9-point checklist for new MCP servers joining the DEFONEOS federation. Every check must pass. BFT 23/33 quorum required for admission.
Before any new MCP server can join the DEFONEOS MCP Federation, it must pass all 9 admission control checks. The 33-agent BFT governance council reviews and votes on admission (23/33 quorum required). This ensures that every MCP in the federation meets the same sovereignty, security, and integrity standards.
All code dependencies must be traced to their source and hash-verified. No unverified dependencies. PyPI packages must have SIGIL-anchored integrity proofs. Git commits must have valid GPG/Ed25519 signatures.
defoneos-admission --check provenance --mcp โ all dependencies verified โThe MCP must contain NO kinetic-targeting patterns (strike package, find-fix-finish, kill order). NO personal-surveillance patterns (track individual, face-rec, locate phone). Automated scan confirms zero red-line proximity.
defoneos-admission --check redline --mcp โ 0 red-line violations โThe MCP must enforce inward-only data flow. Data enters from external sources and flows inward toward the core. No outbound data exfiltration paths. Network analysis confirms no unexpected outbound connections.
defoneos-admission --check dataflow --mcp โ inward-only confirmed โThe MCP must be assigned to the correct trust ring based on data sensitivity. Ring 0 = governance/escrow. Ring 1 = defence sensors. Ring 2 = civil open-data. BFT council reviews and confirms the assignment.
Every tool invocation in the MCP must generate a valid SIGIL receipt. Receipts must include: Ed25519 signature, RFC3161 timestamp, SHA-256 data hash, Bitcoin OTS anchor. No SIGIL = no admission.
defoneos-admission --check sigil --mcp โ all tools SIGIL-enabled โRing 0 MCPs: zero external API calls confirmed by code analysis and runtime monitoring. Ring 1 MCPs: external API calls limited to AUKUS-compatible providers on BFT-approved allowlist. Ring 2 MCPs: no restrictions (public data).
grep -r "http.*external" --include="*.py" | wc -l == 0 โAll PyPI dependencies must be SIGIL-anchored and hash-verified. No dependencies from unverified publishers. Known vulnerabilities (CVE database) must be patched or mitigated. Docker images must be built from trusted base images.
defoneos-admission --check supply-chain --mcp โ 0 vulnerabilities, all deps verified โThe MCP must pass all 12 adversarial red-team vectors (see Adversarial Red-Team Framework). No T1 (critical) or T2 (high) findings. T3 (moderate) findings must be documented with mitigations.
defoneos-admission --check redteam --mcp โ 0 T1/T2 findings โAny data stored by the MCP must be escrow-compatible: AES-256-GCM encryption at rest, per-record DEK, Shamir KEK wrapping, RFC3161 timestamps, 4-eyes release gate, BFT veto. See Sovereign Data Escrow Protocol.
defoneos-admission --check escrow --mcp โ all stored data escrow-compatible โ| Step | Action | Responsible |
|---|---|---|
| 1 | MCP developer runs all 9 checks locally | MCP developer |
| 2 | Admission pack generated: check results, SIGIL proofs, red-team report | Automated (defoneos-admission CLI) |
| 3 | Admission pack submitted to BFT council | MCP developer |
| 4 | BFT council reviews (target: 5 minutes) | 33-agent BFT council |
| 5 | BFT vote: APPROVE / AMEND / REJECT | 33 agents (Ed25519-signed votes) |
| 6 | If APPROVE โฅ 23/33: MCP admitted to federation | BFT tally |
| 7 | SIGIL receipt generated for admission record | SIGIL ledger |
| 8 | MCP registered in /.well-known/defoneos-manifest.json | Federation discovery |
| Ring | MCPs Admitted | Checks Passing | BFT Vote |
|---|---|---|---|
| Ring 0 (Core Sovereign) | 7 | 9/9 each | Unanimous (33/33) |
| Ring 1 (Defence Sensors) | 11 | 9/9 each | โฅ28/33 each |
| Ring 2 (Civil Open-Data) | 12 | 9/9 each | โฅ25/33 each |
| Total | 30 | 270/270 checks | All admitted |
Once admitted, every MCP is continuously monitored: