Command Palette

Search for a command to run...

UnylyUnyly
Browse all

Hive Agent Kyc

FreeNot checked

Routes blockchain address screening to third-party KYC/AML providers and checks public sanctions lists, serving as a clean-money gate primitive for MCP-compatib

GitHubEmbed

About

Routes blockchain address screening to third-party KYC/AML providers and checks public sanctions lists, serving as a clean-money gate primitive for MCP-compatible agents.

README

Hive Civilization MCP Gateway · broker / observer layer · CLEAN-MONEY gate

hive-mcp-agent-kyc

Broker / observer layer for KYC/AML screening · CLEAN-MONEY gate primitive

Smithery Glama Live Release License

https://hive-mcp-gateway.onrender.com/agent-kyc/mcp


Scope disclaimer

Hive Agent KYC is a broker/observer layer. It routes screening requests to third-party providers and surfaces public sanctions list matches. It is not a regulated money-services business, does not make custody, lending, or transaction-permitting decisions, and does not issue compliance attestations on behalf of regulated entities. Final compliance determinations remain with the requesting agent and its operator.

This disclaimer is also surfaced verbatim in every tool's response payload, in /.well-known/agent.json, and in the JSON-LD description.


What this is

hive-mcp-agent-kyc is a Model Context Protocol (MCP) server that any MCP-compatible client (Claude Desktop, Cursor, Manus, agent runtimes) can call to:

  1. Route a blockchain address screening request to one of three third-party KYC/AML providers — Chainalysis, TRM Labs, or Elliptic — and return the provider's risk score and flags verbatim (no enrichment, no Hive scoring layer).
  2. Check public sanctions list matches against the OFAC SDN list and the FATF high-risk-jurisdiction lists.
  3. Read back an audit-log entry for a prior query (DID + timestamp + provider + result code only — no PII).

What this does not do:

  • It does not hold custody of any KYC documents.
  • It does not make a final allow/deny determination on a transaction.
  • It does not issue an attestation that a person/entity is "KYC'd by Hive".
  • It does not operate as a money-services business.

The purpose is to be the CLEAN-MONEY gate primitive that other Hive surfaces (Vault, Trade, Swap, Treasury) can call before settling. Compliance determinations remain with the calling operator.

  • Protocol: MCP 2024-11-05 over Streamable-HTTP / JSON-RPC 2.0
  • Transport: POST /mcp
  • Discovery: GET /.well-known/mcp.json, GET /.well-known/agent.json
  • Health: GET /health
  • Settlement: real x402 — USDC on Base L2 to wallet 0x15184bf50b3d3f52b60434f8942b7d52f2eb436e. No mock. No simulated.
  • Backend status: provider partnership keys pending — agent_kyc_screen_address returns 503 with backend_pending: true until configured. Public list tools (OFAC, FATF) return real data today.
  • Brand gold: Pantone 1245 C / #C08D23

Tools

Tool Cost Description
agent_kyc_screen_address $0.10 USDC (Base) Route screening request to Chainalysis / TRM Labs / Elliptic. Returns provider response verbatim. 503 backend_pending until keys configured.
agent_kyc_check_ofac_list free Check identifier against OFAC SDN public list. Cached 24h.
agent_kyc_check_fatf_list free Check ISO-3166 country code against FATF Call-for-Action and Increased-Monitoring lists.
agent_kyc_query_status free Read prior audit-log entry by query_id. Returns DID + timestamp + provider + result code + address hash. No PII.

agent_kyc_screen_address

{
  "name": "agent_kyc_screen_address",
  "arguments": {
    "address": "0x...",
    "chain": "base",
    "provider": "chainalysis",
    "requester_did": "did:hive:agent-vault"
  }
}

Until partnership keys are configured, returns:

{
  "ok": false,
  "status": 503,
  "backend_pending": true,
  "message": "Third-party screening backend not yet configured...",
  "x402": {
    "recipient": "0x15184bf50b3d3f52b60434f8942b7d52f2eb436e",
    "chain": "base",
    "asset": "USDC",
    "amount_usdc": 0.10
  }
}

agent_kyc_check_ofac_list

{
  "name": "agent_kyc_check_ofac_list",
  "arguments": { "identifier": "0x...", "identifier_type": "address" }
}

