I was startled ... by a very positive announcement!

It was a post from a community developer whose content had ended up on my FYP intermittently ... it was exciting news, in the form of a multi-part thread explaining his accomplishments in compartmentalized chunks:

xahau-mcp & Flight Simulator Announcement

When I started digging into what he'd accomplished, my amazement continued to grow - he has single-handedly, it seems - contributed several key development tools that will supercharge hooks development on Xahau! 😳

When I reached out to him over 'X', he was gracious enough to do a written Q&A with me.

Here is that Q&A, verbatim.

Question: What's your background with the XRP Ledger and Xahau?

Answer: I've been in the XRPL since 2020 - started as an investor, then got pulled deeper through X Spaces, following the news and learning the ecosystem.

I remember David Schwartz talking about Hooks coming to the XRPL and being genuinely excited about programmable logic on the ledger. When Hooks didn't make it to XRPL mainnet I was disappointed - but that's exactly what gave us Xahau, so it worked out. Along the way I launched an NFT project on the XRPL, and I host an X Space when time allows. So Xahau and Hooks weren't a pivot for me; they're the thing I'd been waiting on since Schwartz first described it.

Question: What motivated you to create xahau-mcp & the Flight Simulator?

Answer: Two gaps.

First, there was no MCP (Model Context Protocol) for Xahau at all - AI agents had no structured way to read the ledger, decode HookOn, or reason about Hooks.

Second, and bigger: there was no way to know what a Hook would do before you signed. Hooks are real WASM smart contracts that can reject or reshape your transaction - but you found out on-chain, after the fee burned. So I built the Flight Simulator: it runs a transaction's actual Hook bytecode in a local VM against live ledger state and tells you the accept/rollback outcome before you sign. As AI agents start moving real value on Xahau, "simulate before you sign" stops being a convenience and becomes a safety requirement.

Question: What feedback have you received from other developers thus far?

Answer: The response on X has honestly exceeded what I expected - encouragement and attention from developers I deeply respect, including Wietse, Tequ, Fomo and others. The one that floored me: when I launched xahc-prover - the tool that formally proves a Hook is safe - Richard Holland, who designed Hooks, engaged with it publicly and encouraged me to keep adding invariants.

Richard Holland

Richard is the reason any of this is even possible: he made Hooks not-Turing-complete and guard-bounded, which is the exact property that lets you prove them. Having the people who shaped the XRPL and Xahau ecosystems take an interest has been both validating and motivating. It tells me the gap I was trying to fill is one the community actually feels.

Question: Any plans to create a website endpoint for public use?

Answer: It's already running.

The simulator sits behind a hardened HTTP shim - sandboxed WASM execution with hard timeout and memory caps, rate-limiting, read-only, never signs - deployed on Railway and integrated into Kairo Vault's Hooks Lab. So today you can paste a compiled hook's WASM and have it analyzed and run as real bytecode without spinning up a node or the MCP locally.

The next step is standing up a raw public API endpoint anyone can hit directly - including the full live-ledger simulation path.

Question: Are you working on any other (unrelated / related) projects on Xahau?

Answer: Most of my work lives under Kairo Vault - my broader effort to build tools for users and developers across both the XRPL and Xahau. xahau-mcp is one piece of what's become a four-tool toolchain for safe Hooks — a quartet that takes a Hook from idea to deployed:

• xahc ("Xahau Hooks, Checked") - the authoring side: write a safe C Hook, build it, lint it, test it, and emit a ready-to-sign install transaction. xahc writes the Hook, xahau-mcp audits and simulates it. Already testnet-proven: an AI-agent spending-guardrail Hook installed and enforced its own limit on-ledger.

• xahc-prover - the part I'm proudest of. xahau-mcp simulates one transaction; xahc-prover proves a Hook is safe for every possible transaction. It symbolically executes the real compiled WASM and uses an SMT solver to either prove a safety invariant holds - spend limits, destination locks, no double-spend, balance conservation, and more - or hand back the exact transaction that breaks it. It's only possible because Hooks are bounded and decidable. And it fails closed: anything it can't model soundly returns INCONCLUSIVE, never a green check it didn't earn.

• evernode-mcp - the build layer above the Hooks: scaffold, lint, cost-estimate, and deploy HotPocket dApps on Evernode, with a determinism linter so a contract doesn't stall consensus across nodes.

• x402-xahau - making Xahau a settlement chain for the x402 agent-payments protocol, with a guardrail Hook as the layer-1 spending authority.

