Mcp Sqlite

15 toolsauthSTDIOregistry active

Summary

Gives Claude read and write access to SQLCipher 4 encrypted databases through standard SQL operations. Useful when you need to work with encrypted SQLite files from apps like Signal, 1Password, WhatsApp, or MoneyMoney. Exposes tools to list tables and schemas, run arbitrary SQL queries, and perform CRUD operations with proper identifier validation. Supports custom cipher profiles if you're dealing with non-standard encryption settings. Handles passphrase encryption with AES-256-GCM and can pull keys from macOS Keychain. Built on the sqlite-jdbc-crypt driver and runs over stdio, with Docker images available if you don't want to mess with Java 21 locally.

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

Tools

Public tool metadata for what this MCP can expose to an agent.

15 tools

sqlite_queryExecute a SELECT query on the SQLite database and return rows as a JSON array. Use this for reading data — supports any valid SELECT statement with optional parameter binding for safe queries.2 params

Execute a SELECT query on the SQLite database and return rows as a JSON array. Use this for reading data — supports any valid SELECT statement with optional parameter binding for safe queries.

Parameters* required

sqlstring

SQL SELECT query to execute (e.g., "SELECT * FROM users WHERE age > ?")

paramsarray

Array of bind parameter values for ? placeholders (e.g., [25])

sqlite_executeExecute a write statement (INSERT, UPDATE, DELETE, CREATE, ALTER, DROP) on the SQLite database. Returns the number of rows changed and the last inserted row ID. Use parameter binding for safe writes.2 params

Execute a write statement (INSERT, UPDATE, DELETE, CREATE, ALTER, DROP) on the SQLite database. Returns the number of rows changed and the last inserted row ID. Use parameter binding for safe writes.

Parameters* required

sqlstring

SQL write statement to execute (e.g., "INSERT INTO users (name, age) VALUES (?, ?)")

paramsarray

Array of bind parameter values for ? placeholders (e.g., ["Alice", 30])

sqlite_run_scriptExecute multiple SQL statements in a single transaction. All statements succeed or all fail (atomic). Separate statements with semicolons. Use for migrations, seed data, or batch operations.1 params

Execute multiple SQL statements in a single transaction. All statements succeed or all fail (atomic). Separate statements with semicolons. Use for migrations, seed data, or batch operations.

Parameters* required

sqlstring

Multiple SQL statements separated by semicolons (e.g., "CREATE TABLE t1 (id INTEGER); INSERT INTO t1 VALUES (1);")

sqlite_list_tablesList all tables and views in the database with their row counts. Use this as the first step to explore an unfamiliar database. Returns table name, type (table or view), and row count.1 params

List all tables and views in the database with their row counts. Use this as the first step to explore an unfamiliar database. Returns table name, type (table or view), and row count.

Parameters* required

_fieldsstring

Comma-separated list of fields to return (e.g., "name,type,rowCount"). Leave empty for all fields.

sqlite_describe_tableGet the column schema of a table — column names, data types, NOT NULL constraints, default values, and primary key flags. Also returns the CREATE TABLE SQL statement.1 params

Get the column schema of a table — column names, data types, NOT NULL constraints, default values, and primary key flags. Also returns the CREATE TABLE SQL statement.

Parameters* required

tablestring

Table name to describe (e.g., "users")

sqlite_list_indexesList all indexes on a table — index name, uniqueness, origin (manual or auto-created), and whether it is a partial index.1 params

List all indexes on a table — index name, uniqueness, origin (manual or auto-created), and whether it is a partial index.

Parameters* required

tablestring

Table name to list indexes for (e.g., "users")

sqlite_list_foreign_keysList foreign key constraints on a table — referenced table, local and remote columns, ON UPDATE and ON DELETE actions.1 params

List foreign key constraints on a table — referenced table, local and remote columns, ON UPDATE and ON DELETE actions.

Parameters* required

tablestring

Table name to list foreign keys for (e.g., "orders")

sqlite_create_tableCreate a new table with column definitions. Each column has a name, type, and optional constraints (PRIMARY KEY, NOT NULL, UNIQUE, DEFAULT). Use ifNotExists to skip if the table already exists.3 params

Create a new table with column definitions. Each column has a name, type, and optional constraints (PRIMARY KEY, NOT NULL, UNIQUE, DEFAULT). Use ifNotExists to skip if the table already exists.

