[Feature] Built-in Agent Identity Verification (SATP Integration)

[0xbrainkid]

Problem

mcp-framework makes it easy to build MCP servers in TypeScript, but there's no built-in way to verify which agent is calling your tools. As MCP servers handle increasingly sensitive operations, agent identity becomes essential.

Proposal

Add a built-in middleware/decorator for agent identity verification via SATP:

import { MCPServer, withAgentIdentity } from "mcp-framework";

const server = new MCPServer({
  agentIdentity: {
    enabled: true,
    minTrustScore: 40,
    provider: "agentfolio" // SATP-based verification
  }
});

// Tool automatically requires verified agent
server.tool("sensitive_operation", withAgentIdentity(async (ctx) => {
  console.log(ctx.agent.trustScore); // 85
  console.log(ctx.agent.verifications); // ["github", "x", "solana"]
  // ...
}));

What This Adds

• withAgentIdentity middleware — verify calling agent before tool execution
• Trust score access in tool context
• Configurable thresholds per tool or server-wide
• Agent audit logging built into the framework

Technical Details

• SATP verifies agent identity via Solana Ed25519 signatures
• AgentFolio API provides trust scores and verification status
• Lightweight: single API call per agent session (cache results)

This would make mcp-framework the first MCP framework with native agent identity support.

Links: AgentFolio | SATP