Command Palette

Search for a command to run...

UnylyUnyly
Browse all

Gainium

FreeNot checked

MCP server for Gainium — manage trading bots, deals, and balances via AI assistants

GitHubEmbed

About

MCP server for Gainium — manage trading bots, deals, and balances via AI assistants

README

An MCP (Model Context Protocol) server for Gainium — the crypto trading bot platform. Lets AI assistants manage your bots, deals, balances, and more through a standard MCP interface.

Detailed setup and connection documentation is available in docs/using-gainium-mcp.md.

Quick Start

1. Get your API keys

Go to Gainium API Settings and create an API key pair.

2. Add to your MCP client

Add this to your MCP configuration (VS Code, Claude Desktop, etc.):

{
  "gainium-mcp": {
    "command": "npx",
    "args": ["-y", "gainium-mcp"],
    "env": {
      "GAINIUM_API_KEY": "<your-api-key>",
      "GAINIUM_API_SECRET": "<your-api-secret>"
    }
  }
}

That's it. The server starts automatically when your AI assistant needs it.

This local stdio mode uses GAINIUM_API_KEY and GAINIUM_API_SECRET from the server process environment.

Environment Variables

Variable Required Default Description
GAINIUM_API_KEY Yes Your Gainium API public key
GAINIUM_API_SECRET Yes Your Gainium API secret
GAINIUM_API_BASE_URL No https://api.gainium.io API base URL
GAINIUM_MCP_TRANSPORT No stdio Transport mode: stdio, http, streamable-http, sse, or http-sse
GAINIUM_MCP_HOST No 127.0.0.1 Bind host for HTTP mode
GAINIUM_MCP_PORT No 3000 Bind port for HTTP mode
GAINIUM_MCP_HTTP_PATH No /mcp Streamable HTTP endpoint path
GAINIUM_MCP_SSE_PATH No /sse Deprecated SSE GET endpoint path
GAINIUM_MCP_MESSAGES_PATH No /messages Deprecated SSE POST endpoint path
GAINIUM_OAUTH_ISSUER No Authorization-server base URL. Setting this (with MCP_INTROSPECTION_SECRET, in HTTP mode) enables OAuth protected-resource mode
GAINIUM_INTROSPECTION_URL No <issuer>/oauth/introspect Token introspection endpoint
MCP_INTROSPECTION_SECRET No Shared secret presented to the introspection endpoint (must match the auth server)
GAINIUM_MCP_PUBLIC_URL No derived from request Public base URL used in the protected-resource metadata
OPENAI_APPS_CHALLENGE_TOKEN No When set, served as plain text at /.well-known/openai-apps-challenge for OpenAI Apps domain verification

Authentication Modes

gainium-mcp supports three deployment models:

  • Local stdio mode: the MCP server reads GAINIUM_API_KEY and GAINIUM_API_SECRET from env vars.
  • OAuth 2.1 hosted mode (recommended for hosted/public): the server acts as an OAuth protected resource. Clients (e.g. the Claude connector) obtain an access token from the Gainium authorization server and send it as Authorization: Bearer <token>. See OAuth 2.1 hosted mode below.
  • Header hosted mode (legacy/self-hosted): each request sends X-API-Key and X-API-Secret headers so one shared server can serve many users.

In header/stdio mode, request headers take priority, falling back to GAINIUM_API_KEY / GAINIUM_API_SECRET. When OAuth mode is enabled, the Bearer token is required and the X-API-Key/X-API-Secret headers are ignored.

OAuth 2.1 hosted mode

This is the mode used for the public https://mcp.gainium.io/mcp endpoint and the Anthropic Claude connector directory (which requires OAuth and forbids API-key headers).

Enable it by setting, in HTTP mode:

export GAINIUM_MCP_TRANSPORT=http
export GAINIUM_OAUTH_ISSUER=https://app.gainium.io        # Gainium authorization server
export MCP_INTROSPECTION_SECRET=<shared-secret>           # must match the auth server
export GAINIUM_MCP_PUBLIC_URL=https://mcp.gainium.io      # this server's public URL
# optional, defaults to <issuer>/oauth/introspect:
# export GAINIUM_INTROSPECTION_URL=https://app.gainium.io/oauth/introspect
node dist/server.js

When enabled, the server:

  1. Serves OAuth Protected Resource Metadata (RFC 9728) at /.well-known/oauth-protected-resource and /.well-known/oauth-protected-resource/mcp, advertising the authorization server.
  2. Rejects unauthenticated MCP requests with 401 Unauthorized and a WWW-Authenticate: Bearer resource_metadata="…" header, so clients can discover the auth server and run the OAuth flow (Dynamic Client Registration + PKCE).
  3. Validates the Bearer access token on each request via the auth server's token introspection endpoint, resolving it to the user's Gainium (apiKey, apiSecret) and per-key restrictions (read/write, paper-only, single-bot), which are still enforced server-side. Introspection results are cached briefly.

The local stdio path is unaffected by these variables.

