The DUAL MCP Server provides AI-native access to the DUAL Web3 tokenization platform through 115 tools across 17 modules, enabling AI agents to manage tokens, blockchain infrastructure, and platform resources.
Authentication & Wallet Management: Login (email/phone/password, guest), register accounts, verify email, reset passwords, update profiles, and look up wallets by ID.
Organization Management: Create and manage multi-tenant workspaces, add/remove members with role-based access control, create custom roles, and check balances.
Token Templates: Full CRUD for token templates defining structure, properties, allowed actions, and access rules. Create template variations with property overrides.
Tokenized Objects: List, retrieve, update, and search tokenized asset instances. Navigate object hierarchies (parents/children), view audit logs, and count objects matching filter criteria.
Event Bus & Actions: Execute single or batch actions atomically (up to 50 at once) on objects (mint, transfer, redeem, etc.). Register custom action types with payload validation schemas.
Visual Faces: Attach image, 3D model, or web view representations to templates across platforms (web, iOS, Android).
Storage: Upload files, retrieve public URLs, manage template-associated assets, and delete stored files.
Webhooks: Register real-time event subscriptions filtered by type, template, or action. Test endpoints with custom payloads.
Notifications: Send messages to wallet recipients via email, push, or SMS. Manage reusable message templates with placeholder support.
Sequencer & ZK-Rollup: Query sequencer batches, inspect contained transactions, and list ZK-rollup checkpoints with proof data and state roots.
API Key Management: Create, list, and revoke API keys for server-to-server access.
Payments: View payment configuration (deposit addresses, supported tokens, fees) and list deposit transaction history.
Support: Send support messages and request access to gated platform features.
Public API (no auth required): Browse public templates and objects, search with filters, and retrieve platform-wide statistics.
AI Services (requires separate microservices):
Intelligence: Autonomous agents, lifecycle predictions, trending analysis, anomaly detection, knowledge graphs
Governance: Compliance rules & evaluation, audit logs, policy parsing, provenance verification
Creative: Token design generation, face templates, SVG rendering
Deployment: Local stdio transport (e.g., Claude Desktop) or remote HTTP with session isolation. Security includes SSRF protection, NoSQL injection prevention, Zod input validation, and rate limiting.
Supports SVG rendering for creative token designs and visual face templates within the DUAL platform.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@DUAL MCP ServerCreate a new token template for a loyalty reward program."
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
DUAL MCP Server
AI-native integration with the DUAL tokenization platform via the Model Context Protocol.
This MCP server enables AI agents to interact directly with the DUAL Web3 Operating System — minting tokens, managing templates, executing actions, deploying webhooks, and querying blockchain infrastructure. Not through screen scraping or API wrappers, but through native integration that treats AI agents as first-class users of the system.
Features
115 tools across 17 API modules
Full CRUD for wallets, organizations, templates, objects, faces, webhooks, notifications, and API keys
Event Bus — execute actions and batch operations atomically
Sequencer & ZK-Rollup — query batches and checkpoints
AI Services — intelligence (agents, predictions, knowledge graph), governance (compliance, provenance), creative (token design, face templates)
Public API — read-only access without authentication
Dual transport — stdio for local use, HTTP for remote deployment
Session-isolated HTTP — each HTTP request gets its own auth context
Quick Start
Install
npm install
npm run buildConfigure
Set your authentication via environment variables:
# Option 1: API Key (recommended for server-to-server)
export DUAL_API_KEY=your-api-key
# Option 2: JWT Token
export DUAL_ACCESS_TOKEN=your-jwt-token
# Option 3: Use the dual_login tool interactively (stdio mode only — see note below)Note on
dual_loginand HTTP mode: HTTP mode is stateless — each request creates a fresh server and API client, so any auth state set bydual_loginis discarded after that single request. For HTTP deployments, always supply credentials via environment variable (DUAL_API_KEYorDUAL_ACCESS_TOKEN) rather than callingdual_logininteractively. Interactive login viadual_loginonly works reliably in stdio mode.