Parameters* required

tablestring

Name for the new table (e.g., "users")

columnsarray

Array of column definitions with name, type, and optional constraints

ifNotExistsboolean

Skip creation if table already exists (default: false)

sqlite_alter_tableAlter an existing table — add a new column, rename a column, or rename the table. SQLite does not support dropping columns via ALTER TABLE.9 params

Alter an existing table — add a new column, rename a column, or rename the table. SQLite does not support dropping columns via ALTER TABLE.

Parameters* required

typestring

Column data type (for add_column action, e.g., "TEXT", "INTEGER")

tablestring

Current table name to alter (e.g., "users")

actionstring

Alter action: "add_column" to add a new column, "rename_column" to rename a column, "rename_table" to rename the tableone of add_column · rename_column · rename_table

columnstring

New column name (for add_column action)

defaultvalue

Default value for new column (for add_column)

newNamestring

New column name (for rename_column action)

notNullboolean

Add NOT NULL constraint to new column (for add_column, default: false)

oldNamestring

Current column name to rename (for rename_column action)

newTableNamestring

New table name (for rename_table action)

sqlite_drop_tableDrop (delete) a table and all its data permanently. This action is irreversible. Use ifExists to avoid errors if the table does not exist.2 params

Drop (delete) a table and all its data permanently. This action is irreversible. Use ifExists to avoid errors if the table does not exist.

Parameters* required

tablestring

Table name to drop (e.g., "old_users")

ifExistsboolean

Skip if table does not exist instead of throwing error (default: false)

sqlite_create_indexCreate an index on one or more columns to speed up queries. Optionally create a UNIQUE index to enforce uniqueness. Index name is auto-generated if not provided.5 params

Create an index on one or more columns to speed up queries. Optionally create a UNIQUE index to enforce uniqueness. Index name is auto-generated if not provided.

Parameters* required

tablestring

Table to create the index on (e.g., "users")

uniqueboolean

Create a UNIQUE index to enforce uniqueness (default: false)

columnsarray

Array of column names to index (e.g., ["email"] or ["last_name", "first_name"])

indexNamestring

Custom index name (auto-generated as idx_table_col1_col2 if omitted)

ifNotExistsboolean

Skip if index already exists (default: false)

sqlite_drop_indexDrop (delete) an index by name. Does not affect the table data, only removes the index. Use ifExists to avoid errors if the index does not exist.2 params

Drop (delete) an index by name. Does not affect the table data, only removes the index. Use ifExists to avoid errors if the index does not exist.

Parameters* required

ifExistsboolean

Skip if index does not exist instead of throwing error (default: false)

indexNamestring

Name of the index to drop (e.g., "idx_users_email")

sqlite_get_infoGet database metadata — file path, file size, table count, page count, page size, journal mode, WAL status, encoding, and SQLite version. Use this to understand the database state.1 params

Get database metadata — file path, file size, table count, page count, page size, journal mode, WAL status, encoding, and SQLite version. Use this to understand the database state.

Parameters* required

_fieldsstring

Comma-separated list of fields to return (e.g., "path,size,tables"). Leave empty for all fields.

sqlite_vacuumOptimize and compact the database file by rebuilding it. Reclaims space from deleted rows and defragments the file. Returns file size before and after. May take time on large databases.1 params

Optimize and compact the database file by rebuilding it. Reclaims space from deleted rows and defragments the file. Returns file size before and after. May take time on large databases.

Parameters* required

_fieldsstring

Comma-separated list of fields to return (e.g., "sizeBefore,sizeAfter"). Leave empty for all fields.

sqlite_integrity_checkRun PRAGMA integrity_check to verify the database is not corrupted. Returns "ok" if the database is healthy, or a list of issues found. Use after crashes or suspicious behavior.1 params

Run PRAGMA integrity_check to verify the database is not corrupted. Returns "ok" if the database is healthy, or a list of issues found. Use after crashes or suspicious behavior.

Parameters* required

_fieldsstring

Comma-separated list of fields to return (e.g., "ok,errors"). Leave empty for all fields.

Encrypted SQLite MCP Server

MCP server for encrypted SQLite databases

A Model Context Protocol (MCP) server for working with encrypted SQLite databases using SQLCipher. This server provides tools to read database structures, query tables, and perform CRUD operations on encrypted SQLite databases.