The thread tying it together: as AI agents start transacting autonomously, Kairo Vault is building the safety and tooling layer for them to do it on XRPL and Xahau - write the on-chain rules (xahc), simulate before signing (xahau-mcp), prove them safe for all inputs (xahc-prover), build and deploy the dApp (evernode-mcp), and settle within policy (x402-xahau). All four core tools are open source and MIT-licensed.

Question: How is "proving" a hook different from testing it?

Answer: Testing checks the cases you thought of. Proving checks every case there is. A test suite for a money-Hook might fire a few hundred transactions at it; an attacker only needs the one you didn't write. xahc-prover closes that gap. It symbolically executes the real compiled WASM - every branch at once, with the inputs left as unknowns - and asks an SMT solver a single question: is there any transaction that reaches "accept" and still breaks the rule? If the answer is no, that's a proof for all inputs in scope. If it's yes, you get back the exact transaction that breaks it - a real counterexample, not a vague warning.

It checks fourteen invariants today - things like spend limits, destination locks, no double-spend, balance conservation, authorization, reserve safety. And the part I care about most is what happens at the edges: if the prover hits anything it can't reason about soundly, it returns INCONCLUSIVE, never a false "proven." A verifier you can't trust is worse than no verifier, so it fails closed by design. I also reproduced several of its verdicts on the live Xahau testnet - sent the exact transactions it described and the chain agreed - so it's not just math in a vacuum.

None of this would be possible on a chain like Ethereum, where the halting problem means you can't prove an arbitrary contract. Richard made Hooks not-Turing-complete and guard-bounded, so their behaviour is decidable. Bounded execution was always quietly a superpower - xahc-prover is what it unlocks.

Question: Where does evernode-mcp fit?

Answer: The first three tools are about the Hook itself - the on-chain logic. evernode-mcp is the layer above it: the actual application.

Evernode lets you run dApps (HotPocket smart contracts) on hosts secured by Xahau, and evernode-mcp gives an AI agent or a developer a structured way to scaffold one, lint it, estimate what it'll cost to host, and deploy it.

Xahau - Evernode Integration

The hard part on Evernode is determinism.

A HotPocket contract runs on many independent nodes that have to reach the same result, byte for byte - so an innocent-looking thing like reading the system clock, iterating a map in hash order, or a locale-dependent sort can quietly break consensus. evernode-mcp ships a determinism linter that flags those patterns before they bite, plus a set of templates that are already clean. I want to be precise here: that's a linter, not a prover - it catches known non-deterministic patterns, it doesn't mathematically prove determinism.

The settlement Hooks in its templates, though, do run through xahc-prover, so the on-chain money logic of a dApp can be formally proven even while the off-chain app logic is linted. Together that's the full span: prove the rules, ship the app.

And it all points back to one home: I plan to integrate the full quartet into www.kairovault.com, so writing, simulating, proving, and deploying a Hook becomes one continuous workflow in the browser - no local toolchain required. The Hooks Lab is already the first piece of that; the rest of the quartet lands there next.

My Take: Incredible Tools For New Hooks Developers

The addition of xahau-mcp and its suite of components, tools, and techniques, represents a powerful and immense leap forward for hooks development on Xahau.

Development Suite For Hooks

New developers will now have, at their fingertips, the ability to rigorously - and easily - test Evernode dApps & Xahau hooks before deployment, thereby providing an additional layer of confidence in their code and applications. Ultimately, it will be the end-user stakeholders of Evernode & Xahau that benefit the most, from a wide variety of applications that use hooks and Xahau in the background, invisibly benefiting from a highly-efficient development process.

If you or a friend want to try vibe-coding some hooks, now is the time. X> | E >

Sources:

Q&A via 'X' DM ( Hugegreencandle@Cryptocrazy589 on 'X')

Introductory thread: https://x.com/Cryptocrazy589/status/2065012486479175777?s=20

The github repository link: https://github.com/Hugegreencandle/xahau-mcp

The github repository link for the flight simulator: https://github.com/Hugegreencandle/xahau-mcp/releases/tag/v2.0.0

"MCP" = "model context protocol", defined here: https://modelcontextprotocol.io/docs/getting-started/intro

Deeper dive into the MCP architecture: https://modelcontextprotocol.io/docs/learn/architecture

Plain English guide and tutorial to using the MCP: https://github.com/Hugegreencandle/xahau-mcp/blob/main/docs/TUTORIAL.md

Kairo Vault website: https://www.kairovault.com