diff --git a/.claude-plugin/marketplace.json b/.claude-plugin/marketplace.json index 82ade411..df897665 100644 --- a/.claude-plugin/marketplace.json +++ b/.claude-plugin/marketplace.json @@ -99,6 +99,11 @@ "source": "./plugins/partner-built/spglobal", "description": "S&P Global - Financial data and analytics skills including company tearsheets, earnings previews, and transaction summaries" }, + { + "name": "certnode-provenance", + "source": "./plugins/partner-built/certnode-provenance", + "description": "CertNode - Cryptographic provenance for finance-agent outputs. Signs every pitch deck, IC memo, earnings note, KYC output, and valuation report with FRE 902(13)/(14)-framed evidence + EU AI Act Article 50 disclosure surface." + }, { "name": "claude-for-msft-365-install", "source": "./claude-for-msft-365-install", diff --git a/plugins/partner-built/certnode-provenance/.claude-plugin/plugin.json b/plugins/partner-built/certnode-provenance/.claude-plugin/plugin.json new file mode 100644 index 00000000..e526841f --- /dev/null +++ b/plugins/partner-built/certnode-provenance/.claude-plugin/plugin.json @@ -0,0 +1,32 @@ +{ + "name": "certnode-provenance", + "description": "Cryptographic provenance layer for finance-agent outputs. Wraps any agent's deliver step with CertNode signing — pitch decks, IC memos, earnings notes, KYC outputs, valuation reports carry FRE 902(13)/(14)-framed evidence + EU AI Act Article 50 disclosure surface.", + "version": "0.1.0", + "author": { + "name": "CertNode" + }, + "homepage": "https://certnode.io/solutions/financial-services", + "repository": "https://github.com/srbryant86/certnode/tree/main/partner-plugins/anthropic-financial-services/certnode-provenance", + "license": "Apache-2.0", + "keywords": [ + "fre-902-13", + "fre-902-14", + "ai-provenance", + "anthropic-finance-agents", + "eu-ai-act", + "compliance", + "audit-trail", + "financial-services", + "finra", + "rfc-3161" + ], + "mcpServers": { + "certnode-provenance": { + "command": "npx", + "args": ["-y", "@certnode/mcp-server"], + "env": { + "CERTNODE_API_KEY": "${CERTNODE_API_KEY}" + } + } + } +} diff --git a/plugins/partner-built/certnode-provenance/.mcp.json b/plugins/partner-built/certnode-provenance/.mcp.json new file mode 100644 index 00000000..5f9b44b1 --- /dev/null +++ b/plugins/partner-built/certnode-provenance/.mcp.json @@ -0,0 +1,11 @@ +{ + "mcpServers": { + "certnode-provenance": { + "command": "npx", + "args": ["-y", "@certnode/mcp-server"], + "env": { + "CERTNODE_API_KEY": "${CERTNODE_API_KEY}" + } + } + } +} diff --git a/plugins/partner-built/certnode-provenance/README.md b/plugins/partner-built/certnode-provenance/README.md new file mode 100644 index 00000000..0c4e5c4e --- /dev/null +++ b/plugins/partner-built/certnode-provenance/README.md @@ -0,0 +1,135 @@ +# CertNode Provenance — Partner Plugin for Anthropic financial-services + +Cryptographic provenance layer for Anthropic finance agents. Wraps any agent's deliverable with three-layer timestamped signing designed for **FRE 902(13)/(14)** self-authenticating digital evidence and **EU AI Act Article 50** disclosure. + +## What this plugin does + +Every output from a finance agent (pitch builder, earnings reviewer, IC memo, KYC screener, valuation reviewer, statement auditor, etc.) reaches a client, LP, regulator, auditor, or official record. Internal logging doesn't satisfy: + +- **FRE 902(13) / 902(14)** admissibility when a deliverable becomes evidence +- **FINRA Rule 2241** recordkeeping for published research +- **BSA/AML** audit trail for KYC screening decisions +- **EU AI Act Article 50** machine-readable disclosure for AI-generated content (in force August 2026) + +This plugin makes every output's cryptographic provenance a one-line addition: + +```typescript +import { CertNode } from '@certnode/sdk' + +const cert = new CertNode({ apiKey: process.env.CERTNODE_API_KEY! }) +const signed = await cert.signAIOutput({ + output: pitchDeckContent, + model: 'claude-opus-4-7', + provider: 'anthropic', +}) + +// signed.receiptId — store with the deliverable in your CRM / DMS +// signed.verifyUrl — give to client / LP / regulator / counsel +// signed.timestamps.