Compatible with all MCP clients (Cursor, Claude Desktop, and others).

Works with encrypted databases from: MoneyMoney, 1Password, Signal, WhatsApp, Firefox, Telegram, KeePass, and other applications using SQLCipher encryption.

Features

Encrypted SQLite Support: Works with SQLCipher 4 encrypted databases - the key differentiator of this MCP server
Encrypted Passphrases: Support for AES-256-GCM encrypted passphrases with macOS Keychain integration
Database Exploration: List tables, columns, indexes, and schema metadata
Query Support: Execute arbitrary SQL queries (SELECT, INSERT, UPDATE, DELETE, DDL)
CRUD Operations: Insert, update, and delete rows with filtering
Configurable Cipher Profiles: Support for different SQLCipher configurations
MCP Protocol: Full Model Context Protocol implementation via STDIO
Security: SQL identifier validation to prevent SQL injection
Debug Mode: Optional debug output via MCP_DEBUG environment variable
Input Validation: Comprehensive validation for limits, offsets, and identifiers

Why Encrypted SQLite?

Many popular applications use encrypted SQLite databases (SQLCipher) to protect sensitive data. This MCP server is specifically designed to work with these encrypted databases.

Applications Using Encrypted SQLite Databases

MoneyMoney (macOS): Financial management app with encrypted local databases
1Password: Password manager using SQLCipher for local vault storage
Signal: Encrypted messaging app with SQLCipher-protected message databases
WhatsApp: Messaging app using encrypted SQLite for local message storage
Firefox: Browser using SQLCipher for encrypted login databases
Telegram: Messaging app with encrypted local database storage
KeePass: Password manager supporting encrypted SQLite database files

If you need to access data from any of these applications or other SQLCipher-encrypted databases, this MCP server provides the tools you need. Note that you need the passphrase of the encrypted database.

Requirements

Java 21 or higher (JDK)
Gradle (wrapper included)
SQLite JDBC driver with encryption support (sqlite-jdbc-3.50.1.0.jar from sqlite-jdbc-crypt)

Quick Start

Cursor (One-Click Installation)

The easiest way to install this MCP server in Cursor is via the Cursor MCP Store:

Visit cursor.store/mcp/rosch100/mcp-encrypted-sqlite
Click "Add to Cursor"
Follow the prompts to configure your database path and passphrase

Other MCP Clients

This server works with any MCP-compatible client. See the Configuration section below for setup instructions.

Installation

Docker (Recommended)

Use the pre-built Docker image from GitHub Container Registry:

docker pull ghcr.io/rosch100/mcp-encrypted-sqlite:latest

Quick Start: See DOCKER_QUICKSTART.md for Docker Desktop setup.

Detailed Configuration: See DOCKER_CONFIGURATION.md for advanced options.

From Source

Clone the repository:

git clone https://github.com/rosch100/mcp-encrypted-sqlite.git

cd mcp-encrypted-sqlite
Build the project:

./gradlew build installDist

The build process will automatically download sqlite-jdbc-3.50.1.0.jar from sqlite-jdbc-crypt releases and place it in the libs/ directory.

The executable will be available at build/install/mcp-encrypted-sqlite/bin/mcp-encrypted-sqlite.

Configuration

This MCP server works with any MCP-compatible client (Cursor, Claude Desktop, etc.). The configuration format follows the Model Context Protocol specification.

The server communicates via STDIO (standard input/output). Add the following configuration to your MCP client's configuration file:

Configuration file locations:

Cursor: ~/.cursor/mcp.json
Claude Desktop (macOS): ~/Library/Application Support/Claude/claude_desktop_config.json
Claude Desktop (Windows): %APPDATA%\Claude\claude_desktop_config.json
Other clients: Refer to your client's documentation

{
  "mcpServers": {
    "encrypted-sqlite": {
      "command": "/path/to/mcp-encrypted-sqlite/build/install/mcp-encrypted-sqlite/bin/mcp-encrypted-sqlite",
      "args": [
        "--args",
        "{\"db_path\":\"/path/to/your/database.sqlite\",\"passphrase\":\"your-passphrase\"}"
      ]
    }
  }
}

Optional Parameters:

transport: Defaults to "stdio" (can be omitted)
cwd: Not needed when using absolute paths (can be omitted)
env: Only needed if Java is not in your system PATH or for custom Java installation:

