Configuration

Environment Variables

SESHAT is configured via environment variables. Create a .env file in your project root or pass them directly to the MCP server.

Blockchain (Optionnel)

ETH_PRIVATE_KEY string

Private key of your Ethereum wallet (with 0x prefix). Used for signing attestations on Base L2.

ETH_PRIVATE_KEY=0x0123456789abcdef...

EAS_SCHEMA_UID string

Your registered schema UID on EAS (Ethereum Attestation Service).

EAS_SCHEMA_UID=0xabcdef1234567890...

See EAS Schema Registration below.

Git Host (Requis pour seal PR/release)

GIT_HOST_API_URL string

API endpoint of your git hosting platform.

# GitHub
GIT_HOST_API_URL=https://api.github.com

# GitLab
GIT_HOST_API_URL=https://gitlab.com/api/v4

# Forgejo/Gitea
GIT_HOST_API_URL=https://your-instance.com/api/v1

GIT_HOST_TOKEN string

API token with read:repo scope for your git host.

GIT_HOST_TOKEN=ghp_xxxxxxxxxxxx

Obsidian (Requis pour certify_research)

OBSIDIAN_ROOT string

Absolute path to your Obsidian vault root directory.

OBSIDIAN_ROOT=/Users/you/Documents/Vault

Notion (Alternative ou complement a Obsidian)

NOTION_TOKEN string

Token d’integration interne Notion. Commence par ntn_ ou secret_.

NOTION_TOKEN=ntn_xxxxxxxxxxxxxxxxxxxx

Optional Variables

DB_PATH string

Path to the SQLite database file. Default: ./data/seshat.db

DB_PATH=/var/lib/seshat/ledger.db

LOG_LEVEL string

Logging verbosity. Options: debug, info, warn, error. Default: info

LOG_LEVEL=debug

Security Features (Optional)

ENABLE_TSA boolean

Enable RFC 3161 timestamps via FreeTSA. Default: false

ENABLE_TSA=true
TSA_URL=https://freetsa.org/tsr

ENABLE_IPFS boolean

Enable encrypted IPFS storage via nft.storage. Default: false

ENABLE_IPFS=true
NFT_STORAGE_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

ENABLE_PQC boolean

Enable ANSSI-compliant post-quantum signatures. Default: false

ENABLE_PQC=true
PQC_LEVEL=87  # 44, 65, or 87

Level	Algorithm	NIST Level	Security
44	ML-DSA-44	2	128-bit
65	ML-DSA-65	3	192-bit
87	ML-DSA-87	5	256-bit

EAS Schema Registration

Before using SESHAT, you must register an attestation schema on EAS.

Schema Definition

bytes32 projectId,
string category,
bytes32 fingerprint,
bytes32 treeHash,
string ref,
uint256 effortHours

Registration Steps

Go to EAS Explorer

Visit base.easscan.org/schema/create
Connect Wallet

Connect the same wallet you’ll use for SESHAT
Enter Schema

Paste the schema definition above
Set Resolver

Leave resolver as 0x0000...0000 (no resolver)
Register

Submit the transaction (~EUR0.01 on Base)
Copy UID

Copy the resulting Schema UID and add to your .env

Complete Example

# ===========================================
# SESHAT Configuration
# ===========================================

# Blockchain (Required)
ETH_PRIVATE_KEY=0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
EAS_SCHEMA_UID=0xabcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890

# Git Host (Required)
GIT_HOST_API_URL=https://api.github.com
GIT_HOST_TOKEN=ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

# Obsidian (Required)
OBSIDIAN_ROOT=/Users/julien/Documents/Research

# Database
DB_PATH=./data/seshat.db

# Logging
LOG_LEVEL=info

# ===========================================
# Optional: Reinforced Proof Chain
# ===========================================

# RFC 3161 Timestamps
ENABLE_TSA=true
TSA_URL=https://freetsa.org/tsr

# IPFS Storage (encrypted)
ENABLE_IPFS=true
NFT_STORAGE_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

# Post-Quantum Signatures
ENABLE_PQC=true
PQC_LEVEL=87

Configuration via MCP

Une fois installe, configurez SESHAT directement via votre agent IA :

Configure SESHAT avec mon GitHub et mon vault Obsidian

L’agent utilisera l’outil configure pour vous guider dans la configuration.