{"id":"validation-mcp-server","name":"validation-mcp-server","homepage":"https://pypi.org/project/validation-mcp-server/","repo_url":"https://github.com/nirholas/ethereum-wallet-toolkit/tree/main/validation-mcp-server","category":"security","subcategories":[],"tags":["ethereum","evm","wallet-security","mcp","validation","cryptography","offline","python","eip55","eip712","keccak256"],"what_it_does":"validation-mcp-server is an offline, Python-based Model Context Protocol (MCP) server that provides Ethereum address/key validation and related cryptographic utilities (e.g., EIP-55 checksum validation, private-key range checking, checksummed conversion, signature component/value validation, hashing like keccak256, function selector encoding/decoding, ENS format validation, and storage-slot computation).","use_cases":["Validate Ethereum addresses (including EIP-55 checksum)","Derive addresses from private/public keys (for verification workflows)","Validate private keys for range correctness","Validate ECDSA signature components (v/r/s) without broadcasting transactions","Compute keccak256 hashes and function selectors offline","Validate ENS name format and compute EVM storage slot positions","Batch validate multiple addresses","Assist AI agents in constructing safe offline workflows around signing/verification tooling"],"not_for":["Generating or managing real funds without a broader wallet/transaction toolchain","Storing or persisting secrets (the server is described as passing keys through; avoid using it as a secrets vault)","Production signing workflows that require audited operational guarantees beyond library correctness (no runtime/SLA guarantees are shown here)"],"best_when":"You need deterministic, offline Ethereum validation and cryptographic helpers to support AI-assisted security checks (e.g., before signing transactions/messages) in an air-gapped or network-restricted environment.","avoid_when":"You need authenticated network services, webhooks, or managed API access; or you require documented rate limits and operational SLAs (not evidenced in provided content).","alternatives":["Use a non-MCP Python library stack directly (eth-utils/eth-keys/eth-account + custom helpers)","Use Ethereumjs/ethers utilities for address checksum and signature validation in your own code","Deploy a REST/GraphQL service around these utilities if you need HTTP with OpenAPI and centralized auth/rate limiting"],"af_score":58.2,"security_score":26.8,"reliability_score":20.0,"package_type":"mcp_server","discovery_source":["pypi"],"priority":"low","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-04-04T21:40:30.219527+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":["Python"],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["No external authentication described for MCP usage in README"],"oauth":false,"scopes":false,"notes":"The provided README focuses on local/CLI MCP usage (Claude Desktop config). No auth mechanism (API keys/OAuth scopes) is documented for the MCP server."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information provided; repo appears to be MIT-licensed open source tooling."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":58.2,"security_score":26.8,"reliability_score":20.0,"mcp_server_quality":78.0,"documentation_accuracy":70.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":95.0,"rate_limit_clarity":0.0,"tls_enforcement":0.0,"auth_strength":10.0,"scope_granularity":0.0,"dependency_hygiene":55.0,"secret_handling":80.0,"security_notes":"Strengths (from provided content): designed for offline/no network calls and does not persist keys (“keys are passed through, never persisted”). Primary risk: it manipulates sensitive cryptographic material; misuse (e.g., logging inputs/outputs containing private keys) must be avoided by agent/operator. No details are provided on secure logging, redaction, or operational deployment hardening. Dependency posture is not verifiable from provided content; score assumes typical library hygiene but cannot confirm CVE status.","uptime_documented":0.0,"version_stability":40.0,"breaking_changes_history":0.0,"error_recovery":40.0,"idempotency_support":"true","idempotency_notes":"Most validation/hash/encoding operations are naturally idempotent given identical inputs. No explicit idempotency guarantees are documented.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Input validation is likely strict for hex/address formats; agents may need to normalize 0x-prefix/casing and provide correct hex lengths.","Signature validation expects correct v/r/s semantics; agents may need to supply v in the expected normalization (e.g., 27/28 vs 0/1) depending on tool requirements.","Batch tools may have limits on batch size (not specified in provided content).","The MCP server is offline-focused; agents expecting network lookups (e.g., ENS resolution) may need to restrict themselves to format validation only (ENS format validation is mentioned, not resolution)."]}}