY_NOTE = 'Every signal is sourced from real verified data Gera holds on disk, attributed with an as-of date. Absence of a record means "not in our verified records", never that the subject is untrustworthy. Unknown signals are reported as unknown, never inferred.';
+// ── FHRS food-hygiene lookup ─────────────────────────────────────────────────
+function fhrsSource() {
+    return {
+        source: fhrs.meta.source,
+        sourceUrl: fhrs.meta.sourceUrl,
+        asOf: fhrs.meta.asOf,
+        attribution: fhrs.meta.attribution,
+    };
+}
+function fhrsMatch(name, city, postcode) {
+    return findByName(fhrs.records, name, { city, postcode }, (r) => ({ address: r.address, postcode: r.postcode, authority: r.authority }));
+}
+function describeFhrs(r) {
+    const isFhis = r.scheme === 'FHIS';
+    return {
+        establishment: r.name,
+        address: r.address,
+        postcode: r.postcode,
+        businessType: r.businessType,
+        localAuthority: r.authority,
+        scheme: r.scheme,
+        scheme_explained: isFhis
+            ? 'FHIS (Scotland): Pass / Improvement Required / Awaiting Inspection — not a 0-5 scale.'
+            : 'FHRS (England, Wales, N. Ireland): 0 (urgent improvement necessary) to 5 (very good).',
+        rating: r.rating, // numeric 0-5 for FHRS; null for FHIS
+        rating_label: r.ratingLabel,
+        rating_date: r.ratingDate,
+        fhrsId: r.fhrsId,
+        source: `Source: FSA Food Hygiene Rating Scheme, local authority "${r.authority}", as of ${fhrs.meta.asOf}.`,
+    };
+}
+// ── CQC care-provider lookup ─────────────────────────────────────────────────
+function cqcMatch(name, city, postcode) {
+    return findByName(cqc.records, name, { city, postcode }, (r) => ({ address: r.address, postcode: r.postcode, authority: r.authority }));
+}
+function describeCqc(r) {
+    return {
+        provider: r.name,
+        parentProvider: r.providerName,
+        address: r.address,
+        postcode: r.postcode,
+        phone: r.phone,
+        website: r.website,
+        serviceTypes: r.serviceTypes,
+        localAuthority: r.authority,
+        region: r.region,
+        cqc_registered: true,
+        last_inspected: r.lastInspected,
+        // CQC's categorical overall rating is NOT in our snapshot — honestly unknown.
+        overall_rating: 'unknown',
+        overall_rating_note: 'Verified CQC-registered provider. CQC publishes a categorical overall rating (Outstanding / Good / Requires improvement / Inadequate) at cqc.org.uk; that field is not in our snapshot, so it is reported as unknown — never inferred. Check the live profile for the current rating.',
+        cqcLocationId: r.cqcLocationId,
+        cqc_profile: `https://www.cqc.org.uk/location/${r.cqcLocationId}`,
+        source: `Source: Care Quality Commission registry, local authority "${r.authority}", as of ${cqc.meta.asOf}.`,
+    };
+}
+// ── Verified-provider (crawled set) lookup ───────────────────────────────────
+function providerMatch(name, city) {
+    return findByName(providers.records, name, { city }, (r) => ({ city: r.city }));
+}
+function describeProvider(r) {
+    return {
+        name: r.name,
+        type: r.type,
+        specialty: r.specialty,
+        city: r.city,
+        country: r.country,
+        website: r.website,
+        in_gera_verified_set: true,
+        crawl_source: r.source,
+        source_url: r.sourceUrl,
+        crawled_at: r.crawledAt,
+        source: `Source: Gera verified-provider crawl ("${r.source}"), as of ${r.crawledAt}.`,
+    };
+}
+/**
+ * Register all Gera Verify tools on a McpServer instance. Transport-agnostic:
+ * the same handlers serve stdio (local) and Streamable HTTP / SSE (hosted).