Returns the cache age, source URL (treasury.gov), and a deterministic match flag against the cached SDN list.

agent_kyc_check_fatf_list

{
  "name": "agent_kyc_check_fatf_list",
  "arguments": { "country_code": "IR" }
}

Returns category (call_for_action | increased_monitoring | not_listed) + FATF source URL.

agent_kyc_query_status

{
  "name": "agent_kyc_query_status",
  "arguments": { "query_id": "..." }
}

Audit log

The audit log stores only these fields per query, in memory:

  • query_id (UUID)
  • did (requesting agent's DID)
  • ts (ISO-8601 timestamp)
  • provider (chainalysis | trm | elliptic | ofac_public | fatf_public)
  • result_code (HTTP status returned)
  • address_hash (first 16 hex chars of SHA-256 of lowercase identifier)

Raw addresses, names, and PII are never stored. Operators wanting durable logs route them to their own SIEM via webhook (not a Hive responsibility).


Connect

Claude Desktop

{
  "mcpServers": {
    "hive-agent-kyc": {
      "url": "https://hive-mcp-gateway.onrender.com/agent-kyc/mcp"
    }
  }
}

Cursor / Manus / generic MCP client

Point your client at:

https://hive-mcp-gateway.onrender.com/agent-kyc/mcp

Streamable-HTTP transport, JSON-RPC 2.0, MCP 2024-11-05.

Local

git clone https://github.com/srotzin/hive-mcp-agent-kyc
cd hive-mcp-agent-kyc
npm install
node server.js
# server runs on :3000

To enable the screening provider routing locally, set any of:

export CHAINALYSIS_API_KEY=...
export TRM_API_KEY=...
export ELLIPTIC_API_KEY=...

When no key is set, agent_kyc_screen_address returns 503 backend_pending. The OFAC and FATF tools work without keys.


Settlement

Real x402 rails. The screening tool quotes:

recipient : 0x15184bf50b3d3f52b60434f8942b7d52f2eb436e
chain     : Base L2
asset     : USDC
amount    : $0.10 USDC per screen call

No mock. No simulated. No testnet pretending to be mainnet. While the screening backend is in backend_pending, no charge is applied — the x402 quote is informational so calling agents can pre-flight payment configuration.


Hive doctrine context

This server is the CLEAN-MONEY gate primitive in the Hive Civilization three-gate doctrine (NEED + YIELD + CLEAN-MONEY). Any other Hive surface that touches settlement is expected to call agent_kyc_screen_address and the public-list tools before clearing.

It is intentionally a thin broker: enrichment, scoring, and final decision remain with the third-party provider and the operator, respectively. Hive does not become a regulated MSB by routing.


License

MIT — see LICENSE.


#C08D23 · Hive Civilization · 2026

Hive Civilization Directory

Part of the Hive Civilization — agent-native financial infrastructure.

Brand: #C08D23

from github.com/srotzin/hive-mcp-agent-kyc

Install Hive Agent Kyc in Claude Desktop, Claude Code & Cursor

Recommended · one command, every IDE
unyly install hive-mcp-agent-kyc

Installs into Claude Desktop, Claude Code, Cursor & VS Code — handles npx, uvx and build-from-source repos for you.

First time? Get the CLI: curl -fsSL https://unyly.org/install | sh

Or configure manually

Run in your terminal:

claude mcp add hive-mcp-agent-kyc -- npx -y github:srotzin/hive-mcp-agent-kyc

FAQ

Is Hive Agent Kyc MCP free?

Yes, Hive Agent Kyc MCP is free — one-click install via Unyly at no cost.

Does Hive Agent Kyc need an API key?

No, Hive Agent Kyc runs without API keys or environment variables.

Is Hive Agent Kyc hosted or self-hosted?

Self-hosted: the server runs locally on your machine via the install command above.

How do I install Hive Agent Kyc in Claude Desktop, Claude Code or Cursor?

Open Hive Agent Kyc on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.

Related MCPs

Compare Hive Agent Kyc with

Not sure what to pick?

Find your stack in 60 seconds

Author?

Embed badge for your README

Browse similar

All ai MCPs