Is io.github.Zk-nd3r/zcash-mcp safe to use?

io.github.Zk-nd3r/zcash-mcp has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install io.github.Zk-nd3r/zcash-mcp?

io.github.Zk-nd3r/zcash-mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can io.github.Zk-nd3r/zcash-mcp do?

io.github.Zk-nd3r/zcash-mcp provides 22 tools: get_balance, send_shielded, decode_memo, attest_event, verify_proof and 17 more. See the full tools list on the server page for descriptions and parameters.

What AI clients work with io.github.Zk-nd3r/zcash-mcp?

io.github.Zk-nd3r/zcash-mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.

Is io.github.Zk-nd3r/zcash-mcp actively maintained?

io.github.Zk-nd3r/zcash-mcp is actively maintained — last commit was 6 days ago.

io.github.Zk-nd3r/zcash-mcp

@frontiercompute/zcash-mcp

Zcash shielded operations for AI agents. Memo decoding, attestation, proof verification.

22 tools GitHub npm

No known CVEs

No license

Actively maintained

Last commit 6d ago

Works with most clients

Transport: stdio, http

22 tools · ~1.0k tok

Grade B · 0.5% of 200K ctx

Edit this pageView history

Finance

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "zcash": {
      "env": {
        "ZAP1_API_KEY": "your-key-here",
        "ZEBRA_RPC_URL": "http://127.0.0.1:8232"
      },
      "args": [
        "@frontiercompute/zcash-mcp"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-zk-nd3r-zcash-mcp)](https://mcppedia.org/s/io-github-zk-nd3r-zcash-mcp)

Read me

What io.github.Zk-nd3r/zcash-mcp does

Zcash MCP server. Connects AI agents to shielded Zcash operations. Published on the MCP registry.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@frontiercompute/zcash-mcp' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

83/100across 5 weighted dimensions

How we score →

0255075100

−17

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked @frontiercompute/zcash-mcp against OSV.dev.

Inventory

Tools (22)

Click any tool to inspect its schema.

~1.0k tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.Zk-nd3r/zcash-mcp safe to use?: io.github.Zk-nd3r/zcash-mcp has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.Zk-nd3r/zcash-mcp?: io.github.Zk-nd3r/zcash-mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can io.github.Zk-nd3r/zcash-mcp do?: io.github.Zk-nd3r/zcash-mcp provides 22 tools: get_balance, send_shielded, decode_memo, attest_event, verify_proof and 17 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with io.github.Zk-nd3r/zcash-mcp?: io.github.Zk-nd3r/zcash-mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is io.github.Zk-nd3r/zcash-mcp actively maintained?: io.github.Zk-nd3r/zcash-mcp is actively maintained — last commit was 6 days ago.

Similar servers

Others in finance

View all →

Alpha Vantage Mcp95

Real-time financial market data: stocks, forex, crypto, commodities, and economic indicators

158 3

Investor Agent93

A Model Context Protocol server for building an investor agent

329 7

io.github.xkumakichi/xaip-mcp-server92

AI agents get on-chain identity, credentials, reputation, escrow, and persistent memory on XRPL.

io.github.PayRam/payram-helper-mcp91

Remote MCP server to integrate and validate self-hosted PayRam deployments.

155 17

MCP Security Weekly

Get CVE alerts and security updates for io.github.Zk-nd3r/zcash-mcp and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Finance

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "zcash": {
      "env": {
        "ZAP1_API_KEY": "your-key-here",
        "ZEBRA_RPC_URL": "http://127.0.0.1:8232"
      },
      "args": [
        "@frontiercompute/zcash-mcp"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-zk-nd3r-zcash-mcp)](https://mcppedia.org/s/io-github-zk-nd3r-zcash-mcp)

Read me

What io.github.Zk-nd3r/zcash-mcp does

Zcash MCP server. Connects AI agents to shielded Zcash operations. Published on the MCP registry.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@frontiercompute/zcash-mcp' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

zcash-mcp

ZAP1 receipts for Zcash agents: verify workflows without trusting the server.

