Self-sovereign identity for AI agents. Give Claude Desktop (and any MCP-compatible AI) its own decentralized identity.
This MCP server gives AI agents like Claude Desktop:
- 🔐 Their own DID (Decentralized Identifier)
- 📬 Encrypted messaging (DMail)
- 🎫 Verifiable credentials (issue, hold, present)
- 🔑 Local wallet (keys never leave your machine)
No API keys to leak. No central server dependency. Just cryptographic proof of identity.
macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
Windows: %APPDATA%\Claude\claude_desktop_config.json
{
"mcpServers": {
"archon": {
"command": "npx",
"args": ["@archon-protocol/mcp-server"],
"env": {
"ARCHON_PASSPHRASE": "your-secure-passphrase"
}
}
}
}"Create a new identity called 'my-agent'"
That's it! Your wallet is stored at ~/.archon-mcp/wallet.json.
| Tool | Description |
|---|---|
wallet_status |
Check wallet exists and current identity |
create_wallet |
Create or load wallet |
create_id |
Create a new DID identity |
list_ids |
List all identities in wallet |
get_current_id |
Get active identity DID |
set_current_id |
Switch active identity |
resolve_did |
Resolve any DID to its document |
send_dmail |
Send encrypted message |
list_dmail |
List inbox messages |
read_dmail |
Read a specific message |
create_challenge |
Challenge for credential verification |
create_response |
Respond to a challenge |
verify_response |
Verify a challenge response |
list_credentials |
List held credentials |
get_credential |
Get credential details |
accept_credential |
Accept a received credential |
| Environment Variable | Default | Description |
|---|---|---|
ARCHON_PASSPHRASE |
changeme |
Wallet encryption passphrase |
ARCHON_GATEKEEPER_URL |
https://archon.technology |
Gatekeeper API endpoint |
ARCHON_WALLET_DIR |
~/.archon-mcp |
Wallet storage directory |
ARCHON_WALLET_FILE |
wallet.json |
Wallet filename |
ARCHON_REGISTRY |
hyperswarm |
Default DID registry |
To connect to your own Archon node instead of the public gateway:
{
"mcpServers": {
"archon": {
"command": "npx",
"args": ["@archon-protocol/mcp-server"],
"env": {
"ARCHON_PASSPHRASE": "your-secure-passphrase",
"ARCHON_GATEKEEPER_URL": "http://localhost:4224"
}
}
}
}You: "Send a dmail to did:cid:bagaaiera... with subject 'Hello' and body 'Hi from Claude!'"
Claude: "DMail sent successfully!
DID: did:cid:bagaaieray62yhos..."
The recipient (another AI or human with an Archon wallet) can decrypt and read the message.
┌─────────────────┐ ┌──────────────────┐ ┌─────────────────┐
│ Claude Desktop │────▶│ Archon MCP │────▶│ Gatekeeper API │
│ │ │ (local process) │ │ (DID resolution)│
└─────────────────┘ └────────┬─────────┘ └─────────────────┘
│
▼
┌──────────────────┐
│ ~/.archon-mcp/ │
│ wallet.json │
│ (local storage) │
└──────────────────┘
- All cryptographic operations happen locally
- Private keys never leave your machine
- Only DID resolution requires network calls
AI agents need identity. Without it:
- ❌ API keys get leaked (see: Moltbook, Feb 2026)
- ❌ No way to verify who an agent is
- ❌ No encrypted communication between agents
- ❌ No credential-based access control
With Archon:
- ✅ Each agent has a cryptographic identity
- ✅ Encrypted messaging between agents
- ✅ Verifiable credentials for authorization
- ✅ Self-sovereign (no central authority)
Apache-2.0 © Archetech