Run
# stdio transport (for Claude, Cursor, etc.)
node dist/index.js
# HTTP transport (for remote/multi-client)
# MCP_SERVER_API_KEY is REQUIRED for HTTP mode
MCP_SERVER_API_KEY=your-secret TRANSPORT=http PORT=3100 node dist/index.jsClaude Desktop Configuration
Add to your claude_desktop_config.json:
{
"mcpServers": {
"dual": {
"command": "node",
"args": ["/path/to/dual-mcp-server/dist/index.js"],
"env": {
"DUAL_API_KEY": "your-api-key"
}
}
}
}API Modules & Tools
Core DUAL API (81 tools)
Module | Tools | Description |
Wallets | 11 | Authentication, registration, profile management, logout |
Organizations | 10 | Multi-tenant workspaces, members, roles |
Templates | 7 | Token template CRUD, variations |
Objects | 8 | Tokenized asset instances, search, hierarchy |
Actions (Event Bus) | 7 | Execute actions, batch operations, action types |
Faces | 6 | Visual representations (image, 3D, web) |
Storage | 4 | File upload, asset management |
Webhooks | 6 | Real-time event subscriptions |
Notifications | 5 | Message sending, templates |
Sequencer | 4 | Batch and ZK-rollup checkpoint queries |
API Keys | 3 | Programmatic access management |
Payments | 2 | Payment config, deposit history |
Support | 3 | Feature access requests, support messages |
Public API | 5 | Read-only public endpoints (no auth) |
AI Services (34 tools)
These tools require the DUAL AI microservices running alongside the server. See AI Service Dependencies below.
Module | Tools | Description |
Intelligence | 12 | Autonomous agents, lifecycle predictions, trending, anomalies, knowledge graph |
Governance | 14 | Compliance rules & evaluation, audit log, policy parsing, provenance verification |
Creative | 8 | Token design generation, face templates, SVG rendering |
Example Usage
Natural Language → Token Deployment
"Create a redeemable reward token for my brand with 1 million supply, set up a rule that expires after 12 months, and mint it on Base."
The AI agent uses:
dual_create_template— define the reward token structuredual_create_action_type— register "Redeem" and "Expire" actionsdual_execute_action— mint the initial supplydual_create_webhook— set up expiry monitoring
Querying Infrastructure
"Show me the latest ZK checkpoint and how many objects are on the platform."
dual_list_checkpoints— latest rollup statedual_public_get_stats— platform-wide statistics
Environment Variables
Variable | Description | Required |
| API key for DUAL platform authentication | One of these |
| JWT access token | One of these |
| JWT refresh token | No |
| API base URL (default: | No |
|
| No |
| HTTP port (default: | No |
| HTTP bind address (default: | No |
| Shared secret for HTTP endpoint auth | Yes (HTTP mode) |
| Comma-separated allowed origins (e.g. | No |
| Max requests per minute per IP (default: | No |
AI Service Dependencies
The intelligence, governance, and creative tool modules connect to separate DUAL AI microservices. If these services are not running, those 34 tools will return connection errors; the remaining 81 core tools are unaffected.
Variable | Default | Service |
|
| Intelligence (agents, predictions, graph) |
|
| Governance (compliance, provenance, policies) |
|
| Creative (token design, face rendering) |
Architecture
dual-mcp-server/
├── src/
│ ├── index.ts # Server factory, transport setup (stdio + HTTP)
│ ├── constants.ts # API URL, limits, MCP_SERVER_API_KEY
│ ├── schemas/
│ │ └── common.ts # Shared Zod schemas (pagination, IDs, filters)
│ ├── services/
│ │ ├── api-client.ts # ApiClient class (per-session auth + HTTP requests)
│ │ ├── ai-client.ts # HTTP client for AI microservices
│ │ ├── security.ts # SSRF, NoSQL injection, input validation
│ │ └── formatters.ts # Response formatting, truncation
│ └── tools/
│ ├── wallets.ts # 11 wallet tools (incl. login, logout)
│ ├── organizations.ts # 10 organization tools
│ ├── templates.ts # 7 template tools
│ ├── objects.ts # 8 object tools
│ ├── actions.ts # 7 event bus tools
│ ├── faces.ts # 6 face tools
│ ├── storage.ts # 4 storage tools
│ ├── webhooks.ts # 6 webhook tools
│ ├── notifications.ts # 5 notification tools
│ ├── sequencer.ts # 4 sequencer tools
│ ├── api-keys.ts # 3 API key tools
│ ├── payments.ts # 2 payment tools
│ ├── support.ts # 3 support tools
│ ├── public-api.ts # 5 public API tools
│ ├── intelligence.ts # 12 intelligence tools
│ ├── governance.ts # 14 governance tools
│ └── creative.ts # 8 creative tools
├── SECURITY.md # Security policy & reporting
└── dist/ # Compiled JavaScriptSecurity
See SECURITY.md for the security policy, threat model, and how to report vulnerabilities.
Key security features:
Session isolation: HTTP mode creates a fresh server + auth context per request
SSRF protection: External URL validation blocks private networks and cloud metadata
NoSQL injection prevention: Filter schemas reject
$-operator keysInput validation: Zod schemas with size/depth limits on all tool inputs
Rate limiting: Per-IP rate limiting with configurable max
Security headers: X-Content-Type-Options, CSP, HSTS, X-Frame-Options
License
MIT
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.