mcp-server
Verified Safeby portalsprotocol
Overview
MCP server that allows AI agents to discover and access decentralized APIs (Portals) on the Solana blockchain, paying autonomously in USDC per use.
Installation
npx -y @portalsprotocol/mcp-serverEnvironment Variables
- PORTALS_WHITELIST
- PORTALS_NETWORK
- PORTALS_RPC
Security Notes
The server stores a Solana wallet locally (`~/.portals/wallet.json`) with mode 0600 permissions, which is good practice. It explicitly requires a `PORTALS_WHITELIST` to prevent agents from accessing arbitrary portals. Input validation for tool arguments is performed against fetched OpenAPI schemas using Ajv. The fetching of OpenAPI schemas via `axios.get` from whitelisted portal URLs (which are retrieved from on-chain registry) introduces a potential, though mitigated, risk if a whitelisted portal were to serve a malicious or extremely large schema designed to exploit `axios` or `ajv` parsers. The `refreshPortals` function, which includes these network calls, is invoked on every tool request, adding a slight performance overhead but no immediate critical security flaw.
Similar Servers
fastmcp
A TypeScript framework for building Model Context Protocol (MCP) servers, providing high-level abstractions and boilerplate handling for features like tools, prompts, resources, sessions, authentication, and HTTP streaming.
mcp-server-typescript
Provides a Model Context Protocol (MCP) server to enable AI assistants to access DataForSEO's SEO data APIs through a standardized interface.
mcp-server-bbc
An AI assistant that manages BuilderBot projects by listing, retrieving, creating, updating, deleting, and duplicating projects using a set of defined tools.
mcp_server_ts
Provides a Model Context Protocol (MCP) server that exposes defined tools (e.g., "create-user") for client applications.