Set an Etherscan V2 API key for EVM transaction-history / allowance-enumeration / tx-explanation reads at runtime — no restart required. Takes precedence over ETHERSCAN_API_KEY env var and userConfig. One key works across all 5 supported EVM chains (Ethereum / Arbitrum / Polygon / Base / Optimism...
AI agents use set_etherscan_api_key to create or update resources in VaultPilot MCP — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your VaultPilot MCP environment.
| Parameter | Type | Required | Description |
|---|---|---|---|
apiKey | string | Yes | Etherscan V2 API key (34-char alphanumeric, e.g. ZQTKPM98R5N4YT8GMTBI3XR2P4HFZNTAYG). Get one for free at https://etherscan.io/myapikey. One key works across al |
Parameters from the server's own tool schema.
An AI agent can call set_etherscan_api_key faster than any human can review — one bad instruction and it creates or modifies resources in VaultPilot MCP by the hundred, each call as confident as the last.
Risk signalsHandles credentials or secrets (apiKey)
Attacks that exploit this kind of access
Set an Etherscan V2 API key for EVM transaction-history / allowance-enumeration / tx-explanation reads at runtime — no restart required. Takes precedence over ETHERSCAN_API_KEY env var and userConfig. One key works across all 5 supported EVM chains (Ethereum / Arbitrum / Polygon / Base / Optimism) via Etherscan's V2 unified API. Designed for the demo-mode flow where users want to enable tx-history / allowance / explain_tx tools without restarting their MCP client, but works in any mode. INPUT: bare API key only (34-char alphanumeric, e.g. ZQTKPM98R5N4YT8GMTBI3XR2P4HFZNTAYG). Pasting a URL is rejected to prevent prompt-injection redirects. WHERE TO GET ONE: https://etherscan.io/myapikey — sign in, click "Add", copy the key. Free tier covers personal-volume use comfortably (5 calls/sec, 100K calls/day). PERSISTENCE: process memory only. To save across restarts, run vaultpilot-mcp-setup (after exiting demo mode if applicable) and paste the same key when prompted. AGENT BEHAVIOR: when the user pastes a key in chat ('here's my Etherscan key: <34 chars>'), call this tool immediately. NEVER echo the key back in any subsequent response — treat it as secret-shaped. It is categorised as a Write tool in the VaultPilot MCP MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
set_etherscan_api_key accepts 1 parameter: apiKey. Required: apiKey. The full parameter table on this page comes from the server's own tool schema.
Register the VaultPilot MCP server in PolicyLayer and add a rule for set_etherscan_api_key: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches VaultPilot MCP. Nothing to install.
set_etherscan_api_key is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the set_etherscan_api_key rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for set_etherscan_api_key. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
set_etherscan_api_key is provided by the VaultPilot MCP server (vaultpilot-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.