Bands are an MCP-server control. They govern which tools the LLM can see in an MCP session. The SDK and REST API do not have bands — they expose their full surface to whatever code holds the API key. For non-MCP integrations, scope at the agent-token / policy layer instead.
The 4 Bands
| Band | Tools | What the Agent Can Do |
|---|
| read (default) | get_balance, get_all_balances, get_price, get_fee_quote, resolve_asset, get_tx_status, get_tx_history | Query balances, prices, fees, assets, transaction status |
| prepare | + prepare_transfer, prepare_serialized_unsigned_tx, prepare_onramp | Construct unsigned transaction payloads (no execution) |
| sign | + get_wallet_address, sign_transaction, create_wallet, create_agent_api_key, create_custom_policy* | Signing and wallet management (MPC) |
| broadcast | + send_transaction | Sign and submit transactions to the blockchain |
Configuration
Set the MCP_BANDS environment variable:
| Value | Active Bands |
|---|
read | read |
read,prepare | read + prepare |
read,prepare,sign | read + prepare + sign |
full | all 4 bands |
read. Start narrow, expand as needed.
{
"mcpServers": {
"walletsuite": {
"command": "npx",
"args": ["-y", "@walletsuite/mcp-server"],
"env": {
"WALLETSUITE_API_KEY": "your-key",
"MCP_BANDS": "read,prepare"
}
}
}
}
How It Works
Agent sends tool call
→ MCP Server checks: is this tool in the active band set?
→ YES: execute the tool, return result
→ NO: tool does not exist in the schema — the agent never sees it
MCP_BANDS=read has 7 tools in its schema. An agent with MCP_BANDS=full has 16 tools in owner mode, 13 in agent mode (create_wallet, create_agent_api_key, and create_custom_policy are owner-only). There is nothing to bypass because the restricted tools were never registered.
Every tool carries advisory metadata that helps MCP clients categorize behavior:
| Band | Read-only | Destructive | Idempotent | Open-world |
|---|
| read | yes | no | yes | yes |
| prepare | no | no | no | yes |
| sign | no | no | yes | no |
| broadcast | no | yes | no | yes |
Multi-Agent Pattern
Run multiple MCP server instances with different band configurations to implement role-based access:
| Agent Role | Band Config | Tools Visible | Purpose |
|---|
| Monitoring agent | MCP_BANDS=read | 7 | Portfolio queries, price alerts |
| Treasury agent | MCP_BANDS=read,prepare | 10 | Prepare transactions for review |
| Executor agent | MCP_BANDS=full | 13 | Sign and broadcast (policy-gated, agent mode) |
not_available errors if the backend feature is not enabled for your API key (e.g., swaps, staking, NFTs). This is a separate layer:
- Bands control the MCP tool schema (which tools exist)
- Feature gates control the backend API (which tools succeed)
A tool gated by the backend returns a structured error with category: "not_available" and a message explaining why. See Structured Errors for how to handle these.
Why Start with Read
Read-only tools answer most wallet questions without creating transfer payloads or exposing any signing surface:
- “What’s my ETH balance?” —
get_balance
- “How much is 1 ETH in USD?” —
get_price
- “What would the gas fee be for this transfer?” —
get_fee_quote
- “Show me recent transactions” —
get_tx_history
A safe rollout pattern:
- Start with
read — prove the integration works
- Add
prepare when you need transaction construction
- Add
sign when you are ready to sign transactions through MPC
- Add
broadcast when you are ready to execute on-chain actions
Each step is a deliberate expansion, not an accident.