Model Context Protocol moderate risk

Evm

EVM MCP Server provides AI agents with a unified interface to interact with 60+ EVM chains, enabling blockchain data access, token management, and smart contract interactions.

Connections & Capabilities

Connects To

GitHub

Capabilities

readwriteexec

Quickstart

Install

npx @mcpdotdirect/evm-mcp-server

Config

{
  "mcpServers": {
    "evm-mcp-server": {
      "command": "npx",
      "args": ["-y", "@mcpdotdirect/evm-mcp-server"]
    },
    "evm-mcp-http": {
      "command": "npx",
      "args": ["-y", "@mcpdotdirect/evm-mcp-server", "--http"]
    }
  }
}

Exposed MCP Tools (7)

safe

get_chain_id

Retrieves the chain ID of the configured EVM network.

Read-only operation, no side effects.

safe

get_block_number

Fetches the latest block number of the EVM network.

Read-only operation, no side effects.

safe

get_balance

Retrieves the native token balance of an Ethereum address.

Read-only operation, no side effects.

high

transfer_native

Transfers native tokens between Ethereum addresses.

Requires private key and can result in loss of funds if used incorrectly.

safe

read_contract

Reads data from a smart contract using a specified function and ABI.

Read-only operation, but incorrect ABI or function can lead to unexpected results.

critical

write_contract

Writes data to a smart contract by executing a state-changing function.

Requires private key and can result in irreversible state changes or loss of funds.

safe

get_contract_abi

Fetches the ABI of a smart contract from a block explorer.

Read-only operation, but relies on external API.

Safety Assessment

The EVM MCP Server offers a range of blockchain services, but its safety depends on how it's configured and used. Read-only operations are generally safe. Write operations, especially those involving private keys or smart contract interactions, require careful management and monitoring to mitigate risks.

Supports read-only operations for blockchain data access.
Offers AI-guided prompts for safer interaction with complex workflows.
Provides gas estimation for transaction planning.
Includes contract verification to distinguish contracts from EOAs.
Supports message signing capabilities for authentication.

Requires private key or mnemonic for write operations, posing a security risk if mishandled.
Automatic ABI fetching relies on external APIs (Etherscan), which could introduce vulnerabilities.
Server configuration is hardcoded, limiting flexibility and potentially exposing default settings.
Lack of sandboxing for smart contract interactions could lead to unintended consequences.
Potential for misuse if AI agents are not properly constrained when executing write operations.

Client Compatibility

Claude Desktopfull

Cursorfull

Windsurfuntested

VS Code (Copilot)untested

Security Notes

Exposure of private key or mnemonic phrase can lead to complete compromise of associated accounts.
Reliance on Etherscan API for ABI fetching introduces a single point of failure and potential data integrity issues.
Unvalidated smart contract interactions can result in loss of funds or unintended state changes.
Hardcoded server configuration limits flexibility and may expose default settings.
Improperly constrained AI agents can execute unintended or malicious transactions.

Best For

AI agents needing to interact with multiple EVM chains.
Applications requiring access to blockchain data and smart contract functionality.
Developers building tools for token management and transaction execution.
Researchers analyzing blockchain data and network activity.