{certnode, rfc3161, bitcoin} — independent chain +``` + +## What the three timestamp layers prove + +1. **Layer 1 (CertNode signature)** — ES256 JWS over content hash. Verifiable against CertNode's published public key. Reproducible by any opposing expert. +2. **Layer 2 (RFC 3161 timestamp)** — Countersignature from an independent Time Stamp Authority. The format cited in case law for self-authenticating digital evidence. +3. **Layer 3 (Bitcoin OpenTimestamps anchor)** — Merkle commitment to a Bitcoin block, confirmed within 1–2 hours. Strongest non-revocable proof-of-existence. Even if CertNode + the RFC 3161 TSA both disappear, the Bitcoin proof remains independently verifiable forever. + +## Install + +### As a Claude Code plugin + +```bash +claude plugin marketplace add anthropics/claude-for-financial-services +claude plugin install certnode-provenance@claude-for-financial-services +``` + +### Via Cowork plugin UI + +``` +Settings → Plugins → Add plugin +Search for: certnode-provenance +``` + +### Direct npm install (for non-plugin usage) + +```bash +npm install @certnode/sdk +``` + +## Auth + +Get an API key at . Free tier: 100 receipts/month, no card required. Metered pricing above ($0.01/receipt with volume discounts down to $0.002). + +Set in environment: + +```bash +export CERTNODE_API_KEY=cn_live_... +``` + +The plugin's MCP server auto-reads this env var (see `plugin.json` → `mcpServers`). + +## Privacy patterns for sensitive workflows + +KYC screening, LP-statement audits, IC memos, and similar workflows touch PHI / PII / privileged content. CertNode supports a sealed-content pattern where raw content stays in your infrastructure and only a salted hash crosses the wire: + +```typescript +const promptHash = crypto.createHash('sha256').update(SALT + sensitiveContent).digest('hex') + +const signed = await cert.signAIOutput({ + output: ``, + model: 'claude-opus-4-7', + provider: 'anthropic', + promptHash, +}) +``` + +CertNode receives only the sentinel + hash — no PHI, no privileged content, no client identifiers. See for the full implementation. + +## Verification + +Anyone — client, LP, regulator, auditor, opposing counsel — can verify a receipt without a CertNode account: + +```bash +# Public verify endpoint (no auth required) +curl -X POST https://certnode.io/api/v1/provenance/verify \ + -H "Content-Type: application/json" \ + -d '{"receiptId": "uuid-from-signed-deliverable"}' + +# Or open in any browser: +# https://certnode.io/verify/uuid-from-signed-deliverable +``` + +For verification-only integrations (browser extensions, audit tooling, verification pipelines), use the lightweight verify-only SDK: + +```bash +npm install @certnode/verify +``` + +## Compliance framing notes + +- **"Designed for FRE 902(13)/(14)"** — not unqualified "court-admissible." No court has ruled on a CertNode receipt specifically. The underlying primitives (ES256, JWS, RFC 3161, OpenTimestamps) are well-precedented. +- **Independent verifiability** is the defensive cornerstone. Opposing experts run the same verification using open standards. Customers don't need to trust CertNode for the cryptography to hold. +- **Multi-model neutral** — works with Claude, OpenAI, Mistral, Llama, or any model. CertNode does not preference any AI provider. +- See for the full counsel-facing breakdown. + +## Cross-references + +- Recipe (end-to-end): +- Solutions page (compliance mapping): +- API reference: +- Compliance framing: +- npm SDK: +- Verify-only SDK: +- MCP server: + +## License + +Apache 2.0 (matches the parent anthropics/financial-services repo). + +## About CertNode + +CertNode provides cryptographic provenance APIs for AI outputs, chargeback evidence (Stripe Reflex), payment evidence vaults, and refund-abuse detection. + +For procurement / enterprise terms / SOC 2 evidence (in-flight): email . + +**Important:** CertNode is not affiliated with or endorsed by Anthropic. This plugin is proposed as a community / partner integration to make finance-agent outputs compliance-defensible. diff --git a/plugins/partner-built/certnode-provenance/commands/sign-with-provenance.md b/plugins/partner-built/certnode-provenance/commands/sign-with-provenance.md new file mode 100644 index 00000000..23927a8c --- /dev/null +++ b/plugins/partner-built/certnode-provenance/commands/sign-with-provenance.md @@ -0,0 +1,48 @@ +--- +name: sign-with-provenance +description: Sign any AI-generated output with CertNode cryptographic provenance. Returns a public verify URL anyone can use to confirm the content existed in this exact form at the signing time. Designed for FRE 902(13)/(14) admissibility + EU AI Act Article 50 disclosure. Use after producing a deliverable that will reach a client, LP, regulator, or official record. +--- + +# /sign-with-provenance + +Sign the current document, conversation transcript, or any AI-generated content with CertNode three-layer cryptographic provenance. + +## Usage + +``` +/sign-with-provenance +``` + +Run after producing content you want to verifiably preserve. The command will: + +1. Call the `sign-output` skill with the current context +2. Display the receipt id + public verify URL +3. Suggest where to embed the verify URL (deck footer, email signature, report appendix, CRM record) + +## Prerequisites + +- `CERTNODE_API_KEY` set in environment (get one at ) +- Free tier: 100 signings/month, no card + +## Example output + +``` +✓ Signed + Receipt ID: 7e3a9b2f-4c5d-4e6f-8a9b-1c2d3e4f5g6h + Verify URL: https://certnode.io/verify/7e3a9b2f-4c5d-4e6f-8a9b-1c2d3e4f5g6h + Signed at: 2026-05-11T03:42:18Z + RFC 3161: ✓ countersigned by independent TSA + Bitcoin: ⏳ queued (confirms in 1-2 hours) + +Suggested next steps: + - Embed verify URL in your deliverable's footer / signature + - Persist receipt id with the deliverable in your CRM / DMS + - For LP / regulator / counsel delivery, include verify URL + "Designed for + FRE 902(13)/(14) self-authenticating digital evidence" framing +``` + +## Related + +- Skill: `sign-output` (the underlying implementation) +- Recipe: +- Compliance: diff --git a/plugins/partner-built/certnode-provenance/skills/sign-output/SKILL.md b/plugins/partner-built/certnode-provenance/skills/sign-output/SKILL.md new file mode 100644 index 00000000..8fcb68af --- /dev/null +++ b/plugins/partner-built/certnode-provenance/skills/sign-output/SKILL.md @@ -0,0 +1,141 @@ +--- +name: sign-output +description: Wrap any Anthropic finance-agent deliverable with CertNode cryptographic provenance signing before delivery. Produces a public verify URL alongside the artifact so clients, LPs, regulators, and counsel can independently verify the chain. Designed for FRE 902(13)/(14) self-authenticating digital evidence + EU AI Act Article 50 disclosure. +--- + +# Sign Output Skill + +Fire CertNode signing on any finance-agent deliverable. Returns the original output plus a receipt id + public verify URL. + +## When to fire + +This skill fires automatically when: + +- A named agent is about to deliver content to a client, LP, regulator, or official record +- The user invokes `/sign-with-provenance` slash command on any text or document +- A wrapping skill chains into this skill before its own delivery step + +## What it does + +1. Hashes the deliverable (sha256) — raw content stays in your infrastructure +2. Calls `POST https://certnode.io/api/v1/provenance/sign` with content + model + metadata +3. Returns a receipt object containing: + - `receiptId` (uuid) + - `verifyUrl` (public verify page anyone can check) + - `signedAt` (ISO 8601 timestamp) + - `timestamps.certnode.id` (internal HMAC-SHA256 timestamp) + - `timestamps.rfc3161` (optional — independent Time Stamp Authority countersignature) + - `timestamps.bitcoin.status` (pending → anchored within 1-2 hours) + +## Auth + +Set `CERTNODE_API_KEY` in your environment (key from ). + +Free tier: 100 signings/month, no card. Metered above that ($0.01 → $0.002/signing on volume tiers). + +## Compliance framing + +- **FRE 902(13)/(14)** — Receipts are structured to satisfy Federal Rule of Evidence 902(13) (electronic records generated by accurate process) and 902(14) (digital signatures). The signing process is deterministic + reproducible by opposing experts. +- **EU AI Act Article 50** — Receipt's public verify URL is the machine-readable disclosure required for AI-generated content under EU rules (in force August 2026). +- **FINRA** — Recordkeeping rules satisfied by including receiptId + verifyUrl in supervisory records. +- **No bare "court-admissible" claims** — use "designed for FRE 902(13)/(14) admissibility" framing. No court has ruled on a CertNode receipt specifically; the underlying primitives (RFC 3161, ES256, JWS, OpenTimestamps) are well-precedented. + +## Privacy patterns + +For PHI, PII, attorney-client-privileged, or trade-sensitive content: + +- **Hash before signing.