{
  "mcpServers": {
    "encrypted-sqlite": {
      "command": "/path/to/mcp-encrypted-sqlite/build/install/mcp-encrypted-sqlite/bin/mcp-encrypted-sqlite",
      "args": [
        "--args",
        "{\"db_path\":\"/path/to/your/database.sqlite\",\"passphrase\":\"your-passphrase\"}"
      ],
      "env": {
        "JAVA_HOME": "/path/to/java/home"
      }
    }
  }
}

Docker Configuration

Plain Passphrase

{
  "mcpServers": {
    "encrypted-sqlite": {
      "command": "docker",
      "args": [
        "run", "--rm", "-i",
        "-v", "/path/to/your/database.sqlite:/data/database.sqlite:ro",
        "ghcr.io/rosch100/mcp-encrypted-sqlite:latest",
        "--args",
        "{\"db_path\":\"/data/database.sqlite\",\"passphrase\":\"your-passphrase\"}"
      ]
    }
  }
}

Encrypted Passphrase (Recommended)

When using encrypted passphrases, you must pass the encryption key as an environment variable:

{
  "mcpServers": {
    "encrypted-sqlite": {
      "command": "docker",
      "args": [
        "run", "--rm", "-i",
        "-e", "MCP_SQLITE_ENCRYPTION_KEY=your-encryption-key",
        "-v", "/path/to/your/database.sqlite:/data/database.sqlite:ro",
        "ghcr.io/rosch100/mcp-encrypted-sqlite:latest",
        "--args",
        "{\"db_path\":\"/data/database.sqlite\",\"passphrase\":\"encrypted:your-encrypted-passphrase\"}"
      ]
    }
  }
}

Important Notes:

The -e flag must come before the -v flag
macOS Keychain is NOT accessible from Docker containers - pass the encryption key explicitly
Get your encryption key: security find-generic-password -s "mcp-encrypted-sqlite" -a "encryption-key" -w
The database file is mounted as read-only (:ro) by default. Remove :ro if you need write access

Security Warning: Storing both the encryption key and encrypted passphrase as plain text in your configuration file is a security risk. See DOCKER_CONFIGURATION.md for secure alternatives.

Custom Cipher Profile

Override the default SQLCipher 4 settings by including a cipherProfile in the configuration JSON:

{
  "mcpServers": {
    "encrypted-sqlite": {
      "command": "/path/to/mcp-encrypted-sqlite/build/install/mcp-encrypted-sqlite/bin/mcp-encrypted-sqlite",
      "args": [
        "--args",
        "{\"db_path\":\"/path/to/your/database.sqlite\",\"passphrase\":\"your-passphrase\",\"cipherProfile\":{\"name\":\"SQLCipher 4 defaults\",\"pageSize\":4096,\"kdfIterations\":256000,\"hmacAlgorithm\":\"HMAC_SHA512\",\"kdfAlgorithm\":\"PBKDF2_HMAC_SHA512\"}}"
      ]
    }
  }
}

Note: All fields in cipherProfile are optional - only specify the ones you want to override from the defaults. You can also specify cipherProfile in individual tool calls, but it's recommended to configure it once in the MCP server configuration for consistency.

Encrypted Passphrases

For enhanced security, you can store passphrases in encrypted form. The server uses AES-256-GCM encryption, which provides authenticated encryption and is both secure and fast.

macOS Keychain (Recommended for macOS)

Generate and store key in Keychain: Run: ./store-key-in-keychain.sh --generate
Encrypt your passphrase: Run: ./encrypt-passphrase.sh "your-plain-passphrase"

The key is automatically loaded from the Keychain when no environment variable is set.

Benefits:

Key is securely encrypted and stored by macOS
No environment variables needed
Automatic unlock with macOS user password
Works system-wide for all applications

Environment Variable (Cross-Platform)

Generate an encryption key: Run: java -cp build/libs/mcp-encrypted-sqlite-VERSION.jar com.example.mcp.sqlite.config.PassphraseEncryption
Set the encryption key: Run: export MCP_SQLITE_ENCRYPTION_KEY="<your-generated-key>"
Encrypt your passphrase: Run: java -cp build/libs/mcp-encrypted-sqlite-VERSION.jar com.example.mcp.sqlite.util.EncryptPassphrase "your-plain-passphrase"

Usage

Use the encrypted passphrase (with encrypted: prefix) in your configuration:

On macOS with Keychain (recommended):

{
  "mcpServers": {
    "encrypted-sqlite": {
      "command": "/path/to/mcp-encrypted-sqlite/build/install/mcp-encrypted-sqlite/bin/mcp-encrypted-sqlite",
      "args": [
        "--args",
        "{\"db_path\":\"/path/to/your/database.sqlite\",\"passphrase\":\"encrypted:<encrypted-passphrase>\"}"
      ]
    }
  }
}

Note: No env section needed - the key is automatically loaded from macOS Keychain.

