OpenChainGraph Suite · wave 27 · compliance_mandate

MCP Server Governance Conformance

Validate a new-spec MCP server identity document — subject, issuer, serverInfo, and attestation reference at the well-known path (art-147) → validate OAuth 2.0 Protected Resource Metadata per RFC 9728: resource URI, authorization servers, scopes, and bearer methods (art-148) → validate the MCP Registry server.json entry: schema, reverse-DNS name, semver version, and endpoint (art-149). Full governance attestation with execution_hash. Zero network, zero PII.

OpenChainGraph · 3 Steps compliance mandate New MCP Spec 2026 RFC 9728 · MCP Registry W3C VC §13.11 Hash-Anchored §4 chain_depth:3 · Zero PII
Chain Topology — MCP Server Governance Conformance (art-147→148→149)
art-147 MCP Server Identity Validator art-148 Auth Metadata Validator (RFC 9728) art-149 MCP Registry Entry Conformance ⊣
§4 Execution Hash · Chain Definition Anchor
execution_hash:computing…
Chain Stages · 3 Steps
1ROOT · D0node
MCP Server Identity Attestation Validator art-147
Server identity validity feeds RFC 9728 authorization metadata validator
MCP Call · validate_mcp_server_identity
{
  "jsonrpc": "2.0",
  "method": "tools/call",
  "params": {
    "name": "validate_mcp_server_identity",
    "arguments": {
      "identity": {
        "subject": "did:web:example.com",
        "issuer": "did:web:registry.mcp.io",
        "serverInfo": { "name": "ExampleMCPServer", "version": "1.2.0" },
        "attestation": { "ref": "https://registry.mcp.io/attestations/abc123" }
      },
      "well_known_path": "/.well-known/mcp-server-identity",
      "signature_valid": true
    }
  },
  "id": 1
}
https://mcp.ainumbers.co/mcp
2MIDDLE · D1node
MCP Authorization Metadata Validator (RFC 9728) art-148
Authorization metadata validity feeds MCP Registry entry conformance checker
MCP Call · validate_mcp_authorization_metadata
{
  "jsonrpc": "2.0",
  "method": "tools/call",
  "params": {
    "name": "validate_mcp_authorization_metadata",
    "arguments": {
      "metadata": {
        "resource": "https://api.example.com/mcp",
        "authorization_servers": ["https://auth.example.com"],
        "scopes_supported": ["tools:read", "tools:call"],
        "bearer_methods_supported": ["header"]
      }
    }
  },
  "id": 2
}
https://mcp.ainumbers.co/mcp
3TERMINAL · D2node
MCP Registry Entry Conformance Checker art-149
Exports registry conformance verdict with execution_hash — final stage
MCP Call · check_mcp_registry_entry
{
  "jsonrpc": "2.0",
  "method": "tools/call",
  "params": {
    "name": "check_mcp_registry_entry",
    "arguments": {
      "entry": {
        "$schema": "https://registry.mcp.io/schema/server.json",
        "name": "com.example/my-mcp-server",
        "version": "1.0.0",
        "packages": [{ "registry": "npm", "name": "@example/mcp-server", "version": "1.0.0" }]
      }
    }
  },
  "id": 3
}
https://mcp.ainumbers.co/mcp
Export Artifacts
Download the §4 chain definition artifact or the §13.11 W3C VC view. Each of art-147, art-148, and art-149 individually support Policy Mandate JSON and W3C VC export. art-149 additionally exports a PDF governance attestation.