// MCP TOOL REFERENCE
Critical Risk →

flipr_flip

Execute a coin flip on Flipr.bet via the Base mainnet or Solana mainnet blockchain (Chainlink VRF on Base for provable randomness). Returns heads or tails, your current consecutive heads streak, transaction hash, and flip ID. Consecutive HEADS build your streak. The 2-hour pot awards 80% to walle...

Risk signalsBulk/mass operation — affects multiple targets

Part of the Flipr X402 server.

flipr_flip can permanently delete data in Flipr X402, with no limits today. PolicyLayer puts allow, deny, and rate-limit rules on every call. Live in minutes.

SECURE FLIPR X402 →

Free to start. No card required.

WHEN AGENTS USE THIS TOOL

AI agents may call flipr_flip to permanently remove or destroy resources in Flipr X402. Without a policy, an autonomous agent could delete critical data in a loop with no way to undo the damage. PolicyLayer blocks destructive tools by default and requires explicit human approval before enabling them.

Without a policy, an AI agent could call flipr_flip in a loop, permanently destroying resources in Flipr X402. There is no undo for destructive operations. PolicyLayer blocks this tool by default and only allows it when a human explicitly approves the action.

RECOMMENDED POLICY

Destructive tools permanently remove data. Block by default. Only enable with explicit approval workflows.

policy.json 
{
  "version": "1",
  "default": "deny",
  "hide": [
    "flipr_flip"
  ]
}

See the full Flipr X402 policy for all 19 tools.

Get this rule live on your own Flipr X402 server in minutes. PolicyLayer enforces it on every call, before it runs.

ENFORCE ON MY FLIPR X402 →

MORE FLIPR X402 TOOLS

Financial flipr_withdraw Destructive flipr_opportunity_unsubscribe Write flipr_opportunity Write flipr_referral_link Write flipr_referral_register Read flipr_agent_stats Read flipr_bridge_status Read flipr_game_info

View all 19 tools →

WHAT CAN GO WRONG

These attack patterns abuse exactly the kind of access flipr_flip gives an agent. Each links to the full case and the policy that stops it:

Browse the full MCP Attack Database →

Every attack above starts with a tool call. PolicyLayer checks each one against your policy first, so flipr_flip only ever does what you allow.

SECURE FLIPR X402 →

OTHER DESTRUCTIVE TOOLS

Other destructive tools across the catalogue. The same approach applies to each: deny by default, or require human approval.

AbraFlexi contact_delete AbraFlexi evidence_delete AbraFlexi invoice_issued_delete AbraFlexi product_delete ACR — Agent Composition Records acknowledge_signal Ae ae_delete_layer

RELATED READING

FAQ

What does the flipr_flip tool do? +

Execute a coin flip on Flipr.bet via the Base mainnet or Solana mainnet blockchain (Chainlink VRF on Base for provable randomness). Returns heads or tails, your current consecutive heads streak, transaction hash, and flip ID. Consecutive HEADS build your streak. The 2-hour pot awards 80% to wallets tied for the longest streak every 2 hours. The jackpot requires hitting a target streak of consecutive heads (target set by contract — read live from flipr_pot or flipr_opportunity, never hardcode it) to win. Streaks persist across rounds (not reset by 2-hour pot boundaries). Check flipr_opportunity for ROI analysis before flipping. Cost: 0.0005 ETH game entry + gas + margin, paid in USDC. Accepts payment on Base mainnet OR Solana mainnet (auto-bridged). See http://localhost:4402/integration#solana for details. [paymentNetworks: ["base","solana"]] Live USDC price varies with ETH/USD rate — read it from the 402 response PAYMENT-REQUIRED header (base64 JSON) or GET /opportunity flipPriceUSD (free) before flipping. [pricing: {"costETH":"0.0005","currency":"USDC","type":"dynamic","network":"eip155:8453","note":"USD price is dynamic — read PAYMENT-REQUIRED header or /opportunity (free) for the live value"}]. It is categorised as a Destructive tool in the Flipr X402 MCP Server, which means it can permanently delete or destroy data. Block by default and require explicit approval.

How do I enforce a policy on flipr_flip? +

Register the Flipr X402 MCP server in PolicyLayer and add a rule for flipr_flip: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Flipr X402. Nothing to install.

What risk level is flipr_flip? +

flipr_flip is a Destructive tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.

Can I rate-limit flipr_flip? +

Yes. Add a rate_limit block to the flipr_flip rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block flipr_flip completely? +

Set action: deny in the PolicyLayer policy for flipr_flip. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides flipr_flip? +

flipr_flip is provided by the Flipr X402 MCP server (https://flipr-x402.fly.dev/mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every Flipr X402 tool call.

Deterministic rules across all 19 Flipr X402 tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

SECURE FLIPR X402 →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.