AgentPass -- Secure MCP for Regulated Finance. MCPS + Agent Identity for the Agent Economy. IETF Draft
📄 NEW: Read the AgentPass Case Study — Securing the $5 Trillion Agentic Economy

MCPS -- Secure MCP for regulated finance.

A security layer that works with your existing MCP infrastructure. No changes to your MCP servers or clients required.

What MCPS does

MCPS adds a digital identity and trust layer on top of existing MCP. Every agent that calls your MCP server proves who it is. Every response your server returns is digitally signed.

No modifications to your MCP server code. No changes to your tool definitions. No new protocol to learn. MCPS sits in front of your existing infrastructure as a verification layer.

One HTTP header carries the agent's identity. One signature proves the response is genuine. That's it.

What you get

Agent identity on every request
Trust levels (L0-L4) with graduated access
Scope enforcement per agent
Digitally signed responses
Replay protection
Sanctions screening integration
Rogue agent rejection
SOC 2 control mapping (14 criteria)

How it works

1
Agent presents certificate
2
Identity verified
3
MCP operation runs
4
Response signed

Already in production

MCPS and AgentPass are integrated into moov-io/watchman -- the open source sanctions screening platform used across financial services. 18,758 real OFAC entities. Live agent verification. Signed responses.

Zero trust architecture. Self-hosted. Open source SDKs (Apache 2.0). No third-party dependency.

Standards backed

IETF Internet-Draft OWASP MCP Security SOC 2 Mapped Patent Pending Apache 2.0 Cited in Academic Research

Ready to secure your MCP infrastructure?

Talk to us about integrating MCPS into your platform.

Talk to us →

contact@agentsign.dev