With environment variable (cross-platform):

{
  "mcpServers": {
    "encrypted-sqlite": {
      "command": "/path/to/mcp-encrypted-sqlite/build/install/mcp-encrypted-sqlite/bin/mcp-encrypted-sqlite",
      "args": [
        "--args",
        "{\"db_path\":\"/path/to/your/database.sqlite\",\"passphrase\":\"encrypted:<encrypted-passphrase>\"}"
      ],
      "env": {
        "MCP_SQLITE_ENCRYPTION_KEY": "<your-encryption-key>"
      }
    }
  }
}

Important Security Notes:

The encryption key MUST be available (macOS Keychain or MCP_SQLITE_ENCRYPTION_KEY environment variable)
The server automatically detects encrypted passphrases (starting with encrypted:) and decrypts them
Use PassphraseEncryption.generateKey() to generate strong keys (256 bits / 32 bytes)
AES-256-GCM provides authenticated encryption
Weak keys are automatically rejected

Available Tools

`list_tables`

List all tables in the database. By default only table names, with include_columns=true also column details.

Parameters:

db_path (optional if configured): Path to the database file
passphrase (optional if configured): Database passphrase
include_columns (optional, default: false): If true, column details are also returned

Example:

{
  "name": "list_tables",
  "arguments": {
    "include_columns": true
  }
}

`get_table_data`

Read data from a table with optional filtering, column selection, and pagination.

Parameters:

table (required): Table name
columns (optional): Array of column names to select
filters (optional): Object with column-value pairs for filtering
limit (optional, default: 200): Maximum number of rows
offset (optional, default: 0): Offset for pagination

Example:

{
  "name": "get_table_data",
  "arguments": {
    "table": "accounts",
    "columns": ["id", "name", "balance"],
    "filters": {"status": "active"},
    "limit": 50,
    "offset": 0
  }
}

`execute_sql`

Execute arbitrary SQL statements (SELECT, INSERT, UPDATE, DELETE, DDL).

Security Warning: This tool executes raw SQL without parameterization. Only use with trusted SQL or ensure proper validation and sanitization is performed before calling this tool. For safer operations, use the other tools (get_table_data, insert_or_update, delete_rows) which use parameterized queries.

Parameters:

sql (required): SQL statement to execute

Example:

{
  "name": "execute_sql",
  "arguments": {
    "sql": "SELECT COUNT(*) FROM transactions WHERE amount > 1000"
  }
}

`insert_or_update`

Perform UPSERT operations (INSERT or UPDATE on conflict).

Parameters:

table (required): Table name
primary_keys (required): Array of primary key column names
rows (required): Array of row objects to insert/update

Example:

{
  "name": "insert_or_update",
  "arguments": {
    "table": "accounts",
    "primary_keys": ["id"],
    "rows": [
      {"id": 1, "name": "Account 1", "balance": 1000.0},
      {"id": 2, "name": "Account 2", "balance": 2000.0}
    ]
  }
}

`delete_rows`

Delete rows from a table based on filters.

Parameters:

table (required): Table name
filters (required): Object with column-value pairs for filtering

Example:

{
  "name": "delete_rows",
  "arguments": {
    "table": "transactions",
    "filters": {"status": "cancelled"}
  }
}

`get_table_schema`

Retrieves detailed schema information for a table (columns, indexes, foreign keys, constraints).

Parameters:

table (required): Table name

Example:

{
  "name": "get_table_schema",
  "arguments": {
    "table": "accounts"
  }
}

`list_indexes`

Lists all indexes of a table.

Parameters:

table (required): Table name

Example:

{
  "name": "list_indexes",
  "arguments": {
    "table": "accounts"
  }
}

Debug Mode

The server supports optional debug output via the MCP_DEBUG environment variable. When enabled, detailed debug information is written to stderr (not stdout, to comply with MCP protocol requirements).

