Model Context Protocol moderate risk

Web3

Web3 MCP provides access to Ankr's Advanced API, enabling LLMs to interact with blockchain data across multiple chains for querying and NFT/token information.

Connections & Capabilities

Connects To

GitHub

Capabilities

readwrite

Quickstart

Config

{
  "mcpServers": {
    "web3": {
      "command": "uvx",
      "args": [
        "web3-mcp"
      ],
      "env": {
        "ANKR_ENDPOINT": "https://rpc.ankr.com/...",
      }
    }
  }
}

Exposed MCP Tools (4)

safe

get_nfts_by_owner

Retrieves NFTs owned by a specified wallet address.

Read-only operation; retrieves data without modifying blockchain state.

safe

get_account_balance

Fetches the token balances for a given wallet address.

Read-only operation; retrieves data without modifying blockchain state.

safe

get_transactions_by_hash

Retrieves transaction details based on its hash.

Read-only operation; retrieves data without modifying blockchain state.

safe

get_nft_metadata

Retrieves metadata for a specific NFT.

Read-only operation; retrieves data without modifying blockchain state.

Safety Assessment

Web3 MCP is relatively safe for read-only operations, providing access to blockchain data through Ankr's API. However, the presence of a private key for authenticated requests introduces risk if the key has write permissions or is compromised. Proper configuration and monitoring are essential to mitigate potential risks.

Read-only access to blockchain data by default
Utilizes Ankr's API, abstracting direct blockchain interaction
Environment variable configuration for sensitive information
Well-defined API categories limit scope of potential misuse

ANKR_PRIVATE_KEY allows authenticated requests, potentially enabling write operations if the key has such permissions.
Reliance on external Ankr API introduces a dependency and potential point of failure.
Improperly secured ANKR_ENDPOINT could expose data to unauthorized access.
Potential for rate limiting or API abuse if not properly managed.