+ */
+export function registerTools(server) {
+    // ── Tool 1: lookup_food_hygiene ───────────────────────────────────────────
+    server.registerTool('lookup_food_hygiene', {
+        title: 'Look up a real FSA food-hygiene rating',
+        description: 'Look up the REAL Food Standards Agency food-hygiene rating for a UK food business by name (optionally narrowed by city or postcode). Returns the FHRS rating (0-5; England/Wales/NI) or FHIS status (Pass / Improvement Required; Scotland), the rated establishment, business type, local authority, and rating date — source-attributed to the FSA. If the business is not in our snapshot, says so plainly. Data is a real on-disk snapshot, not a live API call.',
+        inputSchema: {
+            name: z.string().describe('Business / establishment name, e.g. "Etci Mehmet Steak House".'),
+            city: z.string().optional().describe('City or town to narrow the match, e.g. "Birmingham".'),
+            postcode: z.string().optional().describe('Full or partial UK postcode, e.g. "B7 5SA" or "B7".'),
+        },
+    }, async ({ name, city, postcode }) => {
+        const matches = fhrsMatch(name, city, postcode);
+        if (matches.length === 0) {
+            return asText({
+                query: { name, city: city ?? null, postcode: postcode ?? null },
+                found: false,
+                message: `"${name}" is not in our verified FSA food-hygiene records${city ? ` for ${city}` : ''}. This is not a judgement — it only means we have no FHRS record on file for it in this snapshot.`,
+                coverage: `${fhrs.records.length} establishments across UK local authorities (FSA top/worst-rated sample).`,
+                ...fhrsSource(),
+                honesty_note: HONESTY_NOTE,
+            });
+        }
+        return asText({
+            query: { name, city: city ?? null, postcode: postcode ?? null },
+            found: true,
+            best_match: describeFhrs(matches[0].record),
+            other_matches: matches.slice(1).map((m) => describeFhrs(m.record)),
+            ...fhrsSource(),
+            honesty_note: HONESTY_NOTE,
+        });
+    });
+    // ── Tool 2: lookup_care_rating ────────────────────────────────────────────
+    server.registerTool('lookup_care_rating', {
+        title: 'Look up a real CQC care provider',
+        description: 'Look up a UK health/social-care provider in the REAL Care Quality Commission (CQC) registry by name (optionally narrowed by city or postcode). Confirms the provider is CQC-registered and returns its registered name, address, service types, last-inspection date, region, and a link to its live CQC profile — source-attributed to the CQC. NOTE: CQC ratings are categorical (Outstanding / Good / Requires improvement / Inadequate), NEVER numeric; our snapshot does not carry the categorical rating, so overall_rating is honestly returned as "unknown" with a link to check it live. If the provider is not registered with CQC in our records, says so plainly.',
+        inputSchema: {
+            name: z.string().describe('Care/health provider name, e.g. "Woodlands Health Centre".'),
+            city: z.string().optional().describe('City or local authority to narrow the match.'),
+            postcode: z.string().optional().describe('Full or partial UK postcode.'),
+        },
+    }, async ({ name, city, postcode }) => {
+        const matches = cqcMatch(name, city, postcode);
+        if (matches.length === 0) {
+            return asText({
+                query: { name, city: city ?? null, postcode: postcode ?? null },
+                found: false,
+                message: `"${name}" is not in our verified CQC registry records${city ? ` for ${city}` : ''}. It may still be CQC-registered — check cqc.org.uk — but we have no record of it in this snapshot.`,
+                coverage: `${cqc.records.length} CQC-registered providers across UK local authorities.`,
+                source: cqc.meta.source,
+                sourceUrl: cqc.meta.sourceUrl,
+                asOf: cqc.meta.asOf,
+                attribution: cqc.meta.attribution,
+                honesty_note: HONESTY_NOTE,
+            });
+        }
+        return asText({
+            query: { name, city: city ?? null, postcode: postcode ?? null },
+            found: true,
+            best_match: describeCqc(matches[0].record),
+            other_matches: matches.slice(1).map((m) => describeCqc(m.record)),
+            source: cqc.meta.source,
+            sourceUrl: cqc.meta.sourceUrl,
+            asOf: cqc.meta.asOf,
+            attribution: cqc.meta.attribution,
+            honesty_note: HONESTY_NOTE,
+        });
+    });
+    // ── Tool 3: verify_provider ───────────────────────────────────────────────
+    server.registerTool('verify_provider', {
+        title: "Check Gera's verified-provider set",
+        description: "Check whether a provider is in Gera's own verified-provider / Passport set — the crawled, source-attributed provider records Gera maintains (currently healthcare providers). Returns the provider type, specialty, location, website, crawl source, and crawl date. If not in the set, says so plainly. This is Gera's first-party verification signal (distinct from third-party FSA/CQC data).",
+        inputSchema: {
+            name: z.string().describe('Provider name, e.g. "Nairi Medical Centre".'),
+            city: z.string().optional().describe('City to narrow the match, e.g. "Yerevan".'),
