OpenAI Agents SDK + Forge MCP for DeFi treasuries

How to wire OpenAI Agents SDK agents to Forge Treasury MCP — tool policies, PROFILE_NOT_LIVE handling, and non-custodial calldata on Base.

Last updated: May 26, 2026 · Published 2026-05-26

The OpenAI Agents SDK treats external capabilities as first-class tools — a natural fit for Forge Treasury's Model Context Protocol (MCP) server. Forge MCP at `https://mcp.forgetreasury.com/mcp` exposes vault tools that return deposit calldata and vault metadata for Base mainnet (chain ID `8453`). The Agents SDK orchestrates tool calls; your agent's wallet signs on-chain. Forge does not custody USDC or private keys in production (Option A).

Why OpenAI Agents SDK + MCP for DeFi treasuries

DeFi treasury automation fails when models hallucinate contract addresses or skip pre-flight checks. MCP registers Forge tools with JSON Schema at connection time — the Agents SDK passes validated arguments to `deposit`, `simulate_deposit`, and `list_profiles`. That is tighter than prompting an agent to "call the Forge API" from memory. For Base USDC idle balances, the SDK can enforce a tool policy: always `list_profiles` before `deposit`, always `simulate_deposit` before broadcast, never combine APY streams in final user messages.

• Typed tools: Parameters match MCP schemas — amount, agentAddress, profile.
• Tracing: Agents SDK run logs show which Forge tools fired — useful for audit trails.
• Handoffs: Separate "research" and "execution" agents — research reads stats; execution signs calldata.
• MCP transport: Streamable HTTP to Forge prod or stdio to local `pnpm mcp:dev`.

Integration architecture

Three components: (1) OpenAI Agents SDK agent with instructions enforcing non-custodial boundaries; (2) MCP server connection to Forge (remote or local); (3) signing layer — separate tool or human-in-the-loop for USDC `approve` and vault `deposit` broadcast. Production Forge MCP returns calldata only. The Agents SDK must not assume MCP executes transactions — that would blur the R4 non-custodial fact pattern.

Wiring MCP into the Agents SDK

OpenAI's MCP integration patterns (via `MCPServer` helpers in the Agents SDK ecosystem) connect to Forge at session start. Verify connectivity with `https://mcp.forgetreasury.com/health` before agent runs — `/mcp` expects MCP protocol clients, not browser GET requests. Map MCP tool names verbatim in agent instructions so traces align with Docs tables.

1. Configure MCP server URL: production `https://mcp.forgetreasury.com/mcp` or local dev endpoint.
2. Register Forge tools on the Agents SDK `Agent` instance.
3. Set instructions: Base chain 8453, native USDC `0x833589…2913`, Core vault for conservative profile.
4. Add guardrail: abort on `PROFILE_NOT_LIVE` — do not retry deposit with guessed parameters.
5. Connect wallet/signing capability for approve + send steps outside MCP.

Production tool catalog

Recommended run loop

1. Agent calls `list_profiles` — confirm conservative → Core vault live.
2. Agent calls `get_vault_stats` — cache adapterCount; invalidate after known timelock dates.
3. User or policy agent requests deposit — run `simulate_deposit` first.
4. Review simulation JSON with user; link FORGE emissions vs yield if APY discussed.
5. Signing tool: USDC approve to Core vault `0x2C9a3922…193B` if needed.
6. Agent calls `deposit` — signing tool broadcasts calldata from agent EOA.
7. Agent calls `get_balance` — confirm fUSDC credited.

Handling PROFILE_NOT_LIVE and profile errors

MVP gating returns structured errors when agents request `balanced` or `aggressive` profiles on deposit, simulate, or APY tools. The Agents SDK should parse `isError: true` and `code: "PROFILE_NOT_LIVE"` — not treat the response as partial success. Full profile semantics: list_profiles guide. Until Middle timelock executes, Balanced strategy requires manual Core-only routing or waiting for Phase 2 multi-tx calldata.

R4-aligned agent instructions

Embed compliance guardrails directly in Agents SDK `instructions` — they are enforceable policy, not marketing footnotes:

• Disclose unaudited contracts and early-stage TVL when recommending deposits.
• Never state performance fee is zero — 15% on profits above high-water mark at withdraw.
• Separate USDC vault yield (share price) from FORGE Merkle claims.
• Do not project billion-scale AUM or "default APY" from MCP constants.
• Include link to Risks & Disclosures in deposit recommendations.

Local dev: Agents SDK + AgentKit merge

Running `pnpm mcp:dev` with CDP credentials in `mcp-server/.env` merges Coinbase AgentKit wallet tools alongside Forge tools — useful for gas and transfer experiments on Base Sepolia. Never deploy CDP keys to Hetzner production MCP. Vault deposits must originate from the end-user agent EOA, not the CDP experimental wallet. Details: Coinbase AgentKit local setup.

Comparison with LangChain pattern

Both LangChain and OpenAI Agents SDK benefit from the same MCP contract — Forge tool names and schemas are framework-agnostic. Choose based on your runtime (Python Agents SDK vs LangGraph). See LangChain + Forge MCP for parallel patterns. Core product reference remains MCP-native treasury.

Frequently asked questions

Does the Agents SDK replace a wallet?

No. MCP returns calldata; you still need a signing integration (wallet MCP, viem script, or manual broadcast).

Can one agent call both Forge and AgentKit tools?

Locally yes — when AgentKit merge is enabled. Use AgentKit for gas/transfers only; route vault deposits through Forge calldata signed by the user EOA.

Is simulate_deposit optional?

Technically yes; operationally no. Adapter books change after timelock — simulation catches stale policy before irreversible deposits.

Summary

OpenAI Agents SDK + Forge MCP = traced tool loops for Base USDC treasuries. Bootstrap with `list_profiles`, simulate before deposit, sign locally, handle `PROFILE_NOT_LIVE` explicitly. Keep APY copy R4-safe. Production MCP is calldata-only, no CDP. Conservative strategy · Docs · Stats.