How to add cryptographic receipts to every MCP tool call

The problem: MCP tool calls are invisible Model Context Protocol (MCP) is quickly becoming the standard way AI agents interact with tools. Your agent calls search_web , send_email , query_database -- each one triggers a real action on a real system. But MCP has a blind spot: there is no built-in mechanism to prove what actually happened during a tools/call . Your MCP server logs say the tool ran. Your client trusts that. But if something goes wrong -- a payment is disputed, a wrong email is sent, an audit asks "what did the agent do on March 3rd?" -- you're relying on the same system that executed the action to tell you what happened. That's self-reporting, not auditability. What OWASP says about this The OWASP Top 10 for Agentic Applications (2026) lists inadequate logging and monitoring as a top risk for AI agent systems. The prescribed mitigation? Signed audit logs per tool call. Not "more logs." Signed, tamper-evident records that an independent party can verify. This maps directly