// SCAN REPORT

Xrpl mcp

71 tools. 53 can modify or destroy data without limits.

28 destructive tools with no built-in limits. Policy required.

Last updated: 12 Jun 2026

53 can modify or destroy data

18 read-only

71 tools total

Community server · catalogue entry verified 12/06/2026

How to control Xrpl mcp ↓

TOOL MAP

What Xrpl mcp exposes to your agents

Read (18) Write / Execute (25) Destructive / Financial (28)

Running more than one server? Check your whole stack →

MOST DANGEROUS TOOLS

Critical Risk

The most dangerous Xrpl mcp tools

Financial · High amm-deposit Depositing assets into an AMM constitutes a financial transaction that commits cryptocurrency or tokens, creating financial obligations and fund transfers on the blockchain. Financial · Critical transfer-token This tool moves money or financial assets (tokens on XRP Ledger) from one address to another. Financial · Critical transfer-xrp This tool directly moves money (XRP cryptocurrency) between accounts. Financial · High amm-bid Placing a bid on an AMM involves committing financial resources (XRP or tokens) to acquire auction slot rights on the AMM.

53 of Xrpl mcp's 71 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control Xrpl mcp

PolicyLayer is an MCP gateway — it sits between your AI agents and Xrpl mcp, and nothing reaches the server without passing your rules. These are the rules we recommend:

Block financial tools by default

{
  "amm-deposit": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Requires human approval."
      }
    ]
  }
}

Financial tools should be explicitly enabled per use case, not open by default.

Deny destructive operations

{
  "amm-delete": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations

{
  "deposit-preauth": {
    "limits": [
      {
        "counter": "deposit-preauth_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations

{
  "check-token-balance": {
    "limits": [
      {
        "counter": "check-token-balance_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

Create a free account and register Xrpl mcp — nothing to install.
Add these rules — paste them, or build them visually. Tune the limits to your setup.
Point your MCP client (Claude, Cursor, anything) at your gateway URL.

ENFORCE POLICY ON XRPL →

Free to start. No card required.

FULL CATALOGUE

All 71 Xrpl mcp tools

FINANCIAL 17 tools

Financial amm-deposit Deposit assets into an existing Automated Market Maker (AMM) on the XRP Ledger Financial transfer-token Transfer tokens between addresses Financial transfer-xrp Transfer XRP between accounts using the connected wallet or a named wallet Financial check-cash Cash a Check to receive funds from it Financial amm-bid Place a bid on an Automated Market Maker Financial amm-clawback Clawback assets from an Automated Market Maker (AMM) Financial amm-create Create a new Automated Market Maker (AMM) on the XRP Ledger Financial approve-transaction Approve a pending transaction, signing and submitting it to the XRP Ledger. This is a destructive action that Financial batch-payment Submit a batch of payment transactions. This is a convenience wrapper around batch-submit for common payment b Financial escrow-finish Finish an Escrow on the XRP Ledger, releasing funds to the recipient Financial offer-create Create an Offer (order) in the XRP Ledger Financial payment Send a payment from one account to another on the XRP Ledger Financial payment-channel-claim Claim funds from a Payment Channel on the XRP Ledger Financial payment-channel-create Create a Payment Channel on the XRP Ledger for off-ledger payments Financial payment-channel-fund Add additional XRP to an existing Payment Channel Financial token-clawback Claw back tokens issued by your account from a holder Financial token-escrow-create Create an Escrow for fungible tokens (Trust Line Tokens or MPTs) on the XRP Ledger. Requires the TokenEscrow a

DESTRUCTIVE 11 tools

Destructive amm-delete Delete an Automated Market Maker (AMM) from the XRP Ledger Destructive credential-delete Delete a credential from the XRP Ledger. Either the issuer or the subject can delete a credential at any time. Destructive delete-account Delete an XRP Ledger account and send remaining XRP to a destination account Destructive escrow-cancel Cancel an unexecuted Escrow on the XRP Ledger Destructive mpt-issuance-destroy Destroy/delete a Multi-Purpose Token (MPT) issuance. The issuance must have zero outstanding tokens. Destructive offer-cancel Cancel an existing Offer (order) in the XRP Ledger Destructive oracle-delete Delete an Oracle object on the XRP Ledger Price Oracle amendment is required Destructive permissioned-domain-delete Delete a Permissioned Domain from the XRP Ledger. Only the domain owner can delete a domain. Destructive check-cancel Cancel an uncashed Check on the XRP Ledger Destructive deactivate-did Deactivate a DID by marking it as revoked Destructive reject-transaction Reject a pending transaction, preventing it from being signed or submitted.

