paybondpaybond
Sign in

MCP server

Run the tenant-bound Paybond MCP server for internal agent runtimes and MCP-compatible hosts.

Paybond MCP server

Paybond ships a tenant-bound MCP server for internal agent runtimes and orchestration systems that prefer MCP over custom HTTP wrappers. It exposes a supported Paybond tool surface while preserving the same tenant boundary as the SDKs and APIs.

The server is intentionally stdio-first. It is designed to run as a local child process launched by an MCP client or host.

Paybond does not assume a specific model provider or agent framework. The only assumption is that your host can launch a stdio MCP server and speak MCP tool calls.

Install

Python

pip install "paybond-kit[mcp]"

TypeScript

npm install @paybond/kit

Required environment

Always required:

export PAYBOND_GATEWAY_URL="https://gateway.example.com"
export PAYBOND_API_KEY="paybond_sk_..."

Optional only if you use the legacy direct-Harbor mutation tools:

export PAYBOND_HARBOR_URL="https://harbor.internal.example.com"

Optional:

export PAYBOND_HARBOR_ACCESS_PATH="/v1/auth/harbor-access"
export PAYBOND_PRINCIPAL_PATH="/v1/auth/principal"
export PAYBOND_MCP_MAX_RETRIES="3"
export PAYBOND_MCP_CLOCK_SKEW_SECONDS="90"

Run

Python

paybond-mcp-server

TypeScript

npx paybond-mcp-server

Tool categories

Always available:

  • paybond_get_principal
  • paybond_verify_capability
  • paybond_list_intents
  • paybond_get_intent
  • paybond_get_reputation_receipt
  • paybond_get_portfolio_summary
  • paybond_get_signed_portfolio_artifact
  • paybond_verify_agent_mandate_v1
  • paybond_verify_agent_recognition_proof_v1
  • paybond_import_agent_mandate_v1
  • paybond_get_settlement_receipt_v1
  • paybond_verify_protocol_receipt_v1
  • paybond_create_intent
  • paybond_fund_intent
  • paybond_submit_evidence
  • paybond_confirm_settlement

Available only when PAYBOND_HARBOR_URL is set:

  • paybond_create_intent_legacy
  • paybond_fund_intent_legacy
  • paybond_submit_evidence_legacy

Security model

  • The server is bound to one tenant derived from the configured service-account API key.
  • Do not pass tenant IDs manually through tool arguments for normal flows.
  • Gateway-backed state-changing tools require the right proof material and fail closed when proofs are missing, stale, replayed, or mismatched.
  • Signed Harbor request bodies remain the caller's responsibility. The MCP server does not manage long-lived signing keys on behalf of the model.
  • Remote HTTP transport is intentionally out of scope. A remote MCP deployment would need a separate approval and authentication boundary.

Example MCP client config

Example local stdio entry:

{
  "command": "paybond-mcp-server",
  "env": {
    "PAYBOND_GATEWAY_URL": "https://gateway.example.com",
    "PAYBOND_API_KEY": "paybond_sk_..."
  }
}