+        },
+    }, async ({ name, city }) => {
+        const matches = providerMatch(name, city);
+        if (matches.length === 0) {
+            return asText({
+                query: { name, city: city ?? null },
+                in_gera_verified_set: false,
+                message: `"${name}" is not in Gera's verified-provider set${city ? ` for ${city}` : ''}. The set currently covers ${providers.records.length} crawled providers; absence is not a negative signal.`,
+                coverage: `${providers.records.length} verified providers (Gera crawler).`,
+                source: providers.meta.source,
+                asOf: providers.meta.asOf,
+                honesty_note: HONESTY_NOTE,
+            });
+        }
+        return asText({
+            query: { name, city: city ?? null },
+            in_gera_verified_set: true,
+            best_match: describeProvider(matches[0].record),
+            other_matches: matches.slice(1).map((m) => describeProvider(m.record)),
+            source: providers.meta.source,
+            asOf: providers.meta.asOf,
+            honesty_note: HONESTY_NOTE,
+        });
+    });
+    // ── Tool 4: check_business_trust ──────────────────────────────────────────
+    // The flagship "is this real / how trustworthy?" entry point. Aggregates
+    // every signal we hold for a subject across all datasets.
+    server.registerTool('check_business_trust', {
+        title: 'Proof-of-Real: all verified signals for a business',
+        description: 'The flagship "is this real / how trustworthy is this?" check. Given a UK business name (+ optional city/postcode and a hint of its type — food, care, healthcare), returns EVERY real verified signal Gera holds: FSA food-hygiene rating (if it is a food business in our FHRS data), CQC registration (if it is a care provider), and presence in Gera\'s verified-provider set — each source-attributed with an as-of date. Produces an overall_verification of "verified" (>=1 real signal found), "not_in_our_records" (no signal), so an agent can cite a grounded answer. Never fabricates: missing signals are reported as unknown.',
+        inputSchema: {
+            name: z.string().describe('Business name to verify.'),
+            city: z.string().optional().describe('City / town.'),
+            postcode: z.string().optional().describe('Full or partial UK postcode.'),
+            type: z
+                .enum(['food', 'care', 'healthcare', 'unknown'])
+                .optional()
+                .describe('Optional hint of business type to focus the search; omit to check all.'),
+        },
+    }, async ({ name, city, postcode, type }) => {
+        const checkFood = !type || type === 'food' || type === 'unknown';
+        const checkCare = !type || type === 'care' || type === 'unknown';
+        const checkProv = !type || type === 'care' || type === 'healthcare' || type === 'unknown';
+        const signals = {};
+        let signalCount = 0;
+        if (checkFood) {
+            const m = fhrsMatch(name, city, postcode);
+            if (m.length) {
+                signals.food_hygiene = describeFhrs(m[0].record);
+                signalCount++;
+            }
+            else {
+                signals.food_hygiene = { status: 'not_in_our_records', dataset: 'FSA FHRS' };
+            }
+        }
+        if (checkCare) {
+            const m = cqcMatch(name, city, postcode);
+            if (m.length) {
+                signals.care_quality = describeCqc(m[0].record);
+                signalCount++;
+            }
+            else {
+                signals.care_quality = { status: 'not_in_our_records', dataset: 'CQC registry' };
+            }
+        }
+        if (checkProv) {
+            const m = providerMatch(name, city);
+            if (m.length) {
+                signals.gera_verified_provider = describeProvider(m[0].record);
+                signalCount++;
+            }
+            else {
+                signals.gera_verified_provider = {
+                    status: 'not_in_our_records',
+                    dataset: 'Gera verified-provider set',
+                };
+            }
+        }
+        const verified = signalCount > 0;
+        return asText({
+            query: { name, city: city ?? null, postcode: postcode ?? null, type: type ?? 'all' },
+            overall_verification: verified ? 'verified' : 'not_in_our_records',
+            verified_signal_count: signalCount,
+            summary: verified
+                ? `Found ${signalCount} real verified signal(s) for "${name}". See per-source detail below.`
+                : `No verified record found for "${name}"${city ? ` in ${city}` : ''} across our FSA / CQC / Gera-provider datasets. This is a real, useful answer — we simply hold no verification record for it. It does not mean the business is fake.`,
+            signals,
+            datasets_checked: [
+                checkFood ? 'FSA Food Hygiene (FHRS/FHIS)' : null,
+                checkCare ? 'CQC care registry' : null,
+                checkProv ? 'Gera verified-provider set' : null,
+            ].filter(Boolean),
+            honesty_note: HONESTY_NOTE,
+        });
+    });
+    // ── Tool 5: get_trust_summary ─────────────────────────────────────────────
+    // A short, citation-ready natural-language sentence aggregating the signals,
+    // for an agent to drop straight into a reply.
