🛡️ MCP Server Attestation
Prevent MCP server spoofing and man-in-the-middle attacks with Ed25519 cryptographic attestation.
MCP Attestations — Cryptographic verification of Model Context Protocol servers
What is MCP Attestation?
MCP Server Attestation is AIM's core security mechanism that ensures only verified, authentic MCP servers can connect to your AI agents. Without attestation, any malicious server can claim to be a legitimate MCP server and intercept or manipulate agent communications.
The Problem: Without Attestation
- ❌ Attacker creates fake "github-mcp" server
- ❌ Agent connects thinking it's legitimate
- ❌ Attacker steals GitHub credentials
- ❌ Attacker injects malicious responses
- ❌ No way to verify server authenticity
- ❌ Zero audit trail of what happened
The Solution: With AIM Attestation
- ✅ MCP server cryptographically verified with Ed25519
- ✅ Only authentic server has matching private key
- ✅ Signature proves server identity
- ✅ Tampering detected automatically
- ✅ Complete audit trail of all attestations
- ✅ Real-time monitoring of server behavior
Security Properties
Identity Proof
Only the entity with the private key can create valid signatures
Non-Repudiation
Signatures cannot be forged or denied
Integrity
Any tampering with signed data is detected
Authenticity
Signature proves the message came from the claimed sender
✅ Attestation Checklist
All MCP servers registered in AIM
Public keys retrieved from
.well-known/mcp/capabilitiesAttestation records created (automatic or manual)
Attestation status shows "verified" in dashboard
Expiration dates monitored (90-day renewal cycle)
Alerts configured for attestation failures
Audit trail reviewed monthly
Decommissioned servers' attestations revoked