Enable debug mode:

{
  "mcpServers": {
    "encrypted-sqlite": {
      "command": "/path/to/mcp-encrypted-sqlite/build/install/mcp-encrypted-sqlite/bin/mcp-encrypted-sqlite",
      "args": [
        "--args",
        "{\"db_path\":\"/path/to/your/database.sqlite\",\"passphrase\":\"your-passphrase\"}"
      ],
      "env": {
        "MCP_DEBUG": "true"
      }
    }
  }
}

Debug output includes:

Server startup information (Java version, OS, arguments)
Configuration parsing details
Request processing information
Response sizes and structures
Database connection details

Note: Debug output is disabled by default to keep logs clean. Only enable it when troubleshooting issues.

Default Cipher Profile

The server uses SQLCipher 4 defaults by default:

cipher_page_size: 4096
kdf_iter: 256000
cipher_hmac_algorithm: HMAC_SHA512
cipher_kdf_algorithm: PBKDF2_HMAC_SHA512
cipher_use_hmac: ON
cipher_plaintext_header_size: 0

These settings match the defaults used by tools like "DB Browser for SQLite" with SQLCipher 4.

Development

See DEVELOPMENT.md for development setup, building, testing, and project structure.

Security Considerations

General Security

Passphrases: Passphrases are only stored in memory and never logged
Encrypted Passphrases: Use encrypted passphrases with AES-256-GCM for storing passphrases in configuration files (see Encrypted Passphrases section)
Memory: Note that decrypted passphrases remain in memory as Java Strings (immutable). For maximum security, consider using char[] arrays, though this is not currently implemented.
Transport: Use secure transport channels (e.g., encrypted sessions) when accessing the server remotely
File Permissions: Ensure database files have appropriate file system permissions

Security Best Practices

Use encrypted passphrases with AES-256-GCM encryption
Generate strong keys using PassphraseEncryption.generateKey() (256 bits / 32 bytes)
Store encryption keys securely: Use macOS Keychain (recommended on macOS) or secure secret storage
Never store both encryption key and encrypted passphrase in the same configuration file - Use wrapper scripts or environment variables to load the key securely (see DOCKER_CONFIGURATION.md for details)
Rotate keys periodically - when rotating, re-encrypt all passphrases with the new key
Use different keys for different environments (development, staging, production)
Never commit keys or encrypted passphrases to version control
Restrict file permissions on configuration files containing secrets (chmod 600)

Troubleshooting

Debugging MCP Server Communication Issues

The MCP server includes extensive debugging features to help diagnose communication problems.

Viewing Logs

In MCP clients:

Check your client's log output (e.g., Cursor: Output panel → "MCP Logs")
All debug output is written to stderr

Manual testing: Run: ./build/install/mcp-encrypted-sqlite/bin/mcp-encrypted-sqlite --args '{"db_path":"/path/to/db.sqlite","passphrase":"secret"}' 2>&1 | tee mcp-debug.log

Common Communication Problems

1. Server does not start

Symptom: No logs visible, server does not respond
Debugging: Check startup logs:
- Java version is logged
- Arguments are logged
- Configuration parsing is logged
Solution:
- Verify Java is correctly installed
- Check the MCP configuration (mcp.json)
- Check paths in command and args fields

2. JSON Parsing Errors

Symptom: "Parse error" in logs
Debugging: The server logs:
- First 500 characters of received JSON
- Exact exception with stack trace
Solution:
- Check JSON structure in MCP configuration
- Ensure JSON is properly escaped
- Verify all required fields are present

3. Missing or Incorrect Responses

Symptom: Requests are not answered or timeouts occur
Debugging: The server logs:
- Each received request with ID and method
- Response size and status
- Flush status after writing
Solution:
- Check if STDOUT is available (logged at startup)
- Check response size (very large responses can cause problems)
- Verify flush was successful

4. Invalid Requests

Symptom: "Invalid Request" errors
Debugging: The server logs:
- Missing fields (e.g., method, id)
- JSON-RPC version mismatches
- Invalid parameters
Solution:
- Ensure all requests comply with JSON-RPC 2.0 standard
- Verify method and id fields are present
- Check parameter structure

