MCP Admission Control Checklist

9-point checklist for new MCP servers joining the DEFONEOS federation. Every check must pass. BFT 23/33 quorum required for admission.

9
Checks
23/33
BFT Quorum
12
Red-Team Vectors
100%
Pass Required

1. Purpose

Before any new MCP server can join the DEFONEOS MCP Federation, it must pass all 9 admission control checks. The 33-agent BFT governance council reviews and votes on admission (23/33 quorum required). This ensures that every MCP in the federation meets the same sovereignty, security, and integrity standards.

No exceptions: An MCP that fails even one check is denied admission. It can be resubmitted after remediation, but partial admission is never granted.

2. The 9-Point Checklist

1

Source Provenance

All code dependencies must be traced to their source and hash-verified. No unverified dependencies. PyPI packages must have SIGIL-anchored integrity proofs. Git commits must have valid GPG/Ed25519 signatures.

GATE: defoneos-admission --check provenance --mcp โ€” all dependencies verified โœ“
2

Red-Line Compliance

The MCP must contain NO kinetic-targeting patterns (strike package, find-fix-finish, kill order). NO personal-surveillance patterns (track individual, face-rec, locate phone). Automated scan confirms zero red-line proximity.

GATE: defoneos-admission --check redline --mcp โ€” 0 red-line violations โœ“
3

Data Flow Classification

The MCP must enforce inward-only data flow. Data enters from external sources and flows inward toward the core. No outbound data exfiltration paths. Network analysis confirms no unexpected outbound connections.

GATE: defoneos-admission --check dataflow --mcp โ€” inward-only confirmed โœ“
4

Ring Assignment

The MCP must be assigned to the correct trust ring based on data sensitivity. Ring 0 = governance/escrow. Ring 1 = defence sensors. Ring 2 = civil open-data. BFT council reviews and confirms the assignment.

GATE: BFT vote on ring assignment โ€” 23/33 approval โœ“
5

SIGIL Integration

Every tool invocation in the MCP must generate a valid SIGIL receipt. Receipts must include: Ed25519 signature, RFC3161 timestamp, SHA-256 data hash, Bitcoin OTS anchor. No SIGIL = no admission.

GATE: defoneos-admission --check sigil --mcp โ€” all tools SIGIL-enabled โœ“
6

UK Sovereignty Verification

Ring 0 MCPs: zero external API calls confirmed by code analysis and runtime monitoring. Ring 1 MCPs: external API calls limited to AUKUS-compatible providers on BFT-approved allowlist. Ring 2 MCPs: no restrictions (public data).

GATE: Ring 0: grep -r "http.*external" --include="*.py" | wc -l == 0 โœ“
7

Supply Chain Integrity

All PyPI dependencies must be SIGIL-anchored and hash-verified. No dependencies from unverified publishers. Known vulnerabilities (CVE database) must be patched or mitigated. Docker images must be built from trusted base images.

GATE: defoneos-admission --check supply-chain --mcp โ€” 0 vulnerabilities, all deps verified โœ“
8

Adversarial Red-Team Pass

The MCP must pass all 12 adversarial red-team vectors (see Adversarial Red-Team Framework). No T1 (critical) or T2 (high) findings. T3 (moderate) findings must be documented with mitigations.

GATE: defoneos-admission --check redteam --mcp โ€” 0 T1/T2 findings โœ“
9

Escrow Compatibility

Any data stored by the MCP must be escrow-compatible: AES-256-GCM encryption at rest, per-record DEK, Shamir KEK wrapping, RFC3161 timestamps, 4-eyes release gate, BFT veto. See Sovereign Data Escrow Protocol.

GATE: defoneos-admission --check escrow --mcp โ€” all stored data escrow-compatible โœ“

3. Admission Workflow

StepActionResponsible
1MCP developer runs all 9 checks locallyMCP developer
2Admission pack generated: check results, SIGIL proofs, red-team reportAutomated (defoneos-admission CLI)
3Admission pack submitted to BFT councilMCP developer
4BFT council reviews (target: 5 minutes)33-agent BFT council
5BFT vote: APPROVE / AMEND / REJECT33 agents (Ed25519-signed votes)
6If APPROVE โ‰ฅ 23/33: MCP admitted to federationBFT tally
7SIGIL receipt generated for admission recordSIGIL ledger
8MCP registered in /.well-known/defoneos-manifest.jsonFederation discovery

4. Current Fleet Status

RingMCPs AdmittedChecks PassingBFT Vote
Ring 0 (Core Sovereign)79/9 eachUnanimous (33/33)
Ring 1 (Defence Sensors)119/9 eachโ‰ฅ28/33 each
Ring 2 (Civil Open-Data)129/9 eachโ‰ฅ25/33 each
Total30270/270 checksAll admitted

5. Post-Admission Monitoring

Once admitted, every MCP is continuously monitored: