Model Context Protocol
An office at the coding assistant's elbow.
The Orphograph MCP server is a single-file Python program, MIT-licensed and approximately four hundred lines, with no third-party dependencies. It is hosted within the user's own Claude Desktop, Claude Code, or Cursor environment; it is never hosted on Orphograph's servers. The server exposes three tools to the assistant. When the assistant invokes anchor_file, the file is read locally, its SHA-256 and SHA-512 fingerprints are computed in the local process, and only those fingerprints are transmitted to the office. The file itself does not cross the wire.
Install
The server is registered with the host application via a configuration entry. The path to the script is supplied by the user; the same shape of entry applies to each host.
Claude Desktop
The configuration file on macOS is ~/Library/Application Support/Claude/claude_desktop_config.json. Add the mcpServers block below; restart Claude Desktop to register the server.
{
"mcpServers": {
"orphograph": {
"command": "python3",
"args": ["/absolute/path/to/orphograph_mcp.py"],
"env": {
"ORPHO_API_KEY": "(optional) issued from your /account.html page"
}
}
}
}Claude Code
The same configuration shape applies. The server may be added either by editing the mcpServers block in the configuration file, or by invoking claude mcp add at a terminal and supplying the script path when prompted.
Cursor
The configuration file is ~/.cursor/mcp.json. The block is identical in shape to the Claude Desktop entry; the same script path and the same optional environment variable apply.
{
"mcpServers": {
"orphograph": {
"command": "python3",
"args": ["/absolute/path/to/orphograph_mcp.py"],
"env": {
"ORPHO_API_KEY": "(optional) issued from your /account.html page"
}
}
}
}The three tools
Each tool is registered with the host on startup and made available to the assistant. The file is read locally for the anchor operation; the script never transmits the file body to any external endpoint.
| Tool | Behaviour |
|---|---|
| orphograph.anchor_file(path) | Reads the file at the given absolute path locally. Computes its SHA-256 and SHA-512 fingerprints in the local Python process. Submits only those fingerprints to https://orphograph.com/api/anchor. Returns the receipt identifier and the receipt URL. The file body is not transmitted. |
| orphograph.verify_receipt(receipt_id) | Retrieves the receipt by identifier and verifies it against the recorded Bitcoin commitment using the same procedure as the published MIT verifier. Returns the verification outcome and the block reference. |
| orphograph.list_vault() | Lists the signed-in subscriber's anchored receipts. Requires an Orphograph API key supplied via the ORPHO_API_KEY environment variable; without the key, this tool returns an authentication notice and no listing. |
Privacy contract
The file remains on the device. Only the SHA-256 and SHA-512 fingerprints are transmitted, and only those fingerprints are committed to Bitcoin via the OpenTimestamps calendars. This is the same structural privacy contract observed by the web interface: the office does not see the bytes, the network does not see the bytes, the chain does not see the bytes. The MIT verifier that checks a receipt produced from the website also checks a receipt produced through the MCP server; the receipt is the instrument, regardless of the path that produced it.
Nothing in the assistant's transcript causes the file to be exfiltrated by the office. The fingerprint is the only artefact that leaves the local process.
Tiers and limits
Without an API key the local install is rate-limited to the free tier: three anchors per twenty-four hours per network address, the same allowance available to a free-tier visitor on the website. With an API key issued from /account.html, the subscriber's subscription tier and any pack credits attached to the account apply, and the receipts produced through the MCP server are recorded in the subscriber's vault.
Source
The MCP server source is published in the Orphograph repository at github.com/Orphograph/Orphograph, under mcp/orphograph_mcp.py. A direct download is also published at orphograph.com/mcp/orphograph_mcp.py. The script is MIT-licensed and depends only on the Python standard library; the user is invited to read it before installation.
Verification of this page
This page is anchored at issuance. The receipt identifier for the current revision is listed in the page footer below; the receipt may be verified against Bitcoin using the published MIT verifier or any OpenTimestamps client. Updates to this page are themselves anchored, and the receipt is replaced accordingly.
Questions concerning the server may be put to the office at [email protected]. The Method page describes the underlying protocol in full.