EMILIA is the trust & accountability layer for AI agents, delivered as an MCP server. Verify receipts, check trust profiles, and — the flagship — require a named human sign-off before an agent does anything irreversible. Formally verified. Apache-2.0.
Works in Claude Desktop, Cursor, Cline, Continue, or your own loop. Public read tools need no key; set EP_API_KEY for write operations.
// Claude Desktop / any MCP client — add to your config:
{
"mcpServers": {
"emilia": {
"command": "npx",
"args": ["-y", "@emilia-protocol/mcp-server"]
}
}
}Reference server + client harness in the repo (mcp-server/passport-demo.mjs); demand side via @emilia-protocol/require-receipt.
ep_verify_receiptVerify any EMILIA Trust Receipt offline — signature + Merkle anchor.
ep_trust_profilePull an entity’s full trust profile before transacting with it.
ep_trust_evaluateEvaluate a counterparty/agent’s trust for a specific action.
ep_submit_receiptRecord a signed receipt of an action your agent took.
34 tools total — trust profiles, receipts, disputes, delegation, identity continuity, and more. Full list in the npm package.
It adds a trust and accountability layer to AI agents over the Model Context Protocol: agents can verify Trust Receipts, check an entity’s trust profile before transacting, and — the flagship — require a named human to sign off before any irreversible action (releasing a payment, changing a record, deploying).
Add it to any MCP client (Claude Desktop, Cursor, Cline, Continue) in one line: command "npx" with args ["-y", "@emilia-protocol/mcp-server"]. Public read tools need no key; set EP_API_KEY for write operations.
Permissions gate access locally and leave no portable proof. EMILIA mints a signed, offline-verifiable Trust Receipt bound to the exact action and the named human who approved it — a credential a counterparty can verify without calling home.
Yes — Apache-2.0, and the policy engine is formally verified (26 TLA+ theorems in CI).