MCP integration
Let Claude drive your vault
RESQD ships a first-class Model Context Protocol server so you can tell Claude things like “upload my tax return to my vault” or “list everything I saved last month”. The MCP server runs locally on your machine, encrypts your files with the same zero-knowledge stack as the browser, and authenticates to RESQD with a revocable API token. The server never sees plaintext.
You'll need a RESQD account to generate an API token and use the MCP server. Create a vault →
Install the MCP server
resqd-mcp is a small Rust binary that speaks MCP over stdio. Clone the repo and install with cargo (compiles in ~1 minute the first time):
git clone https://github.com/khiebel/resqd.git cd resqd/mcp cargo install --path .
This puts resqd-mcp at ~/.cargo/bin/resqd-mcp, which should already be on your $PATH.
Mint an API token
Tokens have the same permissions as your passkey session — read, write, delete — and can be revoked at any time. Each client gets its own.
Sign up firstThe token is shown once when you mint it. Copy it somewhere safe — we only store its SHA-256 hash and can never show you the raw value again.
Copy your master key
The MCP server needs your master key to encrypt files locally before upload and decrypt them after download. It's the same key your browser derives from your passkey via the WebAuthn PRF extension — no plaintext, no key ever leaves your control except into this specific client config.
Sign in to see your master key.
Configure your MCP client
Claude Desktop
Edit ~/Library/Application Support/Claude/claude_desktop_config.json and add the resqd entry under mcpServers:
{
"mcpServers": {
"resqd": {
"command": "resqd-mcp",
"env": {
"RESQD_API_URL": "https://api.resqd.ai",
"RESQD_API_TOKEN": "rsqd_your_token_here",
"RESQD_MASTER_KEY_B64": "your_master_key_base64"
}
}
}
}Restart Claude Desktop. You should see resqd in the MCP indicator with four tools available.
Claude Code
claude mcp add resqd resqd-mcp \ -e RESQD_API_URL=https://api.resqd.ai \ -e RESQD_API_TOKEN=rsqd_your_token_here \ -e RESQD_MASTER_KEY_B64=your_master_key_base64
Then run /mcp inside Claude Code to verify the connection.
Try it
Once Claude has the server, try any of these prompts:
- Upload ~/Documents/tax_return_2026.pdf to my RESQD vault.
- List everything in my vault.
- Download asset 8e2f7c… to ~/Desktop/recovered.pdf.
- Delete the file called “old_draft.txt” from my vault.
Every upload is encrypted locally with a fresh per-asset key, sharded across six storage backends, and anchored on Base L2 — byte-for-byte identical to what the browser upload flow writes. Anything you drop in via Claude shows up with its real filename in your vault.
Four tools
upload_file{ path, name? }Encrypt a file from disk and add it to your vault. Returns the new asset id.
list_vault{}List your vault's assets with decrypted filenames and MIME types. Filenames are decrypted locally — the server only returns ciphertext.
fetch_file{ asset_id, save_to }Download an asset, decrypt it locally, write it to a path. Triggers a canary rotation and on-chain anchor.
delete_file{ asset_id }Permanently remove an asset. On-chain canary history is preserved (Base is append-only by design).
Zero-knowledge caveat
The MCP server has a copy of your master key. That's how it can encrypt and decrypt locally without ever handing plaintext to the RESQD server. It's a real delegation — treat the machine running the MCP like one you'd trust with your vault, because for the lifetime of that key copy, it has the same access you do.
A future version will use proxy re-encryption so each agent holds only a delegated key scoped to specific assets, making the delegation revocable and narrow. For the alpha, the simpler shape ships so the integration is honestly useful while we iterate on the harder design.