Funding Proposal by VertexPoint Labs: Canton Network MCP + Skills#324
Funding Proposal by VertexPoint Labs: Canton Network MCP + Skills#324sunstrike228 wants to merge 1 commit into
Conversation
Two complementary open-source packages (Apache 2.0) for AI-assisted Canton development: @canton-network/mcp (21 deterministic tools across 4 layers) and @canton-network/skills (13 canonical topics across 6 platform formats). Total 675,000 CC over 8 weeks across 3 milestones, with NODERS-style adoption-tied bonus (50,000 CC per verified independent adopter, capped at 3). Covers daml-tooling and canton-apis Dev-Fund template categories.
sunstrike228
requested review from
hythloda,
isegall-da,
stas-sbi,
tkatrichenko and
waynecollier-da
|
@sunstrike228, your proposal is missing a Special Interest Group (SIG) label. Adding the right SIG label ensures the relevant domain experts can find and review your proposal, Check more about SIGs. Please add one of the following labels to this PR:
Not sure which one fits? Pick the closest match to your proposal's domain. You can add a label from the right sidebar under "Labels". |
|
cc @Andrew-Pohl @LimKianAn @Denend @nycnewman @mziolekda @monsieurleberre @hrischuk-da @paulbrauner-da @v9n - would appreciate your feedback. |
|
Surfacing that two orgs in the ecosystem provide Canton and daml focused MCP tools |
| - **Build Canton projects in minutes, not weeks.** A full DAML repo skeleton (`daml.yaml`, JSON v2 client, JWT helpers, validator bootstrap script), generated in 30 seconds from a single prompt. The LLM does the work; the developer ships. | ||
| - **Canton data accessibility for all LLMs.** Any LLM or agent can read live Featured App metrics, in real time and historically: overuse %, traffic burnt, reward markers emitted per \$1 burnt, transaction history, active-contract state, AmuletRules data, mining-round info, Amulet balances. Build complex analytics, dashboards, monitoring, and reward-tracking flows directly on Canton data, with no per-project API integration. Expose those capabilities to other projects via the MCP standard. Canton data becomes first-class context for AI workflows. | ||
| - **Composability with existing Canton dApps.** The MCP introspects published Splice templates, dApp libraries, and on-network deployments. When a developer asks the LLM to "build a tokenised asset that integrates with X" or "extend dApp Y", the LLM has the right context to compose with what already exists rather than reinventing it. Real collaboration between human builders, existing useful projects, and AI agents, all mediated by the MCP. | ||
| - **Canton documentation search** across all 4 doc sites (`docs.daml.com`, `docs.digitalasset.com`, `docs.sync.global`, `hyperledger-labs/splice`) via BM25 + vector retrieval. Any LLM gets accurate, version-current Canton answers grounded in the source documentation. |
There was a problem hiding this comment.
I believe docs.daml.com only really relates to Canton V2 (not on Canton Network). Splice has moved to canton-foundation Github org.
There was a problem hiding this comment.
Correct catch, thanks. Will push a fixup commit to the proposal.
| **v1 features:** | ||
|
|
||
| - **Build Canton projects in minutes, not weeks.** A full DAML repo skeleton (`daml.yaml`, JSON v2 client, JWT helpers, validator bootstrap script), generated in 30 seconds from a single prompt. The LLM does the work; the developer ships. | ||
| - **Canton data accessibility for all LLMs.** Any LLM or agent can read live Featured App metrics, in real time and historically: overuse %, traffic burnt, reward markers emitted per \$1 burnt, transaction history, active-contract state, AmuletRules data, mining-round info, Amulet balances. Build complex analytics, dashboards, monitoring, and reward-tracking flows directly on Canton data, with no per-project API integration. Expose those capabilities to other projects via the MCP standard. Canton data becomes first-class context for AI workflows. |
There was a problem hiding this comment.
Note that this focuses on public data only. There are separate initiatives looking to extend PQS to provide access to private data.
There was a problem hiding this comment.
Right, v1 is intentionally public data only. Scan API endpoints (Featured App metrics, mining rounds, AmuletRules) and the Ledger API public surface (active contracts on parties the operator controls, balances). No participant-private data extraction in v1.
Aware of the PQS extension work for private data, that fits naturally in the continuation grant once those interfaces stabilise
|
|
||
| 8 workflow prompts: `onboard-app-provider`, `migrate-json-api-v1-to-v2`, `debug-contract-not-found`, `explain-reward-flow`, `bootstrap-validator-devnet`, `write-daml-template`, `audit-jwt`, `port-cn-quickstart`. | ||
|
|
||
| Doc indexing pipeline: GitHub Actions weekly cron crawls 5 upstream sources (`docs.daml.com`, `docs.digitalasset.com/build/3.4`, `docs.sync.global`, `hyperledger-labs/splice`, `digital-asset/decentralized-canton-sync`) via version-pinned git clones. Chunks at 800 tokens, embeds with `nomic-embed-text-v1.5` (open weights, run locally via `@xenova/transformers`), stores in SQLite + `sqlite-vec`. Ships an ~80-200 MB `index.sqlite` as a release asset, sha256-verified. |
There was a problem hiding this comment.
