Skip to main content

Overview

Context is built on a Code Execution paradigm. Instead of rigid “tool calling” schemas, the Agent writes and executes TypeScript code to interact with the world. The architecture consists of four layers:
  1. The Marketplace — Supply of tools from developers
  2. The Agent — Demand from users executing queries
  3. The Protocol — Settlement layer on Base
  4. Context Injection — Portfolio data for personalized tools

The Marketplace (Supply)

Developers register Tools (the paid product) powered by standard Model Context Protocol servers. Just paste your endpoint URL and we auto-discover your skills via listTools().

Terminology

TermDefinition
ToolThe paid marketplace listing (what users see in the sidebar)
SkillThe execution function (can be called multiple times per tool payment)

How It Works

  1. You build an MCP server exposing your data/APIs
  2. You register it as an “MCP Tool” on Context with a price (e.g., $0.01/query)
  3. When users query the AI, it discovers and calls your skills via callMcpSkill()
  4. You get paid instantly in USDC on Base

The Data Broker Standard

Context is not a text-based chat platform — it is a Structured Data Marketplace. We treat your tool like a financial API, not a conversational bot.

Why outputSchema and structuredContent Matter

The MCP specification defines outputSchema and structuredContent as optional features for tools. Context requires them for all paid tools because structured data enables powerful marketplace features:
FeatureWithout SchemaWith Schema
AI Code GenerationAgent guesses response formatAgent writes precise parsing code
Type SafetyRuntime errors, broken parsingGuaranteed structure
Dispute ResolutionManual review requiredAuto-adjudicated on-chain
Trust SignalUnknown reliability”Data Broker” verified

Why Context Requires These Fields

While optional in vanilla MCP, Context requires structured outputs because:
  • AI Agent Benefit: The agent uses your outputSchema to write accurate TypeScript code that parses your response correctly.
  • Payment Verification: Our smart contracts can verify that your returned JSON matches your promised schema.
  • Dispute Resolution: Schema mismatches can be auto-adjudicated on-chain without manual review.
Result: You are not just a “Prompt Engineer” — you are a Data Broker selling verifiable information on-chain.

The Agent (Demand)

When a user asks a complex question (e.g., “Is it profitable to arb Uniswap vs Aave?”), the Agent:
1

Discover

Finds relevant tools from the marketplace (or uses pre-selected ones)
2

Plan

Creates a solution using composability
3

Write Code

Generates code to invoke the necessary paid Tools via callMcpSkill()
4

Execute

Runs the code securely in our sandbox
5

Pay

Transfers fees instantly to developers via ContextRouter
6

Synthesize

Combines results into a coherent answer
Composability is the superpower of Context. Any frontier model can stitch together disparate tools into a coherent workflow, creating infinite new use cases from your single MCP server.

The Protocol (Settlement)

All value flows through ContextRouter.sol on Base.

Payment Distribution

RecipientShare
Tool Developer90%
Protocol Treasury10%
When multiple tools are used, payments are batched into a single transaction.

Staking System

All tools (including free) require a minimum stake, enforced on-chain.
Tool TypeMinimum Stake
Free Tools$10 USDC
Paid Tools$10 USDC or 100× query price (whichever is higher)

Stake Properties

  • Fully refundable with a 7-day withdrawal delay
  • Creates accountability and enables slashing for fraud
  • On-chain enforcement via smart contracts

Security: Financial Protocol Architecture

We use Asymmetric Request Signing (RS256) to secure the marketplace. This is not just “auth” — it’s the foundation of a financial protocol.

Why This Matters

ApproachResult
Without AuthA toy — anyone can curl your endpoint
With Shared SecretsA security liability — secrets can leak
With Asymmetric SigningProfessional infrastructure (like Stripe/Visa)

How It Works

  1. Platform signs requests with a private key (stored securely in environment)
  2. Tool servers verify requests using the public key (distributed via SDK)
  3. Short-lived tokens (2-minute expiration) prevent replay attacks

JWT Claims

ClaimDescription
isshttps://ctxprotocol.com (issuer)
audTool endpoint URL (audience)
toolIdDatabase ID of the tool being called
iatIssue timestamp
expExpiration (2 minutes from issue)

For MCP Tool Developers

Secure your endpoint with a single line: 
import { createContextMiddleware } from "@ctxprotocol/sdk";

// 1 line to secure your endpoint
app.use("/mcp", createContextMiddleware());

Context Injection (User Data)

For tools that need access to user-specific data (e.g., “Analyze my positions” or “Check my balances”), Context uses a Context Injection pattern.
Beyond Crypto: While we currently focus on on-chain portfolio data, this system is designed to inject any type of user context (identity, preferences, etc.) in the future without exposing sensitive credentials.
StepWhoAction
1UserLinks external wallet/account in Settings
2Context AppChecks tool’s x-context-requirements in inputSchema
3Context AppFetches data from protocol APIs (client-side)
4Context AppInjects data as portfolio argument to tool
5MCP ToolReceives ready-to-analyze data, returns insights

Why This Matters

  • No Auth Required: Public data is fetched by the platform, so you don’t need to handle API keys or user login.
  • Security: MCP servers never see private keys or credentials.
  • Simplicity: Tool developers receive structured data directly in tool arguments.

Currently Supported

We are starting with high-value crypto data types:
Context TypeDescriptionInjected Data
"hyperliquid"Hyperliquid perpetuals & spotPositions, balances, account summary
"polymarket"Polymarket prediction marketsPositions, orders, market data
"wallet"Generic EVM walletAddress, token balances for any chain

Declaring Context Requirements

If your tool needs user data, declare it using the _meta.contextRequirements field: 
{
  name: "analyze_my_positions",
  
  // ✅ Use _meta for custom tool metadata (MCP spec)
  _meta: {
    contextRequirements: ["hyperliquid"]  // or "polymarket", "wallet"
  },
  
  inputSchema: {
    type: "object",
    properties: {
      portfolio: { type: "object" }
    },
    required: ["portfolio"]
  }
}
Why _meta? The MCP SDK strips non-standard fields from tools. The _meta field is part of the MCP specification for arbitrary tool metadata and is preserved through transport.

Tool Safety Limits

Each tool invocation runs inside a sandboxed code-execution environment.

MCP Tools Limits

LimitValue
Max calls per turn100
VM timeout5000ms
Every callMcpSkill({ toolId, toolName, args }) increments an internal counter. Once executionCount >= 100, the platform throws an error for that turn.

Economic Model

ScenarioBehavior
Free tools ($0.00)Can be used immediately without payment
Paid toolsRequire user authorization via the sidebar
Multiple paid toolsSingle batched transaction