monad-mcp is an MCP server that plugs the Monad blockchain into your AI agent. Paste one URL — your agent can read balances, prices, and portfolios instantly. Unlock transfers, swaps, staking, lending, and bridging behind your approval. Wallet keys stay with Privy.
Get connected
You only need to add one hosted connector URL to Claude or ChatGPT. No wallet setup, no keys, no install. Once connected, ask for Monad balances, tokens, prices, and portfolios in plain English.
Use Claude's connector settings. This works in Claude on the web and in the desktop app.
Open Settings, then choose Connectors.
Choose Add custom connector. Name it monad.
https://monad-mcp.fly.dev/mcp
Turn on the Monad connector and ask for a balance, token, price, or portfolio.
Use ChatGPT's Apps or Connectors settings to add the hosted Monad connector.
In ChatGPT settings, open Apps or Connectors.
Choose Create or Add custom connector. Name it monad.
https://monad-mcp.fly.dev/mcp
Choose no authentication if ChatGPT asks.
Let ChatGPT scan the tools, save the connector, then enable it in a chat.
Claude Code is the developer-style client. If you use it, paste this one command into your terminal.
claude mcp add --transport http monad https://monad-mcp.fly.dev/mcp
The hosted connector may take a few seconds to wake up if it has been idle.
Why monad-mcp
A person will approve every transaction. An agent running a strategy at 2am won't. The hard part isn't wrapping an RPC — it's letting an agent act autonomously inside a boundary you trust.
Privy holds the wallet private key in a TEE. The MCP server builds unsigned transactions and hands them off — it can never move funds without approval or a scoped grant.
Write actions return a one-time approval link with a simulated asset diff. You review and confirm; the agent polls for the tx hash.
Authorize a scoped budget once — spend cap, expiry, recipient + function allowlists — and the agent transacts within it, no per-tx clicks.
Each grant is mirrored as a Privy wallet policy, so Privy itself refuses transactions outside the envelope — even if the server is compromised.
The write flow
From “send 1 MON” to a confirmed transaction — without the agent ever holding a key.
“Stake 1 MON with FastLane, then send 0.1 MON to alice.mon.”
The MCP server encodes the call with viem, simulates the asset changes, and stores it — returning an approval URL carrying a one-time capability token.
Open the link, see exactly what moves, confirm. Privy signs with your embedded wallet. Or grant a session key once and skip this for everything inside the budget.
It polls the request, gets the transaction hash, and shows you the explorer link. Done.
See it for real
These are the server's read tools running against a live Monad RPC, right in your browser. No wallet, no signing — exactly what your agent sees before it ever proposes a transaction.
// pick a tool, paste an address, hit Run. // this calls Monad JSON-RPC directly — the same reads the agent makes.
holder,token).This is the same live Monad data your AI app gets through the hosted connector.
The full surface
● read (no auth) ● write (Privy-signed, approval or session key)
Common questions
No. The agent does not get a private key. It proposes unsigned transactions; you approve them in the browser unless the action fits inside a session-key grant you already approved.
Yes. The hosted endpoint exposes read tools for balances, portfolio data, token lookup, transaction history, receipts, and contract reads.
No. The public setup uses the hosted Monad connector. Add the URL in Claude or ChatGPT and start asking questions.
The server stores a transaction request and returns an approval URL. You review the summary, approve or reject, and the agent polls for the final status.
Scoped grants for limited autonomy. You can cap spend, set an expiry, restrict target addresses, and restrict function selectors.
Start on testnet. Before mainnet use, verify Privy setup, protocol addresses, token addresses, approval URLs, and session-key limits.
Full FAQ: docs/FAQ.md