Deconvolute SDK
The MCP Firewall (Infrastructure Protection)

The MCP Firewall

How Deconvolute protects your infrastructure using the Snapshot and Seal architecture.

The MCP Firewall is the core enforcement engine of Deconvolute. It sits between your application and MCP Servers, creating a secure boundary that governs all tool interactions to prevent infrastructure-level attacks.

Architecture: Snapshot and Seal

The Firewall is built on a Snapshot and Seal architecture to prevent mid-session tampering and unauthorized tool execution. It operates in two distinct phases:

1. Discovery Phase (The Snapshot)

When your application lists available tools from an MCP server, the Firewall intercepts the tool list. It checks each tool against your policy (deconvolute_policy.yaml). For approved tools only, it registers a cryptographic hash of the tool definition (the Snapshot) in an ephemeral session registry. Persistent session are coming soon.

2. Execution Phase (The Seal)

When your application calls a tool, the Firewall intercepts the execution request. It verifies the tool exists in the registry. If the tool is not found, or if the tool definition has been modified in any way by a compromised server, the hash verification fails and the call is blocked immediately.

Quickstart Guide

Get up and running with Deconvolute in minutes.

Basic Usage & Strict Integrity

Learn how to wrap your MCP sessions and prevent rug pull attacks.

On this page

Architecture: Snapshot and Seal1. Discovery Phase (The Snapshot)2. Execution Phase (The Seal)