verify
Verify lockfile integrity and authenticity
Synopsis
mcptrust verify [flags]Verifies that mcp-lock.json matches the signature in mcp-lock.json.sig.
- Ed25519: Works completely offline.
- Sigstore: Requires internet access to verify the transparency log entry (Rekor), unless offline verification is explicitly configured.
Flags
| Flag | Default | Description |
|---|---|---|
-h, --help | help for verify | |
-k, --key | "public.key" | Path to the public key |
-l, --lockfile | "mcp-lock.json" | Path to the lockfile |
-s, --signature | "mcp-lock.json.sig" | Path to the signature file |
Exit Codes
0: Signature is valid.1: Signature is invalid or files are missing.
Examples
mcptrust verify
# Output: OK (Signature valid)Output: Error: signature check failed (exit 1)
### GitHub Actions (OIDC)
When verifying a Sigstore keyless signature, you must specify the expected **issuer** and **identity**.
```bash
mcptrust verify mcp-lock.json \
--issuer "https://token.actions.githubusercontent.com" \
--identity "https://github.com/${{ github.repository }}/.github/workflows/sign.yml@refs/heads/main"
[!IMPORTANT] The identity must match the workflow filename and git reference exactly (e.g.
sign.yml,refs/heads/main). This strict matching prevents signatures from "any workflow" or "any repo" from being accepted.