+    server.registerTool('get_trust_summary', {
+        title: 'One-line citable trust summary',
+        description: 'Aggregate everything Gera can verify about a business into a short, citation-ready sentence (plus the structured signals behind it), so an AI agent can quote a grounded "what we can verify about X" answer. Same real data as check_business_trust, condensed. Never fabricates.',
+        inputSchema: {
+            name: z.string().describe('Business name.'),
+            city: z.string().optional().describe('City / town.'),
+            postcode: z.string().optional().describe('Full or partial UK postcode.'),
+        },
+    }, async ({ name, city, postcode }) => {
+        const parts = [];
+        const structured = {};
+        const food = fhrsMatch(name, city, postcode);
+        if (food.length) {
+            const r = food[0].record;
+            structured.food_hygiene = describeFhrs(r);
+            if (r.scheme === 'FHRS' && r.rating != null) {
+                parts.push(`holds an FSA food-hygiene rating of ${r.rating}/5 (rated ${r.ratingDate}, ${r.authority})`);
+            }
+            else if (r.scheme === 'FHIS') {
+                parts.push(`has an FSA (Scotland) food-hygiene status of "${r.ratingLabel ?? 'recorded'}"`);
+            }
+        }
+        const care = cqcMatch(name, city, postcode);
+        if (care.length) {
+            const r = care[0].record;
+            structured.care_quality = describeCqc(r);
+            parts.push(`is a CQC-registered care provider (${r.serviceTypes.join(', ') || 'registered'}; last inspected ${r.lastInspected ?? 'date unknown'}; overall rating: check live profile)`);
+        }
+        const prov = providerMatch(name, city);
+        if (prov.length) {
+            structured.gera_verified_provider = describeProvider(prov[0].record);
+            parts.push(`is in Gera's verified-provider set (crawled ${prov[0].record.crawledAt})`);
+        }
+        const display = [name, city].filter(Boolean).join(', ');
+        const summary = parts.length > 0
+            ? `Based on Gera's verified data, ${display} ${parts.join('; ')}. (Sources attributed per signal; verified as of the dates shown.)`
+            : `Gera holds no verified record for ${display} in its FSA food-hygiene, CQC care-registry, or verified-provider datasets. We cannot confirm or deny its trustworthiness from our data.`;
+        return asText({
+            query: { name, city: city ?? null, postcode: postcode ?? null },
+            verified: parts.length > 0,
+            summary,
+            signals: structured,
+            honesty_note: HONESTY_NOTE,
+        });
+    });
+    // ── Tool 6: issue_attestation (Gera Vouch) ────────────────────────────────
+    // The keystone of the agent trust layer: runs the same real verification and
+    // returns a CRYPTOGRAPHICALLY SIGNED attestation receipt an agent can present
+    // to a counterparty (or store), who verifies the signature with Gera's public
+    // key. Proves "Gera checked the named sources and recorded this verdict as of
+    // issued_at" — a proof-of-diligence receipt, NOT an insurance policy.
