MCP Server — Model Context Protocol for Solana Wallet Operations
Model Context Protocol server exposing tools, resources, and prompts for AI agent consumption over stdio transport with session keypair management.
Architecture
CODEBLOCK0
Tools (7)
| Tool | Description |
|---|
| INLINECODE0 | Generate a new random Solana keypair |
| INLINECODE1 |
Generate vanity address with prefix/suffix |
|
estimate_vanity_time | Estimate time for vanity pattern |
|
validate_address | Validate a Solana Base58 address |
|
sign_message | Sign a message with session keypair |
|
verify_signature | Verify a signed message |
|
restore_keypair | Restore keypair from secret key bytes |
Resources (3)
| URI Pattern | Description |
|---|
| INLINECODE7 | Current session keypair info |
| INLINECODE8 |
Specific keypair by ID |
|
solana://address/{address} | Address validation details |
Prompts (3)
| Prompt | Description |
|---|
| INLINECODE10 | Guide user through wallet generation |
| INLINECODE11 |
Guide vanity address generation with difficulty estimate |
|
security-review | Review security of wallet operations |
Session State Management
CODEBLOCK1
Security Model
- - Session keypair is zeroized when replaced or server shuts down
- No network calls for key generation
- All crypto uses
@solana/web3.js only - Zod schemas validate all tool inputs
- Secret key bytes are never logged or exposed in resources
Patterns to Follow
- - Validate all inputs with Zod schemas before processing
- Zeroize secret keys when replaced or on shutdown
- Return structured JSON for all tool responses
- Use descriptive error messages for validation failures
- Keep session state minimal — one active keypair at a time
Common Pitfalls
- - Session keypair is ephemeral — lost when server restarts
- INLINECODE14� is single-threaded — long prefixes will be slow
- INLINECODE15� requires an active session keypair —
generate_keypair first - Resource URIs are case-sensitive
技能名称: Pump MCP服务器
详细描述:
MCP服务器 — Solana钱包操作的模型上下文协议
模型上下文协议服务器,通过stdio传输和会话密钥对管理,为AI代理消费提供工具、资源和提示。
架构
AI代理(Claude等)
│
stdio传输
│
SolanaWalletMCPServer
│
┌────┼────────┬──────────┐
│ │ │ │
工具 资源 提示 会话
│ │ │ 状态
7 3 3 │
工具 类型 提示 密钥对
工具(7个)
| 工具 | 描述 |
|---|
| generatekeypair | 生成新的随机Solana密钥对 |
| generatevanity |
生成带有前缀/后缀的虚荣地址 |
| estimate
vanitytime | 估计虚荣模式所需时间 |
| validate_address | 验证Solana Base58地址 |
| sign_message | 使用会话密钥对签署消息 |
| verify_signature | 验证已签署的消息 |
| restore_keypair | 从密钥字节恢复密钥对 |
资源(3个)
| URI模式 | 描述 |
|---|
| solana://keypair/current | 当前会话密钥对信息 |
| solana://keypair/{id} |
按ID指定的密钥对 |
| solana://address/{address} | 地址验证详情 |
提示(3个)
| 提示 | 描述 |
|---|
| generate-wallet | 引导用户完成钱包生成 |
| vanity-address |
引导虚荣地址生成并附带难度估计 |
| security-review | 审查钱包操作的安全性 |
会话状态管理
typescript
class SolanaWalletMCPServer {
private sessionKeypair: Keypair | null = null;
generateKeypair(): KeypairInfo {
if (this.sessionKeypair) {
this.sessionKeypair.secretKey.fill(0); // 清零旧密钥
}
this.sessionKeypair = Keypair.generate();
return this.getKeypairInfo();
}
}
安全模型
- - 会话密钥对在被替换或服务器关闭时清零
- 密钥生成不涉及网络调用
- 所有加密操作仅使用@solana/web3.js
- Zod模式验证所有工具输入
- 密钥字节永远不会被记录或在资源中暴露
应遵循的模式
- - 在处理前使用Zod模式验证所有输入
- 在替换或关闭时清零密钥
- 所有工具响应返回结构化JSON
- 对验证失败使用描述性错误消息
- 保持会话状态最小化——一次只激活一个密钥对
常见陷阱
- - 会话密钥对是临时的——服务器重启后丢失
- generatevanity是单线程的——长前缀会变慢
- signmessage需要激活的会话密钥对——先执行generate_keypair
- 资源URI区分大小写
