MCP Server

@quantaseal/mcp-server gives Claude Desktop, Cursor, GPT-4, and any MCP-compatible AI agent direct access to vault, encryption, compliance, and audit - secured by your API key.

Overview#

The MCP server exposes 18 tools across 7 domains. It supports two transports:

stdio - for Claude Desktop and local agents. Each session creates a completely isolated server instance.
SSE (Server-Sent Events) - for remote agents, HTTP-based MCP clients, LangChain, and GPT-4 custom integrations.

bash

# Install globally via npm
npm install -g @quantaseal/mcp-server

# Or build from source (monorepo)
cd sdk/mcp
npm install
npm run build   # → dist/server.js

Claude Desktop Setup#

Add the QuantaSeal MCP server to your Claude Desktop configuration file. Each session creates an isolated server instance - your API key is read at request time and never cached between requests.

Config file location (macOS): ~/Library/Application Support/Claude/claude_desktop_config.json

json

{
  "mcpServers": {
    "quantaseal": {
      "command": "node",
      "args": [
        "/usr/local/lib/node_modules/@quantaseal/mcp-server/dist/server.js"
      ],
      "env": {
        "QUANTASEAL_API_KEY": "qs_live_your_key_here"
      }
    }
  }
}

Note: Adjust the path in args if you built from source - use the absolute path to sdk/mcp/dist/server.js.

SSE Transport#

For remote or headless agents - GPT-4 custom integrations, LangChain, and any HTTP-based MCP client - start the server in SSE mode.

bash

# Start in SSE mode on port 3050
QUANTASEAL_API_KEY=qs_live_... node dist/server.js --transport sse --port 3050

# SSE endpoint your agent connects to
# http://localhost:3050/sse

bash

# Docker example
docker run -e QUANTASEAL_API_KEY=qs_live_... \
  -p 3050:3050 \
  ghcr.io/quantaseal/mcp-server:latest --transport sse --port 3050

Each SSE connection creates a completely isolated server instance with no shared state between sessions. Suitable for multi-agent deployments.

18 Tool Reference#

18 tools across 7 domains. All tools enforce tenant isolation server-side. Tool names use snake_case and are prefixed by domain.

Health(1 tool)

Tool Name	Description
`quantaseal_health`	Check API connectivity, backend health, and subscription status.

Vault(5 tools)

Tool Name	Description
`vault_seal`	Store a credential in QuantaVault with 3-layer ML-KEM-768 encryption.
`vault_unseal`	Retrieve and decrypt a vault entry by credential_id.
`vault_list`	List all vault entries (metadata only - no plaintext values).
`vault_rotate`	Re-encrypt a vault entry with a fresh ML-KEM-768 key pair.
`vault_delete`	Permanently delete a vault entry (logged to audit chain).

Encryption(4 tools)

Tool Name	Description
`encrypt`	Encrypt data with ML-KEM-768 + AES-256-GCM (NIST FIPS 203).
`decrypt`	Decrypt a HybridCryptoEnvelope. Signature verified before decryption.
`sign`	Sign a payload with ML-DSA-65 + HMAC-SHA-512 (NIST FIPS 204).
`verify_signature`	Verify both ML-DSA-65 and HMAC-SHA-512 signatures (bitwise &).

Integrations(3 tools)

Tool Name	Description
`list_integrations`	List all system integrations connected to your tenant.
`test_integration`	Test connectivity for a specific integration by ID.
`proxy_request`	Execute an outbound proxy operation through the QuantaSeal proxy engine.

Compliance(3 tools)

Tool Name	Description
`get_compliance_score`	Get the live compliance score (0–100) for a framework from the audit chain.
`generate_compliance_report`	Generate a PDF compliance report with evidence citations.
`list_compliance_reports`	List previously generated compliance reports with download URLs.

Audit(1 tool)

Tool Name	Description
`list_audit_logs`	Query the immutable SHA3-256 audit hash chain. Filter by event type, user, or time range.

Metrics(1 tool)

Tool Name	Description
`get_metrics`	Retrieve usage metrics: API calls, encryption operations, vault unseals, proxy requests.

Security Model#

The MCP server is designed to be safe to embed in AI agent workflows.

Tenant Isolation

Each API key maps to exactly one tenant. The server passes the key on every request - tenant enforcement happens server-side in the QuantaSeal backend, never in the MCP server itself.

Key Never Cached

getApiKey() is called at request time on every tool invocation. The API key is never stored in memory between requests or logged.

Session Isolation

Each SSE session creates a completely isolated server instance. No shared state between sessions. Suitable for multi-agent deployments.

Full Audit Trail

Every tool call is logged to the immutable audit chain with args_hash, response_hash, and ML-DSA-65 signatures. Use list_audit_logs to review AI agent activity.