EXECUTE 3 tools

Execute transfer-nft Transfer NFT between addresses Execute amm-vote Vote on parameters for an Automated Market Maker (AMM) Execute batch-submit Submit a batch of up to 8 transactions atomically on the XRP Ledger. Batch transactions allow multiple operati

WRITE 22 tools

Write deposit-preauth Grant or revoke preauthorization for an account to deliver payments to your account Write check-create Create a Check that can be cashed by the destination account Write approve-token-spending Establish trust line to approve token usage Write connect-to-xrpl Connect to XRP Ledger using seed from .env or create a new wallet. Registers the wallet in the custody system. Write create-did Create a decentralized identifier (DID) for an XRPL account Write credential-accept Accept a credential that was issued to your account. The credential must be accepted by the subject for it to Write credential-create Create a credential on the XRP Ledger. The issuer creates credentials to attest facts about a subject account Write delegate-set Delegate transaction permissions to another account on the XRP Ledger. Allows an account to authorize another Write escrow-create Create an Escrow on the XRP Ledger to hold funds until a condition is met or time passes Write mpt-authorize Authorize an account to hold a Multi-Purpose Token (MPT), or as a holder, opt-in to hold an MPT. For MPTs with Write mpt-issuance-create Create a new Multi-Purpose Token (MPT) issuance on the XRP Ledger. MPTs are optimized fungible tokens for use Write mpt-issuance-set Modify the properties of an existing Multi-Purpose Token (MPT) issuance. Can lock/unlock the issuance or updat Write nft-mint Create a non-fungible token on the XRP Ledger Write nft-modify Modify the URI of a dynamic NFT (dNFT) on the XRP Ledger. The NFT must have been minted with the tfMutable fla Write oracle-set Set or update Oracle data on the XRP Ledger (Requires Price Oracle amendment) Write permissioned-domain-set Create or modify a Permissioned Domain on the XRP Ledger. Permissioned Domains define access rules based on cr Write set-account-properties Set or modify account properties on the XRP Ledger Write set-default-wallet Set the default wallet used for transactions when no wallet name is specified. Write set-regular-key Assign, change, or remove a regular key pair for an account Write set-trustline Create or modify a trust line on the XRP Ledger, allowing you to hold non-XRP assets Write ticket-create Create one or more sequence number tickets on the XRP Ledger Write update-did Update a DID document with new properties

READ 18 tools

Read check-token-balance Check token balance for an address Read credential-get-info Get information about a specific credential on the XRP Ledger. Read credentials-list List all credentials for an account (either as issuer or subject). Read delegate-list List all delegate permissions for an account. Read delegate-list-permissions List all available permission names that can be delegated. Read get-account-info Get account information from the XRP Ledger Read get-audit-log Retrieve the audit log of all signing and transaction operations, optionally filtered by wallet, tool, or netw Read get-nft-collection Get all NFTs owned by an address Read get-nft-metadata Get NFT collection and token metadata Read get-token-metadata Get token metadata (name, symbol, decimals, supply) Read list-pending-transactions List all transactions that are pending approval. These are transactions that have been prepared but not yet si Read list-wallets List all registered wallets in the custody system, showing their names, addresses, and types. Read mpt-get-balance Get the MPT balance for a specific account. Read mpt-get-info Get information about a Multi-Purpose Token (MPT) issuance including metadata, supply, and flags. Read permissioned-domain-get-info Get information about a Permissioned Domain on the XRP Ledger. Read permissioned-domains-list List all Permissioned Domains owned by an account. Read verify-nft-ownership Verify if an address owns a specific NFT Read resolve-did Resolve a DID to retrieve its DID document

EXPLORE

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

FAQ

Questions about Xrpl mcp

Can an AI agent move money through the Xrpl MCP server? +

Yes. The Xrpl mcp server exposes 17 financial tools including amm-deposit, transfer-token, transfer-xrp. Without a policy, an autonomous agent can call these with no spend caps, no rate limits, and no approval flow. PolicyLayer lets you block financial tools by default, require human approval, or set per-tool rate limits — enforced on every call.

Can an AI agent delete data through the Xrpl MCP server? +

Yes. The Xrpl mcp server exposes 11 destructive tools including amm-delete, credential-delete, delete-account. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Xrpl mcp? +

The Xrpl mcp server has 22 write tools including deposit-preauth, check-create, approve-token-spending. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Xrpl mcp.

How many tools does the Xrpl MCP server expose? +

71 tools across 4 categories: Destructive, Financial, Read, Write. 18 are read-only. 53 can modify, create, or delete data.

How do I enforce a policy on Xrpl mcp? +

Register the Xrpl MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Xrpl mcp tool call.

Deterministic rules across all 71 Xrpl mcp tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON XRPL →

Free to start. No card required.

71 Xrpl mcp tools catalogued and risk-classified — across an index of 43,000+ MCP servers.