Skip to main content
Glama
azeth-protocol

mcp-azeth

by azeth-protocol
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Hybrid

azeth_whitelist_protocol

Manage smart account protocol whitelists to enable automated DeFi interactions through executor modules. Add or remove contract addresses to control which protocols can operate on your behalf.

Instructions

Add or remove a protocol (contract address) from your smart account's guardian whitelist.

Use this when: You need to interact with a new DeFi protocol or contract through executor modules (like PaymentAgreementModule). Protocols must be whitelisted for automated operations to succeed.

The "protocol" field must be a valid Ethereum address of the contract to whitelist.

Returns: Confirmation of the whitelist update with transaction hash.

Note: This requires a UserOperation (gas). Only the account owner can modify whitelists. Whitelisting a protocol allows executor modules to interact with it on your behalf. Whitelist additions require guardian co-signature for security.

Example: { "protocol": "0x71D52798e3D0f5766f6f0AFEd6710EB5D1FF4DF9", "allowed": true }

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
chainNoTarget chain. Defaults to AZETH_CHAIN env var or "baseSepolia". Accepts "base", "baseSepolia", "ethereumSepolia", "ethereum" (and aliases like "base-sepolia", "eth-sepolia", "sepolia", "eth", "mainnet").
protocolYesProtocol/contract address to whitelist or delist (0x...).
allowedYestrue to whitelist, false to remove from whitelist.
smartAccountNoSmart account address, name, or "#N". Defaults to first smart account.

Implementation Reference

  • src/tools/guardian.ts:232-292 (handler)
    The handler implementation for the azeth_whitelist_protocol tool. It validates the address, resolves the smart account, calls client.setProtocolWhitelist, and handles potential errors including guardian co-signature requirements.
      async (args) => {
    if (!validateAddress(args.protocol)) {
      return error('INVALID_INPUT', `Invalid protocol address: "${args.protocol}".`, 'Must be 0x-prefixed followed by 40 hex characters.');
    }

    let client;
    try {
      client = await createClient(args.chain);

      let account: `0x${string}`;
      if (args.smartAccount) {
        try {
          account = (await resolveSmartAccount(args.smartAccount, client))!;
        } catch (resolveErr) {
          return handleError(resolveErr);
        }
      } else {
        account = await client.resolveSmartAccount();
      }

      const txHash = await client.setProtocolWhitelist(
        args.protocol as `0x${string}`,
        args.allowed,
        account,
      );

      const action = args.allowed ? 'whitelisted' : 'removed from whitelist';
      // Resolve protocol name for known Azeth contracts
      const chain = resolveChain(args.chain);
      const contracts = AZETH_CONTRACTS[chain];
      const protocolLower = args.protocol.toLowerCase();
      let protocolName = args.protocol.slice(0, 6) + '...' + args.protocol.slice(-4);
      if (protocolLower === contracts.paymentAgreementModule.toLowerCase()) protocolName = 'PaymentAgreementModule';
      else if (protocolLower === contracts.reputationModule.toLowerCase()) protocolName = 'ReputationModule';
      else if (protocolLower === contracts.trustRegistryModule.toLowerCase()) protocolName = 'TrustRegistryModule';
      else if (protocolLower === contracts.guardianModule.toLowerCase()) protocolName = 'GuardianModule';
      else if (protocolLower === contracts.factory.toLowerCase()) protocolName = 'AzethFactory';

      return success(
        {
          protocol: args.protocol,
          protocolName,
          allowed: args.allowed,
          message: `${protocolName} (${args.protocol}) ${action} on account ${account}.`,
        },
        { txHash },
      );
    } catch (err) {
      // Detect AA24 signature validation failure — common for guardian-gated operations
      if (err instanceof Error && /AA24/.test(err.message)) {
        return guardianRequiredError(
          'Protocol whitelisting requires guardian co-signature (guardrail-loosening change).',
          { operation: 'whitelist_protocol' },
        );
      }
      return handleError(err);
    } finally {
      try { await client?.destroy(); } catch (e) { process.stderr.write(`[azeth-mcp] destroy error: ${e instanceof Error ? e.message : String(e)}\n`); }
    }
  },
);
  • src/tools/guardian.ts:205-231 (registration)
    Registration of the azeth_whitelist_protocol tool, including its schema and description.
    server.registerTool(
  'azeth_whitelist_protocol',
  {
    description: [
      'Add or remove a protocol (contract address) from your smart account\'s guardian whitelist.',
      '',
      'Use this when: You need to interact with a new DeFi protocol or contract through',
      'executor modules (like PaymentAgreementModule). Protocols must be whitelisted for',
      'automated operations to succeed.',
      '',
      'The "protocol" field must be a valid Ethereum address of the contract to whitelist.',
      '',
      'Returns: Confirmation of the whitelist update with transaction hash.',
      '',
      'Note: This requires a UserOperation (gas). Only the account owner can modify whitelists.',
      'Whitelisting a protocol allows executor modules to interact with it on your behalf.',
      'Whitelist additions require guardian co-signature for security.',
      '',
      'Example: { "protocol": "0x71D52798e3D0f5766f6f0AFEd6710EB5D1FF4DF9", "allowed": true }',
    ].join('\n'),
    inputSchema: z.object({
      chain: z.string().optional().describe('Target chain. Defaults to AZETH_CHAIN env var or "baseSepolia". Accepts "base", "baseSepolia", "ethereumSepolia", "ethereum" (and aliases like "base-sepolia", "eth-sepolia", "sepolia", "eth", "mainnet").'),
      protocol: z.string().describe('Protocol/contract address to whitelist or delist (0x...).'),
      allowed: z.boolean().describe('true to whitelist, false to remove from whitelist.'),
      smartAccount: z.string().optional().describe('Smart account address, name, or "#N". Defaults to first smart account.'),
    }),
  },

Tool Definition Quality

A4.9/5.0
Behavior5/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries full behavioral disclosure burden and succeeds comprehensively. It discloses: gas requirements ('requires a UserOperation'), authorization constraints ('Only the account owner can modify'), security model ('require guardian co-signature'), side effects ('allows executor modules to interact with it'), and return values ('Confirmation...with transaction hash').

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Appropriately structured with clear semantic sections (action, usage context, parameter constraints, returns, notes, example). Every sentence delivers unique information without repetition. The description is front-loaded with the core purpose and avoids redundancy with the schema.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the complexity of smart account operations and absence of annotations/output schema, the description provides complete operational context. It covers security implications (guardian co-signature), cost model (UserOperation/gas), authorization (owner-only), and return format (transaction hash), which is sufficient for safe and correct invocation.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

With 100% schema coverage, the baseline is 3. The description adds value by specifying that the protocol field must be a 'valid Ethereum address' and provides a concrete JSON example showing the expected format. However, it could have elaborated on the 'chain' parameter aliases or 'smartAccount' naming conventions beyond what the schema lists.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description opens with a precise action statement: 'Add or remove a protocol (contract address) from your smart account's guardian whitelist.' It uses specific verbs (add/remove) and identifies the exact resource (protocol/contract address vs sibling tool azeth_whitelist_token which handles tokens), clearly distinguishing scope from the 25+ sibling tools available.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines5/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Explicitly states 'Use this when:' followed by the specific scenario (interacting with new DeFi protocols through executor modules). It further clarifies the prerequisite constraint that 'Protocols must be whitelisted for automated operations to succeed,' providing clear context for when this tool is necessary versus alternative approaches.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/azeth-protocol/mcp-azeth'

If you have feedback or need assistance with the MCP directory API, please join our Discord server