** Pass `promptHash` field with a sha256 of the sensitive part; the raw content stays in your infrastructure. +- **Sealed-content variant.** Sign a sentinel string `` and store the salted hash of the real content in your encrypted storage. Receipt becomes a binding ledger entry without exposing content. + +See for the implementation patterns. + +## Implementation + +```typescript +import { CertNode } from '@certnode/sdk' + +const cert = new CertNode({ apiKey: process.env.CERTNODE_API_KEY! }) + +export async function signFinanceAgentOutput(input: { + agentName: string // 'pitch-builder' | 'earnings-reviewer' | ... + output: string + model: string // 'claude-opus-4-7' typically + contentType?: 'ai_output' | 'document' | 'json' | 'image' + clientContext?: Record // optional audit-trail metadata (hashed) +}): Promise<{ + receiptId: string + verifyUrl: string + signedAt: string +}> { + // Hash any sensitive client context — never send raw client IDs to CertNode + const promptHashParts: string[] = [`agent=${input.agentName}`] + if (input.clientContext) { + const crypto = await import('node:crypto') + for (const [key, value] of Object.entries(input.clientContext)) { + const hashed = crypto.createHash('sha256').update(value).digest('hex').slice(0, 16) + promptHashParts.push(`${key}=${hashed}`) + } + } + + const signed = await cert.signAIOutput({ + output: input.output, + model: input.model, + provider: 'anthropic', + promptHash: promptHashParts.join('|'), + }) + + return { + receiptId: signed.receiptId, + verifyUrl: signed.verifyUrl, + signedAt: signed.signedAt, + } +} +``` + +## Agent integration map + +The 10 Anthropic finance agents that should wrap this skill on their delivery step: + +| Anthropic agent | Why it needs provenance | +|---|---| +| Pitch builder | Branded pitch decks delivered to clients — SEC/FINRA scrutiny on advertised claims | +| Earnings reviewer | Published analyst notes — FINRA Rule 2241 recordkeeping | +| Statement auditor | LP statement reviews — auditor + LP discovery | +| KYC screener | Document parsing + flagging — BSA/AML FinCEN audit | +| IC memo (private equity) | Investment committee memos — discoverable in fund litigation | +| Model builder | DCF / LBO / 3-statement Excel — "did the AI build this, when, with what inputs" | +| Valuation reviewer | GP package valuations — LP advisory committee audit | +| Market researcher | Sector overviews to clients — published research recordkeeping | +| Meeting preparer | Pre-meeting briefing packs — internal recordkeeping | +| Month-end closer | Accruals + variance commentary — auditor scrutiny | + +## Errors + +- `free_tier_exceeded` (HTTP 402) → org has hit 100/mo free cap. Response body includes `upgrade_url` pointing at the dashboard. Customer must add a payment method to continue signing. +- `content_too_large` (HTTP 413) → content > 1 MB. For long deliverables, sign a sha256 hash of the content rather than the full content. +- `invalid_or_revoked_api_key` (HTTP 401) → key missing, malformed, or revoked. Regenerate from . + +## Verifying later + +Anyone — client, LP, regulator, auditor, opposing counsel — can verify a receipt without a CertNode account: + +```bash +# Public verify endpoint (no auth required) +curl -X POST https://certnode.io/api/v1/provenance/verify \ + -H "Content-Type: application/json" \ + -d '{"receiptId": "uuid-from-signed-deliverable"}' + +# Or open the verify URL in any browser: +# https://certnode.io/verify/uuid-from-signed-deliverable +``` + +## Cross-references + +- Plugin manifest: `plugin.json` +- Slash command: `commands/sign-with-provenance.md` +- MCP server: `@certnode/mcp-server@1.2.2+` (auto-configured via `mcpServers` in plugin.json) +- Full recipe: +- Solutions page: +- Compliance framing: +- npm SDK: +- Verify-only SDK (for browser extensions / audit tooling):