Griphook is an MCP server enabling AI assistants to interact with the STRATO blockchain's DeFi ecosystem through 67 tools for reading data and executing transactions.
Read Operations:
Tokens & Balances: Fetch token catalog, user balances, voucher balances, earning assets, and token history
Swap Pools: Inspect pools, LP positions, supported token pairs, pool details, and price history
Lending: View lending pools, loans, liquidity, collateral positions, liquidation opportunities, and safety module state
CDP Vaults: Monitor vaults, assets, debt metrics, bad debt, interest rates, and statistics
Bridge: Track bridge networks, bridgeable tokens, deposit/withdrawal history, and transaction summaries
Rewards: Check rewards overview, user activities, pending balances, and leaderboard standings
Admin & Governance: View user profiles, administrators, open governance issues, contract details, and protocol configuration
Events: Search and query on-chain events
Protocol Revenue: Fetch aggregated or per-protocol fee/revenue data (CDP, lending, swap, gas)
RPC Proxy: Execute raw JSON-RPC requests through the backend router
Write Operations:
Token Management: Create tokens (admin), transfer, approve spending allowances, transfer on behalf of others, set token status (admin)
Swap Operations: Create pools, add/remove liquidity (single or dual-sided), execute swaps with slippage protection
Lending: Supply/withdraw collateral, borrow/repay USDST (including max amounts), deposit/withdraw liquidity, stake/unstake in safety module, execute liquidations, configure parameters (admin), sweep reserves (admin), set debt ceilings (admin), pause/unpause operations (admin)
CDP Vaults: Deposit/withdraw collateral, mint/repay USDST (including max amounts), liquidate positions, manage junior notes (open/top-up/claim), configure collateral parameters (admin), toggle asset support (admin), pause/unpause operations (admin)
Bridge: Request withdrawals to external chains and auto-save transactions
Rewards: Claim CATA rewards from RewardsChef, claim rewards for specific activities, or claim all rewards
Administration & Governance: Add/remove administrators, cast votes on proposals, dismiss governance issues, set oracle prices (admin)
⚠️ Security: Requires OAuth 2.0 authentication. Can move funds and change on-chain state—use with caution.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@GriphookCheck my token balances and active lending positions"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Griphook
███████╗████████╗██████╗ █████╗ ████████╗ ██████╗
██╔════╝╚══██╔══╝██╔══██╗██╔══██╗╚══██╔══╝██╔═══██╗
███████╗ ██║ ██████╔╝███████║ ██║ ██║ ██║
╚════██║ ██║ ██╔══██╗██╔══██║ ██║ ██║ ██║
███████║ ██║ ██║ ██║██║ ██║ ██║ ╚██████╔╝
╚══════╝ ╚═╝ ╚═╝ ╚═╝╚═╝ ╚═╝ ╚═╝ ╚═════╝
██████╗ ██████╗ ██╗██████╗ ██╗ ██╗ ██████╗ ██████╗ ██╗ ██╗
██╔════╝ ██╔══██╗██║██╔══██╗██║ ██║██╔═══██╗██╔═══██╗██║ ██╔╝
██║ ███╗██████╔╝██║██████╔╝███████║██║ ██║██║ ██║█████╔╝
██║ ██║██╔══██╗██║██╔═══╝ ██╔══██║██║ ██║██║ ██║██╔═██╗
╚██████╔╝██║ ██║██║██║ ██║ ██║╚██████╔╝╚██████╔╝██║ ██╗
╚═════╝ ╚═╝ ╚═╝╚═╝╚═╝ ╚═╝ ╚═╝ ╚═════╝ ╚═════╝ ╚═╝ ╚═╝Griphook is an MCP (Model Context Protocol) server that connects AI agents to the STRATO blockchain platform.
What is STRATO?
STRATO is a blockchain platform with a comprehensive DeFi ecosystem including token management, decentralized exchange, lending markets, CDP vaults, cross-chain bridging, and governance.
What is Griphook?
Griphook lets AI assistants like Claude interact with STRATO. Through 67 MCP tools, your AI can:
Read token balances, swap pools, lending positions, CDP vaults, and protocol metrics
Execute swaps, lending operations, borrowing, bridging, and reward claims
Manage platform administration and governance voting
Quick Start
Public hosted instances are available for both production and testnet:
Environment | Login URL | MCP Endpoint |
Production |
| |
Testnet |
|
Visit the login URL to sign in and get a token
Add to your MCP config (e.g.,
.mcp.jsonfor Claude Code):
{
"mcpServers": {
"griphook": {
"type": "http",
"url": "https://griphook.strato.nexus/mcp",
"headers": { "Authorization": "Bearer <your-token>" }
}
}
}See AI Coding Tool Compatibility for tool-specific configurations.
