Skip to main content

Environment Variables

SESHAT is configured via environment variables. Create a .env file in your project root or pass them directly to the MCP server.

Required Variables

ETH_PRIVATE_KEY
string
required
Private key of your Ethereum wallet (with 0x prefix). Used for signing attestations on Base L2.
ETH_PRIVATE_KEY=0x0123456789abcdef...
Use a dedicated wallet with minimal funds. Never use your main wallet.
EAS_SCHEMA_UID
string
required
Your registered schema UID on EAS (Ethereum Attestation Service).
EAS_SCHEMA_UID=0xabcdef1234567890...
See EAS Schema Registration below.
GIT_HOST_API_URL
string
required
API endpoint of your git hosting platform.
# GitHub
GIT_HOST_API_URL=https://api.github.com

# GitLab
GIT_HOST_API_URL=https://gitlab.com/api/v4

# Forgejo/Gitea
GIT_HOST_API_URL=https://your-instance.com/api/v1
GIT_HOST_TOKEN
string
required
API token with read:repo scope for your git host.
GIT_HOST_TOKEN=ghp_xxxxxxxxxxxx
OBSIDIAN_ROOT
string
required
Absolute path to your Obsidian vault root directory.
OBSIDIAN_ROOT=/Users/you/Documents/Vault

Optional Variables

DB_PATH
string
default:"./data/seshat.db"
Path to the SQLite database file.
DB_PATH=/var/lib/seshat/ledger.db
LOG_LEVEL
string
default:"info"
Logging verbosity. Options: debug, info, warn, error.
LOG_LEVEL=debug

Security Features (Optional)

ENABLE_TSA
boolean
default:"false"
Enable RFC 3161 timestamps via FreeTSA.
ENABLE_TSA=true
TSA_URL=https://freetsa.org/tsr
ENABLE_IPFS
boolean
default:"false"
Enable encrypted IPFS storage via nft.storage.
ENABLE_IPFS=true
NFT_STORAGE_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
ENABLE_PQC
boolean
default:"false"
Enable ANSSI-compliant post-quantum signatures.
ENABLE_PQC=true
PQC_LEVEL=87  # 44, 65, or 87
LevelAlgorithmNIST LevelSecurity
44ML-DSA-442128-bit
65ML-DSA-653192-bit
87ML-DSA-875256-bit

EAS Schema Registration

Before using SESHAT, you must register an attestation schema on EAS.

Schema Definition

bytes32 projectId,
string category,
bytes32 fingerprint,
bytes32 treeHash,
string ref,
uint256 effortHours

Registration Steps

1

Go to EAS Explorer

Visit base.easscan.org/schema/create
2

Connect Wallet

Connect the same wallet you’ll use for SESHAT
3

Enter Schema

Paste the schema definition above
4

Set Resolver

Leave resolver as 0x0000...0000 (no resolver)
5

Register

Submit the transaction (~$0.01 on Base)
6

Copy UID

Copy the resulting Schema UID and add to your .env

Complete Example

.env
# ===========================================
# SESHAT Configuration
# ===========================================

# Blockchain (Required)
ETH_PRIVATE_KEY=0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
EAS_SCHEMA_UID=0xabcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890

# Git Host (Required)
GIT_HOST_API_URL=https://api.github.com
GIT_HOST_TOKEN=ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

# Obsidian (Required)
OBSIDIAN_ROOT=/Users/julien/Documents/Research

# Database
DB_PATH=./data/seshat.db

# Logging
LOG_LEVEL=info

# ===========================================
# Optional: Reinforced Proof Chain
# ===========================================

# RFC 3161 Timestamps
ENABLE_TSA=true
TSA_URL=https://freetsa.org/tsr

# IPFS Storage (encrypted)
ENABLE_IPFS=true
NFT_STORAGE_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

# Post-Quantum Signatures
ENABLE_PQC=true
PQC_LEVEL=87

Docker Configuration

When running via Docker, pass environment variables: 
docker run -d \
  -e ETH_PRIVATE_KEY=0x... \
  -e EAS_SCHEMA_UID=0x... \
  -e GIT_HOST_API_URL=https://api.github.com \
  -e GIT_HOST_TOKEN=ghp_... \
  -e OBSIDIAN_ROOT=/vault \
  -v /path/to/vault:/vault:ro \
  -v /path/to/data:/data \
  ghcr.io/menezis-ai/seshat-mcp:latest
Or use a .env file: 
docker run -d --env-file .env \
  -v /path/to/vault:/vault:ro \
  ghcr.io/menezis-ai/seshat-mcp:latest