I built a proxy that sits between the agent and any MCP server. Every tool call gets a hash-chained receipt. If anyone modifies the record, the chain breaks.
What it actually does:
Hash-chained receipt for every tool call (SHA-256, append-only)
Blocks identical retries when a call already failed (saves tokens)
Tags each call as mutating or readonly
Tracks who's controlling the session
One command to wrap any server: npx @sovereign-labs/mcp-proxy --upstream "your-server-command"
After a session you can look at what happened:
npx @sovereign-labs/mcp-proxy --view # per-receipt timeline
npx @sovereign-labs/mcp-proxy --explain # plain-language summary
npx @sovereign-labs/mcp-proxy --verify # chain integrity check
No code changes to the agent or server. It just sits in the middle.
250+ tests, tested against 9 different MCP servers. MIT licensed, built solo.
sovereign-labs•1h ago
What it actually does:
Hash-chained receipt for every tool call (SHA-256, append-only) Blocks identical retries when a call already failed (saves tokens) Tags each call as mutating or readonly Tracks who's controlling the session One command to wrap any server: npx @sovereign-labs/mcp-proxy --upstream "your-server-command" After a session you can look at what happened:
npx @sovereign-labs/mcp-proxy --view # per-receipt timeline npx @sovereign-labs/mcp-proxy --explain # plain-language summary npx @sovereign-labs/mcp-proxy --verify # chain integrity check No code changes to the agent or server. It just sits in the middle.
250+ tests, tested against 9 different MCP servers. MIT licensed, built solo.
npm: https://www.npmjs.com/package/@sovereign-labs/mcp-proxy