Compose a transaction to attach Counterparty tokens to a specific UTXO
AI agents use compose_attach to create or update resources in 21e14 — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your 21e14 environment.
| Parameter | Type | Required | Description |
|---|---|---|---|
asset | string | Yes | Asset to attach |
address | string | Yes | Source Bitcoin address |
quantity | integer | Yes | Raw integer amount to attach. For divisible: human amount * 10^8. |
inputs_set | string | — | Comma-separated UTXOs to use as inputs (txid:vout) |
sat_per_vbyte | number | — | Fee rate in satoshis per virtual byte (e.g. 1, 5.5, 0.15). Check get_fee_estimate for current market rates. |
destination_vout | integer | — | Output index to attach to |
Parameters from the server's own tool schema.
This tool creates or modifies token state by composing a transaction that attaches tokens to a UTXO. While it doesn't directly broadcast or execute the transaction (that appears to be handled by broadcast_transaction or compose_broadcast), it materially alters financial asset positioning on a blockchain.
From the tool's definition The tool name 'compose_attach' combined with the description 'Compose a transaction to attach Counterparty tokens to a specific UTXO' indicates creation of a new transaction that modifies token ownership/attachment state on the Counterparty protocol.
Documented attack patterns abuse exactly the kind of access compose_attach gives an agent:
PolicyLayer is an MCP gateway — it sits between your AI agents and 21e14, and nothing reaches the server without passing your rules. This is the rule we recommend for compose_attach:
{
"version": "1",
"default": "deny",
"tools": {
"compose_attach": {
"limits": [
{
"counter": "compose_attach_rate",
"window": "minute",
"max": 30,
"scope": "grant"
}
]
}
}
}compose_attach stays usable, but capped — an agent stuck in a loop can't make hundreds of changes a minute. Everything else on the server is denied unless you say otherwise.
Free to start. No card required.
Compose a transaction to attach Counterparty tokens to a specific UTXO. It is categorised as a Write tool in the 21e14 MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
compose_attach accepts 6 parameters: asset, address, quantity, inputs_set, sat_per_vbyte, destination_vout. Required: asset, address, quantity. The full parameter table on this page comes from the server's own tool schema.
Register the 21e14 MCP server in PolicyLayer and add a rule for compose_attach: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches 21e14. Nothing to install.
compose_attach is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the compose_attach rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for compose_attach. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
compose_attach is provided by the 21e14 MCP server (@21e14/mcp-server). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Start from 21e14, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.
Free to start. No card required.
48 21e14 tools catalogued and risk-classified — across an index of 43,000+ MCP servers.