5. Database Connection Problems

Symptom: "Database error" errors
Debugging: The server logs:
- Used DB paths (Default vs. Override)
- Passphrase status (encrypted/decrypted)
- CipherProfile configuration
Solution:
- Check DB path in logs
- Verify passphrase was correctly decrypted
- Check CipherProfile settings

Debugging Features in Detail

The server automatically logs:

Startup Information:
- Java version and Java Home
- Operating system information
- Number and content of arguments
- Configuration parsing status
Request Processing:
- Each received request with number and length
- JSON-RPC validation
- Method calls with parameters
- Response size and status
Error Handling:
- Detailed exception information with stack traces
- JSON-RPC error codes according to specification
- Error responses with additional debug data
Database Operations:
- Used configurations (Default vs. Override)
- SQL queries (first 100 characters)
- Result sizes and affected rows

Database cannot be opened

Verify the passphrase is correct
Check that the database uses SQLCipher 4 defaults (or configure a custom cipher profile)
Ensure the database file path is correct and accessible
Check logs: The server logs detailed information about passphrase decryption and DB path

Connection issues

Verify Java is installed: java -version
Check that JAVA_HOME is set correctly in the MCP configuration
Review your MCP client logs for detailed error messages

FTS (Full-Text Search) tables

The server automatically handles FTS virtual tables that may not have accessible metadata. These tables will appear with empty column lists.

License

Licensed under the Apache License, Version 2.0. See LICENSE for details.

Third-Party Licenses

sqlite-jdbc-crypt (Apache License 2.0) - SQLite JDBC driver with encryption support
- Source: https://github.com/Willena/sqlite-jdbc-crypt
Gson (Apache License 2.0) - JSON library for Java
- Source: https://github.com/google/gson
JUnit Jupiter (Eclipse Public License 2.0) - Testing framework
- Source: https://junit.org/junit5/

See NOTICE for detailed attribution information.

Acknowledgments

sqlite-jdbc-crypt - SQLite JDBC driver with encryption support
Model Context Protocol - MCP specification

Contributing

Contributions are welcome! Please feel free to submit a Pull Request. See CONTRIBUTING.md for guidelines.

Support

For issues, questions, or contributions, please open an issue on GitHub.

Buy me a coffee

Like this integration? Feel free to buy me a coffee! Your support helps me continue working on cool features.

Featured

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

Configuration

DB_PATH*

Path to the encrypted SQLite database file

DB_PASSPHRASE*secret

Passphrase for decrypting the database

Encrypted SQLite MCP Server

MCP server for encrypted SQLite databases

Compatible with all MCP clients (Cursor, Claude Desktop, and others).

Works with encrypted databases from: MoneyMoney, 1Password, Signal, WhatsApp, Firefox, Telegram, KeePass, and other applications using SQLCipher encryption.

Features

Encrypted SQLite Support: Works with SQLCipher 4 encrypted databases - the key differentiator of this MCP server
Encrypted Passphrases: Support for AES-256-GCM encrypted passphrases with macOS Keychain integration
Database Exploration: List tables, columns, indexes, and schema metadata
Query Support: Execute arbitrary SQL queries (SELECT, INSERT, UPDATE, DELETE, DDL)
CRUD Operations: Insert, update, and delete rows with filtering
Configurable Cipher Profiles: Support for different SQLCipher configurations
MCP Protocol: Full Model Context Protocol implementation via STDIO
Security: SQL identifier validation to prevent SQL injection
Debug Mode: Optional debug output via MCP_DEBUG environment variable
Input Validation: Comprehensive validation for limits, offsets, and identifiers

Why Encrypted SQLite?

Many popular applications use encrypted SQLite databases (SQLCipher) to protect sensitive data. This MCP server is specifically designed to work with these encrypted databases.

Applications Using Encrypted SQLite Databases

MoneyMoney (macOS): Financial management app with encrypted local databases
1Password: Password manager using SQLCipher for local vault storage
Signal: Encrypted messaging app with SQLCipher-protected message databases
WhatsApp: Messaging app using encrypted SQLite for local message storage
Firefox: Browser using SQLCipher for encrypted login databases
Telegram: Messaging app with encrypted local database storage
KeePass: Password manager supporting encrypted SQLite database files

Requirements

Java 21 or higher (JDK)
Gradle (wrapper included)
SQLite JDBC driver with encryption support (sqlite-jdbc-3.50.1.0.jar from sqlite-jdbc-crypt)

Quick Start

Cursor (One-Click Installation)

The easiest way to install this MCP server in Cursor is via the Cursor MCP Store:

Visit cursor.store/mcp/rosch100/mcp-encrypted-sqlite
Click "Add to Cursor"
Follow the prompts to configure your database path and passphrase

Other MCP Clients

This server works with any MCP-compatible client. See the Configuration section below for setup instructions.

