Hosted HTTP endpoint
The streamable-HTTP MCP transport at mcp.agenttrust.tech — semantics, healthz, session model, retry behaviour.
mcp.agenttrust.tech is the hosted MCP HTTP endpoint. Always-on, devnet-bound, free to hit, no install required for clients that speak StreamableHTTPServerTransport.
Hosted on Fly.io (Singapore region), shared-cpu-1x@256MB, two machines for HA, min_machines_running = 1 so judges hitting the URL don't see a cold start. Source: mcp/. Deployed via flyctl deploy --config mcp/fly.toml.
Healthz
curl https://mcp.agenttrust.tech/healthzReturns:
{
"ok": true,
"service": "agenttrust-mcp",
"version": "0.4.5",
"network": "solana-devnet",
"rpcUrl": "https://api.devnet.solana.com",
"uptimeSeconds": 60978,
"activeSessions": 0,
"toolCount": 21
}Health probes use this URL — Fly.io marks the machine healthy when it returns ok: true. Use it as a smoke check from CI.
Transport
The endpoint speaks Model Context Protocol over StreamableHTTPServerTransport. The wire format is JSON-RPC 2.0; the MCP server uses HTTP POST for client-initiated messages and Server-Sent Events for server-initiated messages.
Initialize
POST / HTTP/1.1
Host: mcp.agenttrust.tech
Content-Type: application/json
{
"jsonrpc": "2.0",
"id": 1,
"method": "initialize",
"params": {
"protocolVersion": "2025-03-26",
"capabilities": {},
"clientInfo": { "name": "my-client", "version": "0.1.0" }
}
}Response includes a Mcp-Session-Id header. Subsequent requests echo that header to bind the session.
HTTP/1.1 200 OK
Content-Type: application/json
Mcp-Session-Id: 9f3a…
{
"jsonrpc": "2.0",
"id": 1,
"result": {
"protocolVersion": "2025-03-26",
"capabilities": { "tools": {}, "resources": {}, "prompts": {} },
"serverInfo": { "name": "agenttrust", "version": "0.4.5" }
}
}Tools / call
POST / HTTP/1.1
Host: mcp.agenttrust.tech
Content-Type: application/json
Mcp-Session-Id: 9f3a…
{
"jsonrpc": "2.0",
"id": 2,
"method": "tools/call",
"params": {
"name": "agenttrust_simulate_payment",
"arguments": {
"caller": "4tSEHc2vCLqnYd8nK9jRa44vnn8JnPxUgxheEmhWQhRG",
"payer_agent": "5PfaofvEUf3adtJwMho7zzbfvgxwxbvp2V5moqhtLK8y",
"payee_agent": "5PfaofvEUf3adtJwMho7zzbfvgxwxbvp2V5moqhtLK8y",
"amount": "1000000",
"mint": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
"policy_id": 1
}
}
}Response (truncated):
{
"jsonrpc": "2.0",
"id": 2,
"result": {
"content": [
{
"type": "text",
"text": "{ \"kind\": \"Allow\" }"
}
]
}
}Same wire shape as the stdio transport. Same 21 tools, same Zod schemas, same response format.
Session model — current quirk
The hosted MCP wraps StreamableHTTPServerTransport in a singleton: one transport per Node process. The first connection establishes a session and is served normally; a second connection without Mcp-Session-Id (i.e., trying to start a parallel session) gets:
{
"jsonrpc": "2.0",
"id": <id>,
"error": { "code": -32600, "message": "Server already initialized" }
}Real MCP clients pass Mcp-Session-Id and reuse a session — this is mostly invisible during normal use. It surfaces as soon as a second client connects without coordinating session IDs.
Phase M flagged this as Bug #4. Fixing it requires restructuring the transport instantiation around a per-session map; tracked but not v1-blocking. Workaround: restart the Fly machine (flyctl machines list --app agenttrust-mcp → flyctl machines restart …) or wait for session timeout.
Auth
The hosted endpoint has no authentication for read tools. Write tools require a signer on the server (resolved via KEYPAIR_B58 / KEYPAIR_PATH / Solana CLI default); the hosted instance has none of these set, so write tools surface the standard signer required error.
For write-tool access from a hosted MCP context, run your own instance with your own keypair:
flyctl deploy --config mcp/fly.toml --remote-only --app my-mcp \
--env RPC_URL=https://api.devnet.solana.com \
--env NETWORK=solana-devnet
flyctl secrets set KEYPAIR_B58=<base58-key> --app my-mcpRPC backend
The hosted MCP queries Solana via https://api.devnet.solana.com by default. For mainnet (when AgentTrust deploys there), set RPC_URL and NETWORK=solana-mainnet on the Fly app via flyctl secrets set.
For lower-latency setups, point at a private RPC (Helius, QuickNode, Triton):
flyctl secrets set RPC_URL=https://devnet.helius-rpc.com/?api-key=… --app agenttrust-mcpCORS
The hosted endpoint accepts cross-origin requests from any origin (no auth, no cookies, public devnet data). The MCP wire format uses application/json POSTs which trigger preflight; the server returns the standard Access-Control-Allow-* headers.
Self-host
Run your own HTTP transport locally:
MCP_TRANSPORT=http MCP_HTTP_PORT=8765 node ./mcp/dist/index.jsBehind any reverse proxy (Caddy, nginx, Vercel, Fly.io) this surfaces as a public hosted endpoint. Same Zod schemas, same tool catalog. Caddyfile example:
mcp.your-domain.tld {
reverse_proxy localhost:8765
}Validation
Phase M end-to-end test against the hosted endpoint:
| Check | Result |
|---|---|
GET /healthz | 200, returns version: "0.4.5", toolCount: 21 |
POST / initialize | 200, returns matching serverInfo, Mcp-Session-Id header set |
tools/list | 21 tools, exact match with stdio |
tools/call agenttrust_simulate_payment | { kind: "Allow" } for the tier-3 demo agent |
tools/call agenttrust_get_policy | matching PDA 975DgYCY… between stdio and HTTP |
Full report: docs/proofs/phase-m-mcp-e2e.md §M2.
Source
- Server entry:
mcp/src/index.ts - HTTP transport:
mcp/src/server.ts - Fly config:
mcp/fly.toml - Dockerfile:
mcp/Dockerfile
Prompts
Three guided MCP workflows — audit a payment, set up an agent, explain a failure. Each composes multiple tool calls into a structured procedure.
Pay.sh adapter
Walk the live Pay.sh + AgentTrust integration end to end — challenge, retry, settle, feedback, with hosted-demo paths and the SERVICE-signed envelope contract.