Architecture

A TypeScript application with two transports over shared blockchain, contract, wallet, validation, logging, and rate-limit services.

System shape

MCP client --stdio--> src/index.ts -----------+
                                                |
HTTP client --HTTP--> src/http-server.ts ------+--> NeoService --> Neo RPC
                                                +--> ContractService --> Neo RPC / optional N3Index lookup
                                                +--> WalletService --> WALLETS_DIR
                                                +--> validation, rate limiting, logging

The MCP entrypoint uses the Model Context Protocol SDK over stdio. The HTTP entrypoint exposes a REST-style adapter but reuses the same core services.

Core modules

MCP server

src/index.ts registers tools, resources, schemas, service selection, and stdio lifecycle handling.

HTTP entrypoint

src/http.ts resolves one network, validates host security, constructs services, and handles shutdown.

HTTP router

src/http-server.ts implements routes, bearer authentication, CORS allowlisting, JSON limits, health, and metrics.

Neo service

src/services/neo-service.ts owns deadline-bounded RPC queries, transaction construction, fees, transfer history, and application-log enrichment.

Contract service

src/contracts/contract-service.ts resolves generic references, verifies deployment, inspects manifests, and executes contract calls.

Wallet service

src/services/wallet-service.ts creates, imports, encrypts, persists, and sanitizes wallet records.

Delegated handlers

src/handlers/ implements tool and resource behavior shared by registrations and transports.

Cross-cutting utilities

src/utils/ contains validation, errors, structured logging, log rotation, and process-local rate limiting.

Request flow

MCP tool call

  1. The SDK validates the registered Zod input schema.
  2. The shared MCP client rate limit is checked.
  3. The server selects the configured Neo service for the requested network.
  4. A direct handler or delegated tool handler calls the service layer.
  5. The result is serialized into MCP text content.

HTTP request

  1. Security and cache-control response headers are applied.
  2. The client IP rate limit is checked.
  3. Bearer authentication runs for every route except /live and /health when a key is configured.
  4. POST and PUT bodies are limited and parsed as JSON objects.
  5. The route calls the corresponding service and emits a JSON or metrics response.

Security boundaries

Technology baseline

ComponentCurrent baseline
Node.js22 or newer; CI also tests 24
TypeScript5.9
MCP SDK1.29
Neo SDK@cityofzion/neon-js 5.9
ValidationZod 3.25 plus project validation helpers
TestingJest 29 with ts-jest
ContainersNode.js 22 Alpine, multi-stage production build

Operational boundary

The application exposes /live, RPC-aware /health, and a small Prometheus-text-compatible /metrics response. It does not include a collector, dashboard, alerting system, tracing backend, cache layer, connection pool, circuit breaker, or cloud orchestration manifest.