PolicyLayer MCP

Non-custodial spending controls for AI agent crypto wallets — enforce daily limits, per-tx caps, and recipient whitelists.

View on npmjs.com

@policylayer/mcp

MCP server for PolicyLayer spending controls. Add policy-governed payments to any AI agent in one config block.

Works with Claude Desktop, Claude Code, Cursor, and any MCP-compatible client.

Quick start

Read-only mode (validate, check budget, view history)

{ "mcpServers": { "policylayer": { "command": "npx", "args": ["-y", "@policylayer/mcp"], "env": { "POLICYLAYER_API_KEY": "pl_live_xxx" } } } }

Execution mode (send transactions)

{ "mcpServers": { "policylayer": { "command": "npx", "args": ["-y", "@policylayer/mcp"], "env": { "POLICYLAYER_API_KEY": "pl_live_xxx", "WALLET_ADAPTER": "viem", "WALLET_PRIVATE_KEY": "0x...", "CHAIN": "base", "RPC_URL": "https://mainnet.base.org" } } } }

Get your API key at app.policylayer.com.

Tools

ToolModeDescription
validate_transactionread-onlyCheck if a transaction would be allowed. Advisory only, no budget reserved.
check_budgetread-onlyView remaining spending capacity across all policies.
list_policiesread-onlyList active spending policies for your API key.
transaction_historyread-onlyRecent policy decisions for audit and context.
send_transactionexecutionValidate, sign, and broadcast a policy-governed transaction.

validate_transaction

Dry-run policy check. The agent can call this freely without side effects.

> validate_transaction chain="base" asset="usdc" to="0x742d...bD18" amount="100.50"

Transaction would be approved.

Chain: Base
Asset: USDC
Amount: 100.50 USDC
To: 0x742d...bD18

Policy checks: all passed.
Remaining daily budget: 549.50 USDC

Note: This is an advisory check. No budget has been reserved.
Use send_transaction to execute.

send_transaction

Full two-gate flow: validate against policies, sign locally, broadcast to chain.

Your private key never leaves your machine. PolicyLayer only sees the transaction intent, not the key.

> send_transaction chain="base" asset="usdc" to="0x742d...bD18" amount="100.50"

Transaction sent.

Chain: Base
Asset: USDC
To: 0x742d...bD18
Amount: 100.50 USDC
Tx hash: 0xabc123...def456
Block explorer: https://basescan.org/tx/0xabc123...def456

Remaining daily budget: 449.00 USDC

Environment variables

VariableRequiredDescription
POLICYLAYER_API_KEYyesAPI key from the PolicyLayer dashboard.
WALLET_ADAPTERnoviem (default) or ethers.
WALLET_PRIVATE_KEYnoEnables execution mode.
CHAINnoRequired with wallet. e.g. base, ethereum.
RPC_URLnoRequired for viem/ethers adapters.
POLICYLAYER_API_URLnoOverride API URL. Defaults to https://api.policylayer.com.

Supported assets

Amounts are human-readable. The server handles conversion to base units.

AssetDecimalsNative on
ETH18Ethereum, Base, Arbitrum, Optimism
USDC6Token addresses auto-resolved for Ethereum, Base, Arbitrum, Polygon
USDT6Ethereum
DAI18Ethereum
WETH18Base
MATIC18Polygon
SOL9Solana

For unlisted tokens, provide the tokenAddress parameter.

How it works

PolicyLayer enforces spending limits on AI agent wallets without custodying private keys.

  1. Agent calls a tool (e.g. send_transaction)
  2. MCP server converts human amounts to base units, resolves token addresses
  3. PolicyLayer API evaluates the transaction against your spending policies
  4. If approved, the transaction is signed locally using your wallet adapter
  5. Transaction is broadcast to the chain

If the API is unreachable, all transactions are blocked (fail-closed).

Programmatic usage

import { createServer } from '@policylayer/mcp';

const server = createServer({ apiKey: process.env.POLICYLAYER_API_KEY!, apiUrl: 'https://api.policylayer.com', });

Requirements

  • Node.js >= 20
  • A PolicyLayer account with API key and configured spending policies

Links

  • PolicyLayer Dashboard
  • Documentation
  • GitHub

Licence

MIT

Related Servers