Provides file format compatibility with the CryptoSeed iOS app, allowing users to generate encrypted .seed files that can be decrypted on iOS devices.
Integrates with the macOS Keychain for the secure storage of encryption keys and identities, ensuring private keys are never stored in plain text on disk.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@cryptoseed-mcpencrypt the file 'notes.txt' using my 'personal' key"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
cryptoseed-mcp
MCP server for CryptoSeed encryption. Gives any MCP-compatible AI agent the ability to encrypt and decrypt text and files using ChaCha20-Poly1305 (symmetric) and X25519+HKDF (asymmetric).
Keys are stored in the macOS Keychain — never on disk in plain text.
Encrypted .seed files are fully compatible with the CryptoSeed iOS app.
Setup
1. Add to Claude Desktop
Edit ~/Library/Application Support/Claude/claude_desktop_config.json:
{
"mcpServers": {
"cryptoseed": {
"command": "npx",
"args": ["-y", "cryptoseed-mcp"]
}
}
}Restart Claude Desktop. The 11 CryptoSeed tools will appear automatically.
2. Or run directly
npx cryptoseed-mcpTools
Key management (symmetric)
Tool | Description |
| Generate a 256-bit key, save to Keychain |
| List saved key aliases |
Identity management (asymmetric)
Tool | Description |
| Generate an X25519 keypair, save private key to Keychain |
| Print public key as base64 (share with senders) |
| List saved identity aliases |
Encrypt
Tool | Description |
| Encrypt text with a symmetric key → base64 |
| Encrypt a file → |
| Encrypt a message to a recipient's public key → base64 blob |
Decrypt
Tool | Description |
| Decrypt base64 ciphertext with a symmetric key |
| Decrypt a |
| Decrypt a message encrypted to your identity |
Agent-to-agent encrypted messaging
This is where it gets interesting. Each agent can have its own identity:
Agent A creates identity: identity_new "agent_a"
Agent A shares pubkey: identity_pubkey "agent_a" → <pubkey_b64>
Agent B encrypts to A: encrypt_asym "<pubkey_b64>" "secret payload" → <blob>
Agent A decrypts: decrypt_asym "agent_a" "<blob>" → "secret payload"Only Agent A's private key (in its Keychain) can decrypt. The blob can travel through any channel — email, Slack, GitHub, another AI tool — without being readable.
File format compatibility
.seed files produced by this MCP server use the exact same binary format as:
CryptoSeed iOS app
cryptoseedmacOS CLI
This means a file encrypted here can be decrypted in the iOS app (after importing the key) and vice versa.
Key transfer between tools
This MCP server and the cryptoseed CLI use separate Keychain entries (to avoid binary format conflicts). To use a key from the CLI in the MCP server, use the CLI's export/import commands:
cryptoseed key export mykey # → recovery envelope (base64)
# then in Claude: import the envelope via key_new or a future key_import toolRequirements
macOS (Keychain)
Node.js >= 18
This server cannot be installed
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.