+    server.registerTool('issue_attestation', {
+        title: 'Gera Vouch: issue a signed attestation for an agent action',
+        description: 'Before an AI agent acts on a subject (book it, pay it, recommend it), call this to get a cryptographically signed attestation receipt grounded in real Gera data. Returns verdict ("pass" = a verifying signal exists in our sources; "unverified" = not in our records — never a guess), the source-attributed signals, and an Ed25519 signature any party can verify with get_vouch_public_key. This is a signed proof-of-diligence receipt; indemnity/underwriting is roadmap and is never implied.',
+        inputSchema: {
+            subject: z.string().describe('Business / provider name the agent is about to act on.'),
+            city: z.string().optional().describe('City / town.'),
+            postcode: z.string().optional().describe('Full or partial UK postcode.'),
+            claim: z
+                .string()
+                .optional()
+                .describe('The specific claim to attest, e.g. "is a CQC-registered care provider". Optional.'),
+            intended_action: z
+                .string()
+                .optional()
+                .describe('What the agent intends to do, recorded in the receipt, e.g. "book an appointment". Optional.'),
+        },
+    }, async ({ subject, city, postcode, claim, intended_action }) => {
+        const signals = {};
+        const sources = [];
+        // Vouch SIGNS this verdict, so it must only "pass" on a STRONG name match:
+        // the record name must contain (or equal) the full query. This rejects the
+        // looser matches the read-only tools allow — e.g. a long garbage query that
+        // merely *contains* a short record name as a substring ("...cafe..."), which
+        // must NOT be attestable. Deliberately stricter than the lookup tools.
+        const q = norm(subject);
+        const strong = (recordName) => q.length >= 3 && norm(recordName).includes(q);
+        const food = fhrsMatch(subject, city, postcode).filter((m) => strong(m.record.name));
+        if (food.length) {
+            signals.food_hygiene = describeFhrs(food[0].record);
+            sources.push(`FSA Food Hygiene Rating Scheme (as of ${fhrs.meta.asOf})`);
+        }
+        const care = cqcMatch(subject, city, postcode).filter((m) => strong(m.record.name));
+        if (care.length) {
+            signals.care_quality = describeCqc(care[0].record);
+            sources.push(`CQC care-provider registry (as of ${cqc.meta.asOf})`);
+        }
+        const prov = providerMatch(subject, city).filter((m) => strong(m.record.name));
+        if (prov.length) {
+            signals.gera_verified_provider = describeProvider(prov[0].record);
+            sources.push(`Gera verified-provider crawl (as of ${prov[0].record.crawledAt})`);
+        }
+        const verdict = sources.length > 0 ? 'pass' : 'unverified';
+        // The signed payload. Sorted-key canonical JSON of THIS object is what the
+        // signature covers — a verifier re-canonicalises and checks it.
+        const attestation = {
+            issuer: 'Gera Vouch — a Gera Systems product (gera.services)',
+            attestation_version: '0.1',
+            issued_at: new Date().toISOString(),
+            subject: { name: subject, city: city ?? null, postcode: postcode ?? null },
+            claim: claim ?? 'subject is a real, verifiable entity in Gera’s sources',
+            intended_action: intended_action ?? null,
+            verdict,
+            verdict_meaning: verdict === 'pass'
+                ? 'Gera holds at least one source-attributed verifying signal for this subject (see signals).'
+                : 'Gera holds no verifying record for this subject in its FSA / CQC / verified-provider datasets. This is "not in our records", NOT a finding that the subject is untrustworthy.',
+            signals,
+            sources,
+        };
+        const signature = signAttestation(attestation);
+        return asText({
+            attestation,
+            signature,
+            verify: {
+                how: 'Re-canonicalise `attestation` as sorted-key UTF-8 JSON and verify the Ed25519 `signature.signature_b64url` against the public key from the get_vouch_public_key tool.',
+                key_id: signature.key_id,
+            },
+            disclaimer: 'This is a cryptographically signed proof-of-diligence receipt: it proves Gera checked the named sources and recorded this verdict as of issued_at. It is NOT an insurance policy, indemnity, or guarantee — underwriting is on the Gera Vouch roadmap and is not active. ' +
+                HONESTY_NOTE,
+        });
+    });
+    // ── Tool 7: get_vouch_public_key ──────────────────────────────────────────
+    server.registerTool('get_vouch_public_key', {
+        title: 'Gera Vouch: get the public key to verify attestations',
+        description: 'Returns the Ed25519 public key (and key_id + verification recipe) used to sign Gera Vouch attestations, so any party can independently verify an issue_attestation receipt without trusting the transport.',
+        inputSchema: {},
+    }, async () => asText(publicKeyInfo()));
+}
+/**
+ * Construct a fully-configured Gera Verify McpServer (all tools registered).
