{"id":"signing-mcp-server","name":"signing-mcp-server","homepage":"https://pypi.org/project/signing-mcp-server/","repo_url":"https://github.com/nirholas/ethereum-wallet-toolkit/tree/main/signing-mcp-server","category":"ai-ml","subcategories":[],"tags":["ethereum","mcp","offline","signing","eip-191","eip-712","keystore","crypto","python","wallet","hd-wallet"],"what_it_does":"Provides an offline Ethereum wallet signing toolkit with MCP servers (including signing-mcp-server) for EIP-191 message signing and EIP-712 typed-data signing/verification, plus related wallet/keystore utilities in the broader toolkit. Emphasizes offline/self-contained operation and uses established Ethereum cryptography libraries.","use_cases":["AI-assisted signing of EIP-191 personal_sign messages","AI-assisted signing and verification of EIP-712 typed data (e.g., permits)","Offline signing workflows for air-gapped environments","Validation/recovery workflows (recover signer from signatures)","Developers integrating Ethereum signing operations into MCP-enabled assistants"],"not_for":["Custody/key management (the toolkit passes keys in requests and does not provide secure custody)","Signing directly with remote/hardware-secured key material without additional integration","High-frequency online signing services requiring strong rate-limit controls from a public API gateway"],"best_when":"You need offline, deterministic Ethereum signing primitives exposed to an AI assistant via MCP, and you can manage sensitive inputs (private keys/passwords) within your own secure environment.","avoid_when":"You want a hosted, network-exposed signing API with robust transport/session security, or you require explicit, documented rate limiting and standardized HTTP error semantics (since MCP/local usage is implied, not HTTP-based).","alternatives":["Using official libraries directly (e.g., eth-account, @ethereumjs/*, web3.js/ethers.js signTypedData)","A dedicated wallet/keystore service with documented auth, audit logs, and hardware-wallet integration","Other MCP wallet/tooling projects with verified API contracts and error models"],"af_score":58.0,"security_score":59.2,"reliability_score":21.2,"package_type":"mcp_server","discovery_source":["pypi"],"priority":"low","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-04-04T21:44:35.195442+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":["python"],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["None for offline/local MCP tool invocation (auth mechanism not described in provided README)","Credential/passphrase provided as tool input for keystore encryption/decryption (not an auth mechanism)"],"oauth":false,"scopes":false,"notes":"No network authentication/authorization model is described in the provided content. Tool operations appear to be invoked locally via MCP; sensitive key material is passed through tool inputs."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Self-hosted open-source tooling; no pricing information provided."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":58.0,"security_score":59.2,"reliability_score":21.2,"mcp_server_quality":85.0,"documentation_accuracy":70.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":95.0,"rate_limit_clarity":0.0,"tls_enforcement":100.0,"auth_strength":55.0,"scope_granularity":30.0,"dependency_hygiene":70.0,"secret_handling":45.0,"security_notes":"Strengths suggested by README: offline/no network calls; no key storage/persistence; uses widely used Ethereum libraries. Primary concern from provided info: authentication/authorization is not described (likely local MCP), and secret-handling guarantees beyond 'keys passed through, never persisted' are not fully evidenced. Rate-limiting and standardized safe error handling for malformed sensitive inputs are not documented.","uptime_documented":0.0,"version_stability":30.0,"breaking_changes_history":20.0,"error_recovery":35.0,"idempotency_support":"false","idempotency_notes":"Some tools are naturally deterministic (verification/hash/encoding), but signing/generation may produce new outputs given different inputs; no explicit idempotency guarantees documented.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Treat private keys/mnemonics/passwords as highly sensitive; ensure your agent runtime does not log tool inputs.","For EIP-712, typed-data structure/domain fields must be exact; minor mismatches change hashes/signatures.","Signature formats (v value normalization, 27/28 vs 0/1) may require normalization depending on tool expectations.","Keystore encryption/decryption depends on correct scrypt/pbkdf2 parameters and password; failures can occur if mismatched."]}}