Recently, the Model Context Protocol (MCP) has rapidly become the 'new infrastructure' of the AI ecosystem due to the promotion by organizations like Anthropic and the swift adoption by giants such as OpenAI, Microsoft, and Google. It achieves seamless connection between AI and local tools, databases, and APIs through standardized interfaces, greatly expanding the execution capabilities of agents, and is seen by the industry as the 'USB-C interface of AI'. In the Web3 industry, MCP-related applications have also begun to emerge. However, this protocol is currently in a 'chaotic' phase, facing multiple security risks and new attack surfaces, and can refer to SlowMist's recently released MCP attack surface and security checklist.
SlowMist has conducted in-depth security research on MCP in the context of Web3 wallet management, finding that Web3 MCP wallet applications need to consider not only key lifecycle security but also the interaction security between MCP, LLMs, Clients, and Hosts. Therefore, we have compiled the following MCP wallet security audit items from the perspective of MCP project parties to help them conduct security audits on MCP wallet applications, improve the overall security of MCP applications, and enable project teams and users to resist new types of attack methods as much as possible during this 'chaotic' phase.
At the same time, SlowMist will continue to improve the Web3 wallet security audit section: Web wallet security audit, browser extension wallet security audit, mobile/desktop wallet security audit, hardware wallet security audit, MCP wallet security audit, and other services (https://www.slowmist.com/service-wallet-security-audit.html).
The following are the MCP wallet security audit items:
Note: If it is necessary to develop and use a Web3 MCP wallet, SlowMist strongly recommends adopting white-box auditing to ensure comprehensive audit coverage.
The Web3 MCP wallet is not only a type of application within the MCP project ecosystem. Currently, many Web3 projects have launched dedicated MCP applications based on their business needs. SlowMist's Web3 MCP wallet security audit service primarily focuses on asset security assurance. With the thriving development of the MCP application market, the interaction between diversified MCP applications and Agents will face more complex business scenarios. Through security audits, new attack surfaces can be effectively avoided from the architectural design level, reducing potential risk losses while promoting a healthier and more robust development of the entire ecosystem.