Minor comments - docs.daml.com focused on Canton V2 and less relevant / appropriate for Canton Network, be careful with version pinning, hyperledger-labs is now canton-network and the last item is not relevant (redirects to splice).
There was a problem hiding this comment.
Thanks, all 4 valid points. Will push a fixup commit covering this and L27 together
| - 3 v1 platform builds: Claude Skills, Cursor Rules, generic LLM context fallback. | ||
| - Public README, contribution guide, and one Loom demo (≤5 min) showing a Claude Code session resolving 3 documented hallucination cases. | ||
| - `@canton-mcp/conformance` v0.0.1 skeleton (CI runnable). | ||
| - External security audit pre-engagement booked. |
There was a problem hiding this comment.
Which elements are you specifically concerned about that require a security audit? How are you thinking about the scope of this?
There was a problem hiding this comment.
Fair question. The audit envelope is allocated for v1 because Layer D opens live Ledger and Scan reads under an env-gate, and the doc-indexer pulls external content into a context the LLM will process
scope splits across four areas.
Auth and credential handling. JWT validation tools and the scaffolded JWT helpers handle session tokens for the Ledger API. The audit checks for token leakage in logs, error responses, or telemetry, plus validation-bypass risks
Data boundary on Layer D. The env-gate needs to be unbypassable, and tool responses need to avoid leaking party data outside the parties the operator actually controls.
Prompt-injection safety on returned content. MCP tool responses get interpreted by the host LLM. Anything we fetch from docs, Scan, or Ledger could contain instructions. The audit verifies output sanitisation and the boundary between tool output and downstream LLM context
Supply chain on the doc-indexer pipeline. We pull from named upstreams, store sha256-verified blobs, and ship index.sqlite as a release asset. The audit covers the integrity chain end to end (upstream fetch, hash verification, release-asset signing) and the Skills build pipeline's byte-equality gate
|
Thanks @Ian-avro, useful pointers. Looked at both Where this proposal sits differently:
If either exposes a public API surface our scaffolds could target (Avro Intel as an upstream canton_query_scan can hit, or ChainSafe canonical patterns the LLM can pull alongside ours), happy to coordinate so the toolchain composes rather than competes. |
yeah let's chat more Avro Intel MCP does this all including benchmarks. |
4 participants
Development Fund Proposal Submission
Proposal file:
Link to the proposal added in this PR: /proposals/mcp-and-skills-by-vertexpoint.md
Summary
This proposal introduces Canton MCP and Canton LLM Skills, two complementary open-source packages (Apache 2.0) that turn any modern LLM into a Canton-fluent developer assistant. The Canton MCP server exposes 21 deterministic tools across four layers (docs/search, lint/validate, scaffold/generate, live data access) so any AI assistant or autonomous agent can build, validate, and operate Canton applications from a single prompt. The Canton LLM Skills bundle ships the same canonical knowledge in 6 platform formats for clients without MCP support, including consumer ChatGPT, GitHub Copilot, OpenCode, and on-premise Llama / Mistral / Qwen deployments at financial institutions. Together they make Canton developer onboarding "one prompt, one install command, a working Canton project ready to ship", and make live Canton data (Featured App metrics, traffic burnt, reward markers per $1 burnt, transaction history, mining rounds, AmuletRules, balances) accessible to any LLM or agentic system without per-project API integration.
It works with any LLM today and after the next model release: no GPU budget, no fine-tuning, no ML team. M3 includes a NODERS-style adoption-tied bonus (50,000 CC per verified independent adopter, capped at 3) to align proposer incentives with ecosystem outcomes. VertexPoint Labs (TrustedPoint) commits to long-term open-source maintenance with concrete per-Canton-release and per-Splice-release SLAs, plus continuation grant intent per CIP-0100 at month 3.
Checklist
/proposals/Notes for Reviewers
This proposal fills two concrete gaps that are blocking AI-driven adoption of Canton today:
1. LLMs hallucinate Canton APIs. ~85% of developers (Stack Overflow Developer Survey 2025) rely on LLM assistants. Without MCP and Skills support, those assistants regularly emit deprecated endpoints, mis-formatted JSON Ledger API v2 bodies, missing
disclosedContracts, and broken DAML syntax. Each Canton dApp team rewrites the same workarounds.2. LLMs cannot access Canton data. There is no standardised way for an LLM or AI agent to query Featured App metrics, mining rounds, AmuletRules, or transaction state. Canton is effectively invisible to the AI tooling that 85% of developers and a growing share of agentic systems already use.
The proposal delivers open-source, reusable infrastructure under Apache 2.0 (no "open core", no vendor lock-in), covering two Dev-Fund template categories:
daml-tooling(DAML compilation, scaffolding, gotchas) andcanton-apis(JSON Ledger API v2 body shapes, JWT claims, disclosed-contract handling, Scan API integration). Tech & Ops Committee can pick a primary label.Reference precedents: NODERS Funding Proposal #38 (adoption-tied per-Featured-App payment), DA dApp SDK #69, Peaceful Studio C# / .NET SDK #46.
Relevant work / Channels