Changelog

We tightened the boring-but-critical parts before public launch. Every public endpoint is now rate-limited with sliding windows backed by Upstash: signup, sign-in, forgot-password, tool-test, and every MCP tool call.

Both services ship with Helmet security headers and expose real /health/ready probes that check Redis + Postgres. Load balancers can now pull an unhealthy instance instead of routing to a zombie.

Admins can flip a maintenance flag that blocks write operations and paints an amber banner on every frontend. Individual projects can be disabled with one click if they start behaving badly.

Every external call (Etherscan, Sourcify, CoinGecko, RPCs, resource URLs) now goes through a shared retry+timeout wrapper with exponential backoff, so a single slow provider can't stall a tool call.

The build_unsigned_tx block lets you expose state-changing contract functions as MCP tools. Tool outputs include raw calldata, gas estimate, and a WalletConnect URI — your agents sign with their own wallet, we never touch keys.

Sampling support: configure how Claude and other clients handle AI-initiated sampling requests, with named templates and per-project toggles.

Analytics: per-project dashboards showing tool-call volume, error rate, p50/p95 latency, and a recent activity feed, plus email + webhook alerts on quota and error-rate thresholds.

Recipes bundle tools, prompts, and resources for a specific use case. A guided wizard walks you through contract import, configuration, and deployment.

Under two minutes from paste-address to a live MCP server with multiple tools and AI prompts ready to use.