All-in-one MCP toolkit for the Pharos blockchain — in TypeScript.
Wallet operations · local-only signing · native & ERC-20 transfers · staking · contract deploy & verify · faucet · full chain exploration — from Claude Code, Cursor, Codex, or directly via the Vercel AI SDK.
Built for humans. Perfect for AI.
Everything in one workspace. Check balances, send transactions, deploy and verify contracts, stake, and explore blocks, tokens and accounts — without switching between the explorer and wallet UIs. The agent does the clicking; you stay in chat.
Your private key never leaves your machine. MCP only prepares unsigned transactions — signing happens locally with viem, and the key is never sent to the AI model or a remote server.
Two protection levels.
- Simple — a guard hook blocks the agent from reading
.env. - Secure — an encrypted keystore + a signing daemon in a separate, isolated process; the agent only ever receives the signed transaction.
Two ways to use.
- Subscription (free) — connect MCP to Claude Code / Cursor / Codex and use your existing subscription.
- AI SDK (developers) — programmatic agents via the Vercel AI SDK with Claude or OpenAI.
⚠️ Mainnet — real funds. This kit targets the Pharos mainnet (chainId 1672, native token PROS) behind the Exploreme explorer & API./sendand/deploymove real PROS — fund your address from an exchange or bridge. Prefer secure mode with manual approval (npm run signer -- --manual) so every signature needs your explicity/n. The faucet tools are testnet-only.
┌─────────────────────────────────┐
│ You (chat or code) │
├─────────────────────────────────┤
│ AI Agent (Claude / GPT) │
│ │
│ Sees: wallet address, │
│ MCP tool results │
│ Never sees: private key │
├───────────────┬─────────────────┤
│ local signing │ MCP Server │
│ (your machine)│ (remote) │
│ │ │
│ viem │ prepare_* │
│ │ broadcast │
│ Key in .env │ query / stake │
│ or keystore │ deploy / verify│
└───────────────┴─────────────────┘
Key principle: the private key NEVER leaves your machine. MCP prepares the unsigned tx → you sign locally → the signed tx is broadcast back through MCP.
# Clone
git clone https://github.com/stakeme-team/pharos-agent-kit
cd pharos-agent-kit
# Install
npm install
# Create a wallet (outputs only the public address)
npm run wallet:simple
# Open Claude Code
claudeClaude Code auto-detects .mcp.json and connects to the Pharos MCP server. Then
just chat:
"Show my PROS balance, then send 0.001 PROS to 0x5f98ce551fFbd3C5C6bA571e0F793F8ADE228F96 and wait for the receipt."
See also: Claude Code setup · Cursor setup · Codex setup · ready-made prompts
git clone https://github.com/stakeme-team/pharos-agent-kit
cd pharos-agent-kit
npm install
cp .env.example .env
npm run wallet:simple
# Edit .env: add ANTHROPIC_API_KEY or OPENAI_API_KEY
npm run demo:wallet # show wallet address & PROS balance
npm run demo:send # send PROS to your own address (safe self-send)
npm run demo:deploy # deploy & verify an EVM contractSwitch model provider in .env:
AI_PROVIDER=anthropic # or openaiBuilt-in Claude Code / Cursor skills (slash commands):
| Skill | What it does |
|---|---|
/wallet |
Set up a wallet and show your address & PROS balance |
/send |
Send PROS to a recipient address you specify |
/deploy |
Deploy and verify an EVM smart contract |
Private key in .env, protected by a guard hook that blocks the agent from reading it.
npm run wallet:simple
npm run security-test
# ✓ cat .env → BLOCKED
# ✓ grep PRIVATE .env → BLOCKED
# ✓ echo $PRIVATE_KEY → BLOCKED
# ✓ python3 read .env → BLOCKED
# ... 27/27 passed ✓Private key encrypted in a keystore, decrypted only inside a separate daemon process. The agent physically cannot reach the key — it only ever gets the signed hex back.
# Create an encrypted wallet
npm run wallet:secure
# Start the daemon (separate terminal)
npm run signer # auto-approve
npm run signer -- --manual # ask y/n per transaction┌───────────────────┐ ┌────────────────────┐
│ Agent │ │ Signer Daemon │
│ (no key access) │────▶│ (key in memory) │
│ │unix │ viem │
│ Gets: signed hex │◀────│ signs tx │
└───────────────────┘sock └────────────────────┘
In --manual mode every signing request prints the tx details and waits for your
y/n:
⚠ Sign transaction?