All tool names:

quantaseal_healthvault_sealvault_unsealvault_listvault_rotatevault_deleteencryptdecryptsignverify_signaturelist_integrationstest_integrationproxy_requestget_compliance_scoregenerate_compliance_reportlist_compliance_reportslist_audit_logsget_metrics

CLI Reference SDKs

MCP Server

@quantaseal/mcp-server gives Claude Desktop, Cursor, GPT-4, and any MCP-compatible AI agent direct access to vault, encryption, compliance, and audit - secured by your API key.

Overview#

The MCP server exposes 18 tools across 7 domains. It supports two transports:

stdio - for Claude Desktop and local agents. Each session creates a completely isolated server instance.
SSE (Server-Sent Events) - for remote agents, HTTP-based MCP clients, LangChain, and GPT-4 custom integrations.

bash

# Install globally via npm
npm install -g @quantaseal/mcp-server

# Or build from source (monorepo)
cd sdk/mcp
npm install
npm run build   # → dist/server.js

Claude Desktop Setup#

Add the QuantaSeal MCP server to your Claude Desktop configuration file. Each session creates an isolated server instance - your API key is read at request time and never cached between requests.

Config file location (macOS): ~/Library/Application Support/Claude/claude_desktop_config.json

json

{
  "mcpServers": {
    "quantaseal": {
      "command": "node",
      "args": [
        "/usr/local/lib/node_modules/@quantaseal/mcp-server/dist/server.js"
      ],
      "env": {
        "QUANTASEAL_API_KEY": "qs_live_your_key_here"
      }
    }
  }
}

Note: Adjust the path in args if you built from source - use the absolute path to sdk/mcp/dist/server.js.

SSE Transport#

For remote or headless agents - GPT-4 custom integrations, LangChain, and any HTTP-based MCP client - start the server in SSE mode.

bash

# Start in SSE mode on port 3050
QUANTASEAL_API_KEY=qs_live_... node dist/server.js --transport sse --port 3050

# SSE endpoint your agent connects to
# http://localhost:3050/sse

bash

# Docker example
docker run -e QUANTASEAL_API_KEY=qs_live_... \
  -p 3050:3050 \
  ghcr.io/quantaseal/mcp-server:latest --transport sse --port 3050

Each SSE connection creates a completely isolated server instance with no shared state between sessions. Suitable for multi-agent deployments.

18 Tool Reference#

18 tools across 7 domains. All tools enforce tenant isolation server-side. Tool names use snake_case and are prefixed by domain.

Health(1 tool)

Tool Name	Description
`quantaseal_health`	Check API connectivity, backend health, and subscription status.

Vault(5 tools)

Tool Name	Description
`vault_seal`	Store a credential in QuantaVault with 3-layer ML-KEM-768 encryption.
`vault_unseal`	Retrieve and decrypt a vault entry by credential_id.
`vault_list`	List all vault entries (metadata only - no plaintext values).
`vault_rotate`	Re-encrypt a vault entry with a fresh ML-KEM-768 key pair.
`vault_delete`	Permanently delete a vault entry (logged to audit chain).

Encryption(4 tools)

Tool Name	Description
`encrypt`	Encrypt data with ML-KEM-768 + AES-256-GCM (NIST FIPS 203).
`decrypt`	Decrypt a HybridCryptoEnvelope. Signature verified before decryption.
`sign`	Sign a payload with ML-DSA-65 + HMAC-SHA-512 (NIST FIPS 204).
`verify_signature`	Verify both ML-DSA-65 and HMAC-SHA-512 signatures (bitwise &).

Integrations(3 tools)

Tool Name	Description
`list_integrations`	List all system integrations connected to your tenant.
`test_integration`	Test connectivity for a specific integration by ID.
`proxy_request`	Execute an outbound proxy operation through the QuantaSeal proxy engine.

Compliance(3 tools)

Tool Name	Description
`get_compliance_score`	Get the live compliance score (0–100) for a framework from the audit chain.
`generate_compliance_report`	Generate a PDF compliance report with evidence citations.
`list_compliance_reports`	List previously generated compliance reports with download URLs.

Audit(1 tool)

Tool Name	Description
`list_audit_logs`	Query the immutable SHA3-256 audit hash chain. Filter by event type, user, or time range.

Metrics(1 tool)

Tool Name	Description
`get_metrics`	Retrieve usage metrics: API calls, encryption operations, vault unseals, proxy requests.

Security Model#

The MCP server is designed to be safe to embed in AI agent workflows.

Tenant Isolation

Each API key maps to exactly one tenant. The server passes the key on every request - tenant enforcement happens server-side in the QuantaSeal backend, never in the MCP server itself.

Key Never Cached

getApiKey() is called at request time on every tool invocation. The API key is never stored in memory between requests or logged.

Session Isolation

Each SSE session creates a completely isolated server instance. No shared state between sessions. Suitable for multi-agent deployments.

Full Audit Trail

Every tool call is logged to the immutable audit chain with args_hash, response_hash, and ML-DSA-65 signatures. Use list_audit_logs to review AI agent activity.

All tool names:

CLI Reference SDKs