xrpl-identity-mcp
Provides tools for managing identity on the XRP Ledger, including DID resolution and management, credential creation and verification, multisig signer lists, and safe transaction prepare/verify/submit workflows.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@xrpl-identity-mcpresolve DID for rN7n7ot6dSgW6sZJ9hVqJ7g5YbJ6cX8kL"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
xrpl-identity-mcp
xrpl-identity-mcp is the first identity-focused MCP server for the XRP Ledger: DIDs (XLS-40), credentials (XLS-70), multisig signer lists, and safe transaction prepare/verify/submit workflows. It prepares unsigned transactions, reads ledger state, verifies signed blobs against intent, and can submit pre-signed blobs without ever taking custody of keys.
Built by Jarod Vyent, from the team behind SciPHR.
Security Model
These invariants are core behavior:
No key custody. The server has no seed, private key, mnemonic, wallet import, or signing path. Signing happens in the user's wallet or agent.
Network is explicit.
XRPL_NETWORKismainnet,testnet, ordevnet. The default istestnet. Every tool result includesnetwork.Mainnet submit is opt-in.
tx_submit_signedon mainnet is blocked unlessALLOW_MAINNET_SUBMIT=trueis set.Prepare, verify, then submit. Write workflows return unsigned JSON with instructions to sign externally, call
tx_decode_verify, and only then calltx_submit_signed.
Related MCP server: attest-mcp-server
Quickstart
Claude MCP:
claude mcp add xrpl-identity -- npx -y xrpl-identity-mcpGeneric MCP client config:
{
"mcpServers": {
"xrpl-identity": {
"command": "npx",
"args": ["-y", "xrpl-identity-mcp"],
"env": {
"XRPL_NETWORK": "testnet"
}
}
}
}Environment variables:
Variable | Values | Default | Purpose |
|
|
| Selects the XRPL network. |
| WebSocket URL | Network default | Overrides the rippled WebSocket endpoint. |
|
| unset | Required for |
Default endpoints:
Network | Endpoint |
|
|
|
|
|
|
Tools
Tool | What it does | Network writes? |
| Resolve an XLS-40 DID object and fetch an | No |
| Prepare an unsigned | No |
| Prepare an unsigned | No |
| Prepare an unsigned | No |
| Prepare an unsigned | No |
| Prepare an unsigned | No |
| Read a credential object and report existence, acceptance, and expiration. | No |
| List up to 400 credential objects visible to an account, with issuer/subject filtering. | No |
| Summarize auth posture, signer list, DID presence, and credential counts for an account. | No |
| Prepare an unsigned | No |
| Decode a signed blob, compute hash, and compare against expected intent. | No |
| Submit a pre-signed blob and poll for validation. Mainnet requires | Yes |
Example Agent Flows
Resolve a DID and read its document:
Call
did_resolvewithaddressset to a classic XRPL address ordid:xrpl:<address>.Inspect
decoded.URI,decoded.Data, anddecoded.DIDDocument.If the URI is
ipfs://orhttps://, inspectdocumentanddocumentSource. Only text and JSON documents are inlined; binary content (for example an image) is reported asdocumentSource,documentContentType, anddocumentByteLengthwithdocumentSkippedexplaining why the body was omitted.
Issue and accept a credential on testnet:
Set
XRPL_NETWORK=testnet.Call
credential_prepare_createwith issuer, subject, credential type, optional expiration, and optional URI.Sign the returned
unsignedTxexternally with the issuer account.Call
tx_decode_verifywith the signed blob and the expected intent.Call
tx_submit_signed.Call
credential_prepare_acceptfor the subject, sign externally, verify withtx_decode_verify, then submit.Call
credential_verifyto confirmaccepted: trueandexpired: false.
Verify a signed blob before submitting:
Call
tx_decode_verifywithsignedBloband anexpectedIntentpartial transaction JSON.Check
matchesand anymismatches.Submit only when the decoded transaction matches the user's intent.
Development
npm install
npm run typecheck
npm run build
SKIP_INTEGRATION=1 npm testIntegration tests target testnet and are skipped when SKIP_INTEGRATION=1. To run the account summary integration test, set XRPL_INTEGRATION_ACCOUNT to a funded testnet account address.
License
MIT
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/jarod-vyent/xrpl-identity-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server