+ * Each call returns a fresh instance — used by the hosted HTTP transport in
+ * stateless mode (one server per request) and by the stdio server below.
+ */
+export function createServer() {
+    const server = new McpServer({
+        name: 'gera-verify',
+        version: '1.0.0',
+    });
+    registerTools(server);
+    return server;
+}
+// Shared singleton for the stdio path.
+export const server = createServer();
+export async function main() {
+    const transport = new StdioServerTransport();
+    await server.connect(transport);
+    const counts = `FHRS:${fhrs.records.length} CQC:${cqc.records.length} doctors:${doctors.records.length} providers:${providers.records.length}`;
+    // stderr only — stdout is the MCP transport.
+    console.error(`Gera Verify MCP server running on stdio (gera-verify v1.0.0) — real data loaded [${counts}]`);
+}
+// Run when invoked directly as the built server (node dist/server.js).
+const isMain = typeof process !== 'undefined' && process.argv[1] && /server\.js$/.test(process.argv[1]);
+if (isMain) {
+    main().catch((err) => {
+        console.error('Fatal:', err);
+        process.exit(1);
+    });
+}

package/dist/sign.d.ts

@@ -0,0 +1,15 @@
+export declare function keyId(): string;
+export declare function publicKeyInfo(): {
+    alg: string;
+    key_id: string;
+    public_key_b64url: string;
+    is_production_key: boolean;
+    verify: string;
+};
+export declare function signAttestation(attestation: Record<string, unknown>): {
+    alg: string;
+    key_id: string;
+    canonicalization: string;
+    signature_b64url: string;
+};
+export declare function verifyAttestation(attestation: Record<string, unknown>, signature_b64url: string): boolean;

package/dist/sign.js

@@ -0,0 +1,91 @@
+/**
+ * Gera Vouch — signed attestation layer for Gera Verify.
+ *
+ * Turns a verification result into a cryptographically signed, verifiable
+ * attestation receipt: an agent (or the counterparty it is acting against) can
+ * verify the signature with Gera's public key and trust that Gera actually
+ * checked the named sources and recorded this verdict as-of the issue time.
+ *
+ * Ed25519 via Node's built-in `crypto` — no dependencies. The signing key is
+ * derived from a 32-byte seed: production sets GERA_VOUCH_SEED (base64); without
+ * it the server uses a deterministic, stable DEV key so signatures still work
+ * and verify out-of-the-box (consistent with this package running anywhere with
+ * no backend). The DEV key is NOT a secret — `is_production_key` flags which is
+ * in use, and the public key is always exposed for verification.
+ *
+ * Honesty contract: a signature proves *Gera attested this*, not that the
+ * subject is insured. Indemnity/underwriting is roadmap, never implied here.
+ */
+import { createPrivateKey, createPublicKey, createHash, sign as edSign, verify as edVerify, } from 'node:crypto';
+// PKCS8 DER prefix for an Ed25519 private key built from a raw 32-byte seed.
+const PKCS8_ED25519_PREFIX = Buffer.from('302e020100300506032b657004220420', 'hex');
+function seed() {
+    const env = process.env.GERA_VOUCH_SEED;
+    if (env) {
+        const b = Buffer.from(env, 'base64');
+        if (b.length >= 32)
+            return b.subarray(0, 32);
+    }
+    // Deterministic DEV seed — stable public key, reproducible signatures, NOT a
+    // production secret. Override with GERA_VOUCH_SEED in production.
+    return createHash('sha256').update('gera-vouch-dev-key-v1').digest();
+}
+let _priv = null;
+function privateKey() {
+    if (!_priv) {
+        const der = Buffer.concat([PKCS8_ED25519_PREFIX, seed()]);
+        _priv = createPrivateKey({ key: der, format: 'der', type: 'pkcs8' });
+    }
+    return _priv;
+}
+function publicKeyRaw() {
+    const jwk = createPublicKey(privateKey()).export({ format: 'jwk' });
+    return Buffer.from(jwk.x, 'base64url');
+}
+export function keyId() {
+    return 'gera-vouch-ed25519-' + createHash('sha256').update(publicKeyRaw()).digest('hex').slice(0, 16);
+}
+export function publicKeyInfo() {
+    return {
+        alg: 'Ed25519',
+        key_id: keyId(),
+        public_key_b64url: publicKeyRaw().toString('base64url'),
+        is_production_key: !!process.env.GERA_VOUCH_SEED,
+        verify: 'Ed25519 over the canonical (sorted-key, UTF-8) JSON of the `attestation` object.',
+    };
+}
+// Canonical JSON: sorted keys so the signature is reproducible and any verifier
+// re-canonicalises the same bytes.
