Token Revoke MCP Server
Token Revoke MCP Server provides secure, automated ERC-20 allowance management for wallets on Ethereum, Polygon, BSC, and more—enabling AI workflows to audit, report, and revoke blockchain token approvals in real time.
What does “Token Revoke” MCP Server do?
Token Revoke MCP Server is a Model Context Protocol (MCP) server designed to enhance user security and asset control on EVM-compatible blockchains. It bridges AI assistants and developer tools with blockchain infrastructure, allowing them to query, monitor, and manage ERC-20 token allowances across more than 50 blockchains, including Ethereum, Polygon, and BSC. The server enables automated retrieval of all token approvals for a given wallet, displays token balances and USD values at risk, and allows for the revocation of token allowances directly from workflows or conversational interfaces. This functionality simplifies tasks such as managing wallet security, cleaning up unnecessary permissions, and ensuring that AI-powered agents or scripts can directly interact with blockchain assets safely and efficiently.
List of Prompts
- No explicit prompt templates are defined in the repository files. Only natural language usage examples are shown in the README.
List of Resources
- No explicit MCP resources are documented or exposed in the repository files.
List of Tools
- Fetch Token Approvals: Retrieves all ERC-20 token approvals for a specified wallet and chain, including token details, balances, and associated risk.
- Revoke Allowances: Submits transactions to revoke ERC-20 token allowances for specific spenders.
- Check Transaction Status: Checks the status (success/failure) of a submitted transaction using its transaction hash.
Use Cases of this MCP Server
- Wallet Security Audits: Developers and users can automatically audit wallets for risky token approvals, identifying permissions that put assets at risk across multiple blockchains.
- Revoking Unused Approvals: Enables AI agents or scripts to identify and revoke unnecessary or forgotten token allowances, reducing risk of unauthorized token transfers.
- Automated Risk Reporting: Periodically fetches and reports the USD value at risk due to active approvals, aiding users in asset monitoring and decision-making.
- Blockchain App Integration: Integrates directly into wallets, dApps, or security dashboards for real-time allowance management through conversational or automated workflows.
- Testnet and Mainnet Support: Supports developers working across both production and test environments by exposing tools for all major EVM chains.
How to set it up
Windsurf
- Prerequisite: Ensure Node.js 18+ is installed.
- Clone and Install:
git clone https://github.com/kukapay/token-revoke-mcp.git cd token-revoke-mcp npm install - Edit Configuration: Locate the Windsurf configuration file and add the following:
{ "mcpServers": { "token-revoke-mcp": { "command": "node", "args": ["path/to/token-revoke-mcp/index.js"], "env": { "MORALIS_API_KEY": "your moralis api key", "PRIVATE_KEY": "your wallet private key" } } } } - Save and Restart: Save changes and restart Windsurf.
- Verify: Ensure the server starts and responds to MCP queries.
Claude
- Prerequisite: Node.js 18+ and access to configuration files.
- Clone and Install: Follow the same steps as above.
- Configuration: Add to Claude’s MCP servers section:
{ "mcpServers": { "token-revoke-mcp": { "command": "node", "args": ["path/to/token-revoke-mcp/index.js"], "env": { "MORALIS_API_KEY": "your moralis api key", "PRIVATE_KEY": "your wallet private key" } } } } - Restart and Validate: Restart Claude and test connectivity.
Cursor
- Prerequisite: Node.js 18+, Moralis API Key, and Ethereum private key.
- Install: Clone and install as above.
- Configure: Update Cursor’s MCP configuration:
{ "mcpServers": { "token-revoke-mcp": { "command": "node", "args": ["path/to/token-revoke-mcp/index.js"], "env": { "MORALIS_API_KEY": "your moralis api key", "PRIVATE_KEY": "your wallet private key" } } } } - Save and Restart: Save config and restart Cursor.
Cline
- Prerequisite: Node.js 18+.
- Clone/Install: As above.
- Edit Configuration: Add to Cline’s MCP section:
{ "mcpServers": { "token-revoke-mcp": { "command": "node", "args": ["path/to/token-revoke-mcp/index.js"], "env": { "MORALIS_API_KEY": "your moralis api key", "PRIVATE_KEY": "your wallet private key" } } } } - Save and Restart: Save and relaunch Cline.
Securing API keys
Environment variables are used for secrets:
{
"env": {
"MORALIS_API_KEY": "your moralis api key",
"PRIVATE_KEY": "your wallet private key"
}
}
Never hardcode private keys or API keys in source files or public repositories.
How to use this MCP inside flows
Using MCP in FlowHunt
To integrate MCP servers into your FlowHunt workflow, start by adding the MCP component to your flow and connecting it to your AI agent:
Click on the MCP component to open the configuration panel. In the system MCP configuration section, insert your MCP server details using this JSON format:
{
"token-revoke-mcp": {
"transport": "streamable_http",
"url": "https://yourmcpserver.example/pathtothemcp/url"
}
}
Once configured, the AI agent is now able to use this MCP as a tool with access to all its functions and capabilities. Remember to change “token-revoke-mcp” to whatever the actual name of your MCP server is and replace the URL with your own MCP server URL.
Overview
| Section | Availability | Details/Notes |
|---|---|---|
| Overview | ✅ | Description from README and repo |
| List of Prompts | ⛔ | No explicit prompt templates defined |
| List of Resources | ⛔ | No explicit MCP resources defined |
| List of Tools | ✅ | fetch approvals, revoke allowances, check transaction status |
| Securing API Keys | ✅ | Uses env vars, documented in setup |
| Sampling Support (less important in evaluation) | ⛔ | Not mentioned |
Our opinion
This MCP server is robust for blockchain and wallet security use cases, providing clear setup instructions and practical tools. However, it lacks explicit prompt templates, resource definitions, and documentation on advanced MCP features like roots and sampling. As such, it’s a solid, focused utility for developers needing ERC-20 allowance management, but could be improved with more comprehensive MCP integration.
MCP Score
| Has a LICENSE | ✅ (MIT) |
|---|---|
| Has at least one tool | ✅ |
| Number of Forks | 3 |
| Number of Stars | 1 |
Overall MCP Table Rating: 6/10 (Solid foundational utility for its domain, but lacks some MCP ecosystem richness and documentation.)
Frequently asked questions
- What is the Token Revoke MCP Server?
The Token Revoke MCP Server is a Model Context Protocol server that allows you to monitor, audit, and revoke ERC-20 token allowances across 50+ EVM-compatible blockchains. It automates wallet security, risk reporting, and token approval management for both users and AI-powered workflows.
- What tools does this MCP server provide?
It provides tools to fetch all token approvals for a wallet, check balances and risk, revoke allowances via on-chain transactions, and monitor the status of revocation transactions across chains like Ethereum, Polygon, BSC, and more.
- How does this improve wallet security?
By enabling automated audits of token approvals, surfacing risky or unnecessary permissions, and offering one-click or automated revocation, it reduces the attack surface for wallets and helps prevent unauthorized token transfers.
- How do I configure secrets like API keys?
You must use environment variables for the MORALIS_API_KEY and your wallet’s PRIVATE_KEY. Never hardcode secrets in source files or public repos; always use secure env var management.
- Can this be used in both testnet and mainnet environments?
Yes, the Token Revoke MCP Server supports both test and production environments for all major EVM-compatible chains, making it ideal for development, QA, and live blockchain security use cases.
Secure Your Blockchain Assets with Token Revoke MCP
Integrate the Token Revoke MCP Server into your FlowHunt workflows to automate token allowance audits, reduce wallet risks, and enable direct blockchain management for your AI agents.
Learn more
