Add recipe: signed, offline-verifiable receipts for tool calls

[tomjwxf]

Adds a third_party/ScopeBlind/ recipe showing how to give a Claude tool-use loop a fail-closed policy gate and cryptographically signed, offline-verifiable receipts.

What it demonstrates

Out of the box, an agent that calls tools leaves no audit trail a third party can independently verify. This recipe wraps each tool call in two steps inside a normal Anthropic SDK tool-use loop:

1. Gate every tool call against a Cedar policy with protect-mcp. The gate fails closed: on any policy error it denies rather than allows.
2. Sign an Ed25519 receipt of each decision. Receipts are JCS-canonical (RFC 8785) and verify offline with @veritasacta/verify, no vendor in the loop.

The notebook runs a real tool-use loop, shows Claude's safe call allowed and a dangerous one blocked, verifies the receipts offline, then tampers with a receipt to show verification fails.

Notes

• Placed in third_party/ScopeBlind/ with a README, matching the existing integration folders (Deepgram, ElevenLabs, etc.).
• ruff check passes under the repo config. Uses a current model (claude-sonnet-4-6). Requires Node.js 18+ and ANTHROPIC_API_KEY.
• Disclosure: I am the author of the open-source protect-mcp and @veritasacta/verify packages used here (MIT and Apache-2.0). The receipt wire format is an IETF Internet-Draft, draft-farley-acta-signed-receipts.