ZAP1 is an attestation and proof rail for Zcash workflows. Frontier Compute maintains the reference ZAP1 implementation.

A wrapper makes you trust the server. ZAP1 makes the server unnecessary to trust.

Core rule: observe state, bound the claim, hash evidence, issue a receipt, verify later.

MCP is the standard way for AI agents to call external tools. zcash-mcp exposes the ZAP1 attestation layer for agents that need verifiable receipts around Zcash workflows: create ZAP1 attestation leaves, query anchor state, and verify proof receipts.

This is not a full wallet MCP. Balance scanning, private key custody, seed handling, PCZT signing, shielded spend construction, and lightwalletd or Zaino wallet synchronization are complementary wallet-layer work, not this server's scope.

Why ZAP1

Wallet MCPs can move value. ZAP1 proves the workflow around the value, and the counterparty can verify the proof without trusting Frontier.

Tool servers expose what a backend says right now. ZAP1 produces a receipt that another party can verify later from the schema, proof material, and Zcash anchor.

ZAP1 is the proof rail for Zcash agent workflows:

attest: create a typed event leaf.
anchor: commit leaves into a Merkle root anchored to Zcash.
prove: return a receipt packet for a leaf.
verify: let another party check the receipt without trusting the original agent.

Agent systems need more than a payment or a transaction lookup. They need a receipt that another agent, user, auditor, or service can verify later:

what event was asserted
which agent or workflow asserted it
which ZAP1 leaf records it
which Merkle root includes it
which Zcash transaction anchored that root
how to verify the proof without trusting the original agent

That is the lane for this server. It gives Zcash agents a receipt layer that can sit beside any wallet, signer, custody system, lightwalletd stack, Zaino stack, or application-specific payment flow.

See ZAP1 Proof Rail for the category boundary, receipt model, integration pattern, and red-team rejects. See ZAP1 Conformance for the receipt contract agents and integrations should satisfy. See Wallet Receipt Integration for the wallet-action handoff pattern. See External Rail Receipts for generic external-action receipt requests, and Receipt Disclosure Profiles for public, counterparty, auditor, grant, compliance, and internal packet shapes.

Capability Boundary

The zcash_capability_manifest tool gives agents a machine-readable scope map:

covered here: ZAP1 receipts, lifecycle attestations, proof verification, anchor state, memo decoding, and public chain context
excluded here: custody, seed handling, balance scanning, PCZT signing, shielded spend construction, and wallet-server synchronization
composition rule: use this server before or after wallet-layer actions to create, query, and verify receipts

Good fits:

agent action receipts
payment and invoice proof packets
wallet action receipts
external action receipts
operator lifecycle events
grant proof packets
compliance audit packets
policy and reputation attestations
public anchor verification for private workflows
cross-agent handoffs where the receiver needs proof, not custody

Poor fits:

holding keys
scanning wallet balances
signing PCZTs
broadcasti

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

83/100across 5 weighted dimensions

How we score →

0255075100

−17

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked @frontiercompute/zcash-mcp against OSV.dev.

Inventory

Tools (22)

Click any tool to inspect its schema.

~1.0k tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.Zk-nd3r/zcash-mcp safe to use?: io.github.Zk-nd3r/zcash-mcp has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.Zk-nd3r/zcash-mcp?: io.github.Zk-nd3r/zcash-mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can io.github.Zk-nd3r/zcash-mcp do?: io.github.Zk-nd3r/zcash-mcp provides 22 tools: get_balance, send_shielded, decode_memo, attest_event, verify_proof and 17 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with io.github.Zk-nd3r/zcash-mcp?: io.github.Zk-nd3r/zcash-mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is io.github.Zk-nd3r/zcash-mcp actively maintained?: io.github.Zk-nd3r/zcash-mcp is actively maintained — last commit was 6 days ago.