Type: TRANSFER
To: 0x5f98ce551fFbd3C5C6bA571e0F793F8ADE228F96
Value: 0.01 PROS (10000000000000000 wei)
Gas: 25200
Approve? [y/n]: y
✓ Signed
If you reject (n), the agent receives an error and tells you the transaction was declined.
Guard against supply-chain attacks in npm packages and run the signer with no network access:
docker compose run --rm install # install deps in a container
docker compose run --rm dev npx tsx examples/01-wallet-and-faucet.ts
docker compose up signer # signer daemon, NO network accessThe Pharos MCP server at https://api.pharos.exploreme.pro/mcp exposes 85+ tools —
mostly read queries across the chain, plus the write tools that prepare and broadcast
transactions:
| Category | Tools |
|---|---|
| Transactions (write) | prepare_native_transfer, prepare_erc20_transfer, prepare_erc721_transfer, prepare_erc1155_transfer, prepare_token_approval, prepare_contract_write, prepare_transaction, broadcast_signed_raw_transaction, wait_for_transaction |
| Staking (write) | prepare_delegate, prepare_undelegate, prepare_add_stake, prepare_withdraw_stake, prepare_claim_stake, prepare_claim_reward, prepare_compound_rewards |
| Balances / accounts | get_balance, get_token_balance, get_evm_account_by_address, get_account_token_summary, get_account_token_holdings, get_account_transactions, get_account_token_transfers |
| Blocks / transactions | list_evm_blocks, get_evm_block_by_height, list_evm_transactions, get_evm_transaction_by_hash, get_transaction_receipt, get_evm_transaction_logs |
| Contracts | read_evm_contract, get_evm_contract_code, get_evm_compiler_versions, verify_evm_contract_standard_json, verify_evm_contract_flattened, verify_evm_contract_multi_part |
| Tokens / NFTs | list_erc20_tokens, get_erc20_token_by_address, list_erc721_tokens, list_erc1155_tokens, get_erc721_token_holders, get_nft_info |
| Validators / staking data | list_validators, get_validator_by_address, get_staking_stats, get_account_delegations, get_top_delegators |
| Faucet (testnet only) | claim_faucet_tokens, get_faucet_payout_status |
| Explorer / chain | explorer_search, get_chain_network, get_gas_price, get_evm_gas_tracker, get_supported_networks |
pharos-agent-kit/
├── CLAUDE.md # Agent instructions for Pharos
├── .mcp.json # Claude Code MCP config
├── .cursor/mcp.json # Cursor MCP config
├── .codex/config.toml # Codex MCP config (via mcp-remote)
│
├── .claude/
│ ├── settings.json # Guard hook config
│ └── skills/ # /wallet · /send · /deploy
│
├── scripts/
│ ├── wallet-manager.ts # Create / import wallet (safe — address only)
│ ├── sign-tx.ts # Sign tx (stdin JSON → stdout signed hex)
│ ├── signer-daemon.ts # Signing daemon (secure mode)
│ ├── keystore-utils.ts # Encrypted keystore helpers
│ ├── guard.sh # Block agent from reading keys
│ └── security-test.ts # Test the guard (attack vectors)
│
├── src/ # AI SDK core library
│ ├── mcp-client.ts # MCP client factory
│ ├── wallet.ts # Local signing (simple / secure)
│ ├── signing-bridge.ts # Auto-sign prepare_* results
│ ├── agent.ts # Agent factory (Claude + OpenAI)
│ ├── index.ts # Library entry point
│ └── utils.ts # Env, MCP result parsing, helpers
│
├── examples/ # AI SDK demos
│ ├── 01-wallet-and-faucet.ts
│ ├── 02-send-tokens.ts
│ └── 03-deploy-and-verify.ts
│
├── contracts/
│ ├── SimpleStorage.sol
│ └── compiled/SimpleStorage.json
│
├── docs/ # setup guides + prompts
├── Dockerfile
└── docker-compose.yml
- Node.js 20+ and npm
- Docker — optional, recommended for supply-chain-isolated installs and the network-less signer
- Subscription path: Claude Pro/Max, Cursor Pro, or ChatGPT Pro
- AI SDK path: an Anthropic or OpenAI API key
MIT
Built by Stakeme · explorer at pharos.exploreme.pro