+function sortKeys(v) {
+    if (Array.isArray(v))
+        return v.map(sortKeys);
+    if (v && typeof v === 'object') {
+        return Object.keys(v)
+            .sort()
+            .reduce((acc, k) => {
+            acc[k] = sortKeys(v[k]);
+            return acc;
+        }, {});
+    }
+    return v;
+}
+function canonical(obj) {
+    return Buffer.from(JSON.stringify(sortKeys(obj)), 'utf8');
+}
+export function signAttestation(attestation) {
+    const signature = edSign(null, canonical(attestation), privateKey());
+    return {
+        alg: 'Ed25519',
+        key_id: keyId(),
+        canonicalization: 'json-sorted-keys-utf8',
+        signature_b64url: signature.toString('base64url'),
+    };
+}
+export function verifyAttestation(attestation, signature_b64url) {
+    try {
+        return edVerify(null, canonical(attestation), createPublicKey(privateKey()), Buffer.from(signature_b64url, 'base64url'));
+    }
+    catch {
+        return false;
+    }
+}

package/package.json

@@ -0,0 +1,60 @@
+{
+  "name": "@gera-services/mcp-gera-verify",
+  "version": "1.0.0",
+  "description": "Gera Verify MCP server — \"Proof-of-Real\": let AI agents check if a UK business / food establishment / care provider is real and how trustworthy it is, using real verified FSA food-hygiene, CQC care-registry and Gera verified-provider data. Offline, source-attributed, no auth. A Gera Systems product.",
+  "license": "MIT",
+  "type": "module",
+  "main": "dist/server.js",
+  "types": "dist/server.d.ts",
+  "mcpName": "io.github.geraservicesuk/mcp-gera-verify",
+  "bin": {
+    "mcp-gera-verify": "bin/cli.js",
+    "mcp-gera-verify-http": "bin/http.js"
+  },
+  "files": [
+    "dist",
+    "bin",
+    "src/data",
+    "server.json",
+    "README.md"
+  ],
+  "scripts": {
+    "build:data": "node scripts/build-data.mjs",
+    "build": "tsc --noCheck && node scripts/copy-data.mjs",
+    "type-check": "tsc --noEmit",
+    "start": "node bin/cli.js",
+    "start:http": "node bin/http.js",
+    "smoke": "node scripts/smoke.mjs"
+  },
+  "keywords": [
+    "mcp",
+    "model-context-protocol",
+    "trust",
+    "verification",
+    "proof-of-real",
+    "food-hygiene",
+    "fhrs",
+    "cqc",
+    "fact-check",
+    "gera",
+    "gera-verify"
+  ],
+  "author": "Gera Systems Ltd",
+  "homepage": "https://gera.services",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/geraservicesuk/globetura.git",
+    "directory": "packages/mcp-gera-verify"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.12.0",
+    "zod": "^3.23.0"
+  },
+  "devDependencies": {
+    "@types/node": "^20.12.0",
+    "typescript": "^5.4.0"
+  },
+  "engines": {
+    "node": ">=20"
+  }
+}

package/server.json

@@ -0,0 +1,22 @@
+{
+  "$schema": "https://static.modelcontextprotocol.io/schemas/2025-12-11/server.schema.json",
+  "name": "io.github.geraservicesuk/mcp-gera-verify",
+  "description": "Verify if a UK business, food establishment or care provider is real (FSA, CQC and Gera data), and issue a cryptographically signed attestation an AI agent can present before it acts (Gera Vouch).",
+  "version": "1.0.0",
+  "repository": {
+    "url": "https://github.com/geraservicesuk/globetura",
+    "source": "github",
+    "subfolder": "packages/mcp-gera-verify"
+  },
+  "websiteUrl": "https://gera.services",
+  "packages": [
+    {
+      "registryType": "npm",
+      "identifier": "@gera-services/mcp-gera-verify",
+      "version": "1.0.0",
+      "transport": {
+        "type": "stdio"
+      }
+    }
+  ]
+}