Automation and AI
This section is for builders who want read access to chain data and limited writes from automated workflows. MCP servers, SDK modules, and explicit permission scopes support that pattern. They do not replace a threat model: you still decide what an agent may spend, to which addresses, and for how long.
Core pillars
| Pillar | Description | Primary tool |
|---|---|---|
| Connectivity | Expose chain reads and scoped actions to MCP clients. | Rootstock MCP Server |
| SDK | Read state and submit guarded transactions from your stack. | Rootstock SDK base |
| Indexing | Historical and aggregate data for dashboards and automation. | The Graph on Rootstock |
Key concepts
1. Model Context Protocol (MCP)
MCP connects clients to tools and data sources. The Rootstock MCP Server can read balances, contract state, and gas estimates so responses reflect current chain data. Writes still need user-approved keys or policies you control.
2. Spend permissions and session keys
Automation should not hold an unrestricted private key. Use spend permissions or session scopes that limit amount, destination, and duration for any transfer a model can request.
3. Rules-based actions
With clear rules and permissions, a workflow can react to on-chain signals (for example vault or price conditions). You own the policy, monitoring, and rollback path. No guide here guarantees returns or strategy performance.
Tools
- Rootstock MCP Server: Exposes chain reads and safe actions to MCP clients.
- LangChain / Eliza: Orchestration frameworks you can point at Rootstock RPC and wallets.
- Safe SDK: Multi-sig and policy-based execution for high-value automation.
Implementation guides
Published guides in this section are listed below.