Products / MCP server

The MCP server that leaves receipts.

Willow gives AI agents memory and data they can prove, and a tamper-evident receipt for everything they do. No trusting the agent — or the server behind it.

Agents you don't have to take at their word.

Agents act on what they retrieve — and today, retrieval runs on trust. A standard MCP server is an API gateway in a different shape: the audit trail is whatever the operator chose to log, altered data looks identical to honest data, and a hallucination is indistinguishable from an accurate lookup. Fine for cat facts; not for an agent moving money or summarizing regulated documents.

Willow's MCP server makes the whole exchange verifiable. Every query an agent makes — memory, indexed blockchain data, structured records — returns a proof the agent (or anyone downstream) can check. And every tool call produces a signed receipt, co-signed by the agent's host and the server, linked into a hash chain that can't be quietly rewritten.

Receipt batches are anchored to Willow consensus on a set cadence, so an agent's history becomes a public, walkable audit trail. What did the agent see, and when, and what did it do? You no longer have to ask the operator — you verify.

It plugs into the stack you already run: MCP for Claude Desktop, Claude Code, Cursor, and any other MCP client; A2A for agent-to-agent discovery; a LangChain retriever for RAG pipelines that returns documents with their proofs attached.

Provable memory

Agents store and recall knowledge, preferences, and history through MCP tools — and every read returns a proof the data is exactly what was stored.

Agent memoryProof-backed reads

Receipts for every action

Each tool call becomes a signed, hash-chained receipt — co-signed by both sides and anchored on-chain in Merkle batches. Tampering with the log breaks the chain.

Co-signedChain-anchored

Plugs into your stack

Standard MCP, so it works wherever your agent runs. A2A endpoints make Willow discoverable to other agents; the LangChain integration covers RAG.

MCPA2ALangChain
How it works

From setup to verified reads.

  1. 01

    Connect

    Add the Willow MCP server to your agent's config. It speaks standard MCP — Claude Desktop, Claude Code, Cursor, or any framework that supports the protocol.

  2. 02

    Use

    The agent remembers, queries indexed chains, and stores records through fourteen tools — every response backed by a proof.

  3. 03

    Receipt

    Every call is signed into a hash chain. Batches are Merkle-anchored to Willow consensus on a set cadence.

  4. 04

    Audit

    Verify proofs locally and walk the anchored receipt trail through the public API — without trusting the agent or the operator.

JSON
{
  "mcpServers": {
    "willow": {
      "command": "npx",
      "args": ["@willow-protocol/mcp-server"],
      "env": {
        "WILLOW_ENDPOINT": "https://api.willow.tech"
      }
    }
  }
}

Common questions.

  • What can my agent actually do with it?

    Store and recall memory, query indexed blockchain data, persist and search structured records, and prove all of it — fourteen MCP tools, each returning results with proofs. The same data is reachable from the six SDKs, so agents and applications share one verifiable store.

  • What does a receipt prove?

    What the agent asked, what it was given, and when — signed by both the agent's host and the server so neither side can forge it alone. Receipts link into a hash chain, and the chain anchors on-chain, so the history can't be rewritten after the fact, even by the operator.

  • Does it only work with Claude?

    No — any MCP client works, including Cursor and self-built agent frameworks. Beyond MCP, the A2A endpoints let other agents discover and call Willow directly, and the LangChain integration brings proof-backed retrieval to Python RAG pipelines.

Give your agent receipts.

Add the Willow MCP server to your agent's config and every action it takes starts leaving a verifiable trail.

Partners

Request a call