Server data from the Official MCP Registry
Runtime authorization for AI agents and smart contracts via an immutable on-chain policy registry
Runtime authorization for AI agents and smart contracts via an immutable on-chain policy registry
The SmartPolicy MCP server is a well-architected authorization system with proper separation of concerns and reasonable security practices. However, several moderate-severity issues exist: environment variable handling lacks explicit documentation and validation, the grant issuer relies on external key management without comprehensive safeguards, input validation could be more robust in some areas, and error handling exposes some implementation details. The codebase is clean and follows best practices overall, but these issues warrant attention before production use. Supply chain analysis found 5 known vulnerabilities in dependencies (2 critical, 3 high severity). Package verification found 1 issue.
5 files analyzed · 14 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Set these up before or after installing:
Environment variable: SMARTPOLICY_REGISTRY
Environment variable: SMARTPOLICY_VERIFIER
Environment variable: SMARTPOLICY_RPC_URL
Environment variable: SMARTPOLICY_ISSUER_KEY
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-smartpolicy-protocol-smartpolicy": {
"env": {
"SMARTPOLICY_RPC_URL": "your-smartpolicy-rpc-url-here",
"SMARTPOLICY_REGISTRY": "your-smartpolicy-registry-here",
"SMARTPOLICY_VERIFIER": "your-smartpolicy-verifier-here",
"SMARTPOLICY_ISSUER_KEY": "your-smartpolicy-issuer-key-here"
},
"args": [
"-y",
"@smartpolicy/mcp"
],
"command": "npx"
}
}
}From the project's GitHub README.
Runtime authorization for AI agents and smart contracts.
Define what an agent, a user, or a contract is allowed to do — once, as a policy. Enforce it everywhere: on-chain via a minimal verifier, off-chain via an MCP server and REST API that AI systems consume directly. Update the rules without redeploying anything.
Status (2026-06-12): core contracts live on Ethereum Sepolia (Etherscan-verified, addresses in contracts/deployments/sepolia.json); 54 Foundry tests green; MCP server v0 packaged —
npx smartpolicy-mcpruns zero-config against Sepolia,npx smartpolicy-mcp deploybootstraps any chain from embedded bytecode; AI-consumability proven by unaided fresh-agent execution tests (incl. cold start on an empty chain). NOT audited; internal until mature — no public repo or registry listings yet. Current state, decisions, and how to resume work: PLAN.md.
Every team shipping AI agents hits the same wall: the agent can technically do anything its keys allow, and the only ways to constrain it are hardcoded prompts or redeployed code. Every smart contract team hits the mirror image: access rules baked into the contract at deploy time.
SmartPolicy separates the rule from the enforcement point:
0xAgent perform action under policy N?" and receives a short-lived
signed grant (EIP-712) that any contract or backend can verify.┌─────────────┐ MCP / REST (x402 metered) ┌──────────────────┐
│ AI agents │ ────────────────────────────▶ │ SmartPolicy MCP │
│ & services │ ◀──── signed grants ──────── │ server (TS) │
└─────────────┘ └────────┬─────────┘
│ reads + grant issuance
┌─────────────┐ inherit Gate modifier ┌────────▼─────────┐
│ Protected │ ────── view calls ──────────▶ │ PolicyRegistry │
│ contracts │ │ (Base, immutable)│
└─────────────┘ └──────────────────┘
See ARCHITECTURE.md for the full design and the rationale for every decision (chain, fees, trust model, what was deliberately dropped from v1).
contracts/ Solidity core: PolicyRegistry, PolicyGate, interfaces (Foundry)
mcp/ MCP server + REST API (TypeScript, x402 metering)
sdk/ TypeScript client SDK (planned)
docs/ Integration guides (planned)
SmartPolicy is a clean rewrite of the strongest ideas from a 2025 prototype ("Smart Policy Protocol", Sepolia): the policy registry, the tiered integration model, and hybrid on-chain + signed-token enforcement. The rewrite deliberately drops the SPOL token/ICO/governance suite, the sports-prediction oracle, the factory contracts, and the upgradeable-proxy trust model, and fixes the known security issues (tx.origin checks, missing reentrancy guards, header-only API auth).
Apache-2.0 — see LICENSE.
Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Web content fetching and conversion for efficient LLM usage
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.
by Microsoft · Content & Media
Convert files (PDF, Word, Excel, images, audio) to Markdown for LLM consumption
by mcp-marketplace · Developer Tools
Search and install MCP servers from inside your AI client.