HTTP and SSE Mode

By default, gainium-mcp runs over stdio for MCP clients that spawn local processes. To run it as an HTTP server instead:

export GAINIUM_MCP_TRANSPORT=http
export GAINIUM_MCP_HOST=127.0.0.1
export GAINIUM_MCP_PORT=3000
node dist/server.js

When HTTP mode is enabled, the server exposes both transport styles:

  • GET|POST|DELETE /mcp for the current Streamable HTTP transport
  • GET /sse plus POST /messages?sessionId=... for deprecated HTTP+SSE clients

This makes one server process compatible with both modern MCP HTTP clients and older SSE-based integrations. In hosted mode, authenticate with OAuth (see OAuth 2.1 hosted mode) or, for self-hosted/legacy setups, send X-API-Key and X-API-Secret on each request.

Available Tools (17)

As of v3.0.0 the toolset is consolidated: a single tool per operation, with a botType / dealType / action discriminator instead of one tool per variant. Every tool carries an MCP safety annotation — read-only tools set readOnlyHint, write tools set destructiveHint.

Bots

Tool Access Description
list_bots read List bots by type (dca, combo, grid) with filters and field selection
get_bot read Get a single bot by id and type
create_bot write Create a bot (dca, combo, or grid)
update_bot write Update bot settings
clone_bot write Clone a bot with optional overrides
manage_bot write Lifecycle action: start, stop, archive, restore, changePairs

Deals

Tool Access Description
list_deals read List deals by type (dca, combo, terminal) with filters
get_deal read Get a single deal by id and type
create_deal write Create a deal
update_deal write Update an active deal
manage_deal write Deal action: close, addFunds, reduceFunds

Backtest

Tool Access Description
run_backtest write Run a backtest: validate, estimate, async, or sync (request/requestSync submit a job — not read-only)
backtest_info read List backtest requests or get one by ID

Discovery, Account & Market

Tool Access Description
discover read Schema discovery for bot types and indicators
get_account read Balances, connected exchanges, supported exchanges, and global variables
get_screener read Cryptocurrency screener with market metrics
manage_global_variable write Global variable action: create, update, delete

Field Selection

All GET endpoints support the fields parameter for efficient payloads:

  • Presets: minimal, standard (default), extended, full
  • Custom: comma-separated dot-notation fields (e.g. _id,uuid,settings.name,profit.total)

Using minimal reduces payload size by ~85%.

API Permissions

  • Read-only key: read tools only (list_*, get_*, discover, backtest_info, get_screener, list_presets)
  • Write key: all tools, including create_*, update_*, clone_bot, manage_bot, manage_deal, manage_global_variable, apply_preset, and run_backtest
  • Read-only directory connector (/mcp with GAINIUM_READONLY=true, served at mcp.gainium.io/read): exposes and allows only the 9 readOnlyHint tools — run_backtest and all write tools are excluded
  • Token audience binding (OAuth mode): when GAINIUM_MCP_PUBLIC_URL is set, the server treats <public-url><http-path> as its RFC 8707 resource. An access token whose introspected aud is a different resource is rejected — a token minted for mcp.gainium.io/read can't be replayed against mcp.gainium.io/mcp, and vice versa. Tokens with no aud (legacy grants) are still accepted.

Development

# Clone and install
git clone https://github.com/gainium/gainium-mcp.git
cd gainium-mcp
npm install

# Build
npm run build

# Run locally (for testing)
export GAINIUM_API_KEY=your_key
export GAINIUM_API_SECRET=your_secret
node dist/server.js

# Run in HTTP/SSE mode
export GAINIUM_MCP_TRANSPORT=http
export GAINIUM_MCP_PORT=3000
node dist/server.js

Architecture

gainium-mcp/
├── src/
│   ├── server.ts          # MCP server + tool definitions (stdio + HTTP/SSE transports)
│   └── gainium-client.ts  # HMAC-authenticated HTTP client for Gainium API v2
├── dist/                  # Compiled output (published to npm)
├── package.json
├── tsconfig.json
└── README.md

License

MIT

from github.com/Gainium/gainium-mcp

Install Gainium in Claude Desktop, Claude Code & Cursor

Recommended · one command, every IDE
unyly install gainium-mcp

Installs into Claude Desktop, Claude Code, Cursor & VS Code — handles npx, uvx and build-from-source repos for you.

First time? Get the CLI: curl -fsSL https://unyly.org/install | sh

Or configure manually

Run in your terminal:

claude mcp add gainium-mcp -- npx -y gainium-mcp

FAQ

Is Gainium MCP free?

Yes, Gainium MCP is free — one-click install via Unyly at no cost.

Does Gainium need an API key?

No, Gainium runs without API keys or environment variables.

Is Gainium hosted or self-hosted?

A hosted option is available: Unyly runs the server in the cloud, no local setup required.

How do I install Gainium in Claude Desktop, Claude Code or Cursor?

Open Gainium on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.

Related MCPs

Compare Gainium with

Not sure what to pick?

Find your stack in 60 seconds

Author?

Embed badge for your README

Browse similar

All ai MCPs