Running Your Own Instance
To run your own Griphook server, add to .mcp.json:
{
"mcpServers": {
"griphook": {
"command": "node",
"args": ["/path/to/griphook/dist/cli.js", "serve"],
"env": {
"OAUTH_CLIENT_ID": "your-client-id",
"OAUTH_CLIENT_SECRET": "your-client-secret",
"OPENID_DISCOVERY_URL": "https://keycloak.blockapps.net/auth/realms/mercata/.well-known/openid-configuration",
"STRATO_API_BASE_URL": "https://buildtest.mercata-testnet.blockapps.net/api"
}
}
}
}Environment Variables
Required for Login
Variable | Description |
| OAuth 2.0 client ID |
| OAuth 2.0 client secret |
| OpenID Connect discovery endpoint |
Required for Server
Variable | Default | Description |
|
| STRATO API base URL |
|
| HTTP request timeout (ms) |
HTTP Transport
Variable | Default | Description |
|
| Enable HTTP transport |
|
| Bind address |
|
| Port |
Hosted Mode
Variable | Description |
| Public URL (enables multi-user auth) |
Deploying a Hosted Instance
Set GRIPHOOK_PUBLIC_URL to enable multi-user deployment with per-request authentication. You'll also need to add the redirect URI https://<your-domain>/login/callback to your Keycloak client.
GRIPHOOK_PUBLIC_URL=https://griphook.testnet.strato.nexus npm startThe server exposes /.well-known/oauth-protected-resource (RFC 9728). MCP clients with OAuth support authenticate automatically. For clients without OAuth support, visit /login to get a Bearer token.
See deployment guide for full setup including Keycloak, DNS, nginx, and SSL configuration.
Troubleshooting
Error | Solution |
| Set OAuth env vars before |
| Check credentials and discovery URL |
| Token expired - run |
| Check |
AI Coding Tool Compatibility
Griphook works with any MCP-enabled AI coding tool. All tools use the same authentication flow: sign in at /login to get a token, then add it to your tool's config.
Supported Tools
Tool | Config File | Type Field |
Cursor |
|
|
Claude Code |
|
|
Codex |
|
|
Kilo Code |
|
|
Cline |
|
|
OpenCode |
|
|
VS Code Copilot |
|
|
Example Configurations
Cursor (.cursor/mcp.json or ~/.cursor/mcp.json):
{
"mcpServers": {
"griphook": {
"type": "http",
"url": "https://griphook.strato.nexus/mcp",
"headers": {
"Authorization": "Bearer <your-token>"
}
}
}
}Claude Code (.mcp.json or ~/.claude.json):
{
"mcpServers": {
"griphook": {
"type": "http",
"url": "https://griphook.strato.nexus/mcp",
"headers": {
"Authorization": "Bearer <your-token>"
}
}
}
}Codex (~/.codex/config.toml):
[mcp_servers.griphook]
type = "http"
url = "https://griphook.strato.nexus/mcp"
[mcp_servers.griphook.headers]
Authorization = "Bearer <your-token>"Kilo Code (.kilocode/mcp.json):
{
"mcpServers": {
"griphook": {
"type": "streamable-http",
"url": "https://griphook.strato.nexus/mcp",
"headers": {
"Authorization": "Bearer <your-token>"
}
}
}
}Cline (cline_mcp_settings.json):
{
"mcpServers": {
"griphook": {
"type": "streamableHttp",
"url": "https://griphook.strato.nexus/mcp",
"headers": {
"Authorization": "Bearer <your-token>"
}
}
}
}OpenCode (opencode.json):
{
"mcp": {
"griphook": {
"type": "remote",
"url": "https://griphook.strato.nexus/mcp",
"headers": {
"Authorization": "Bearer <your-token>"
}
}
}
}VS Code Copilot (.vscode/mcp.json):
{
"servers": {
"griphook": {
"type": "http",
"url": "https://griphook.strato.nexus/mcp",
"headers": {
"Authorization": "Bearer <your-token>"
}
}
}
}Known Issues
Cursor: Tools may appear in the sidebar but not be callable in chat. Try using global config (
~/.cursor/mcp.json) and restart Cursor.VS Code Copilot: Requires VS Code 1.102+ with Agent Mode enabled (
chat.agent.enabled).
License
Security
This tool can move funds and change on-chain state. Treat it accordingly.
Credentials are stored unencrypted at
~/.griphook/credentials.json(file0600, dir0700). Protect your filesystem.HTTP transport binds to
127.0.0.1without TLS. Keep it local or front with HTTPS + auth if exposed.Report vulnerabilities privately to maintainers rather than opening public issues.