Skip to content

RFC: Shared key authentication for local MCP servers #16

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
JAORMX wants to merge 2 commits into
base: main
Choose a base branch
from
Open

RFC: Shared key authentication for local MCP servers #16

JAORMX wants to merge 2 commits into from
+299 −0

Conversation

@JAORMX
Copy link
Contributor

@JAORMX JAORMX commented Jan 12, 2026

Summary

Port proposal from toolhive PR #2570.

This proposal introduces a lightweight authentication mechanism for localhost MCP server deployments that provides defense-in-depth security without requiring external identity providers.

Overview

The proposal adds shared key authentication as an opt-in feature for local ToolHive deployments. While localhost binding provides network-level security, this adds an additional authentication layer for defense-in-depth.

Key Features

  • Cryptographically-secure shared key generation per workload (32-byte keys)
  • OS keychain storage via existing encrypted secrets provider
  • New middleware for constant-time key validation
  • Transparent integration with thv proxy stdio bridge
  • Zero-configuration UX: just add --shared-key-auth flag
  • Backward compatible (opt-in feature)

Architecture

The solution leverages existing ToolHive infrastructure:

  • Key storage: Uses existing encrypted secrets provider and OS keychain integration
  • Middleware: Follows standard middleware pattern for clean integration
  • Stdio bridge: Enhances existing proxy to inject authentication headers
  • Workload manager: Handles key lifecycle automatically

Security Properties

  • 256-bit cryptographic keys via crypto/rand
  • AES-256-GCM encrypted storage in OS keychain
  • Constant-time comparison to prevent timing attacks
  • Defense-in-depth layer (complements network isolation)
  • Unique key per workload with automatic cleanup

Usage Example

# Enable shared key auth
thv run my-server --shared-key-auth

# ToolHive automatically:
# 1. Generates secure key
# 2. Stores in OS keychain
# 3. Configures middleware
# 4. Updates client config

JAORMX added 2 commits January 12, 2026 12:01
@JAORMX
RFC: Shared key authentication for local MCP servers
b4156bd 
Port proposal from toolhive PR #2570. This RFC proposes a lightweight
authentication mechanism for localhost MCP server deployments using
cryptographically-secure shared keys stored in the OS keychain.

Signed-off-by: Juan Antonio Osorio <ozz@stacklok.com>
@JAORMX
Rename RFC file to match PR number (THV-0016)
b1587d1 
Signed-off-by: Juan Antonio Osorio <ozz@stacklok.com>
@JAORMX JAORMX mentioned this pull request Jan 12, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@JAORMX