Installation

Docker (Recommended)

Use the pre-built Docker image from GitHub Container Registry:

docker pull ghcr.io/rosch100/mcp-encrypted-sqlite:latest

Quick Start: See DOCKER_QUICKSTART.md for Docker Desktop setup.

Detailed Configuration: See DOCKER_CONFIGURATION.md for advanced options.

From Source

Clone the repository:

git clone https://github.com/rosch100/mcp-encrypted-sqlite.git

cd mcp-encrypted-sqlite
Build the project:

./gradlew build installDist

The build process will automatically download sqlite-jdbc-3.50.1.0.jar from sqlite-jdbc-crypt releases and place it in the libs/ directory.

The executable will be available at build/install/mcp-encrypted-sqlite/bin/mcp-encrypted-sqlite.

Configuration

This MCP server works with any MCP-compatible client (Cursor, Claude Desktop, etc.). The configuration format follows the Model Context Protocol specification.

The server communicates via STDIO (standard input/output). Add the following configuration to your MCP client's configuration file:

Configuration file locations:

Cursor: ~/.cursor/mcp.json
Claude Desktop (macOS): ~/Library/Application Support/Claude/claude_desktop_config.json
Claude Desktop (Windows): %APPDATA%\Claude\claude_desktop_config.json
Other clients: Refer to your client's documentation

{
  "mcpServers": {
    "encrypted-sqlite": {
      "command": "/path/to/mcp-encrypted-sqlite/build/install/mcp-encrypted-sqlite/bin/mcp-encrypted-sqlite",
      "args": [
        "--args",
        "{\"db_path\":\"/path/to/your/database.sqlite\",\"passphrase\":\"your-passphrase\"}"
      ]
    }
  }
}

Optional Parameters:

transport: Defaults to "stdio" (can be omitted)
cwd: Not needed when using absolute paths (can be omitted)
env: Only needed if Java is not in your system PATH or for custom Java installation:

{
  "mcpServers": {
    "encrypted-sqlite": {
      "command": "/path/to/mcp-encrypted-sqlite/build/install/mcp-encrypted-sqlite/bin/mcp-encrypted-sqlite",
      "args": [
        "--args",
        "{\"db_path\":\"/path/to/your/database.sqlite\",\"passphrase\":\"your-passphrase\"}"
      ],
      "env": {
        "JAVA_HOME": "/path/to/java/home"
      }
    }
  }
}

Docker Configuration

Plain Passphrase

{
  "mcpServers": {
    "encrypted-sqlite": {
      "command": "docker",
      "args": [
        "run", "--rm", "-i",
        "-v", "/path/to/your/database.sqlite:/data/database.sqlite:ro",
        "ghcr.io/rosch100/mcp-encrypted-sqlite:latest",
        "--args",
        "{\"db_path\":\"/data/database.sqlite\",\"passphrase\":\"your-passphrase\"}"
      ]
    }
  }
}

Encrypted Passphrase (Recommended)

When using encrypted passphrases, you must pass the encryption key as an environment variable:

{
  "mcpServers": {
    "encrypted-sqlite": {
      "command": "docker",
      "args": [
        "run", "--rm", "-i",
        "-e", "MCP_SQLITE_ENCRYPTION_KEY=your-encryption-key",
        "-v", "/path/to/your/database.sqlite:/data/database.sqlite:ro",
        "ghcr.io/rosch100/mcp-encrypted-sqlite:latest",
        "--args",
        "{\"db_path\":\"/data/database.sqlite\",\"passphrase\":\"encrypted:your-encrypted-passphrase\"}"
      ]
    }
  }
}

Important Notes:

The -e flag must come before the -v flag
macOS Keychain is NOT accessible from Docker containers - pass the encryption key explicitly
Get your encryption key: security find-generic-password -s "mcp-encrypted-sqlite" -a "encryption-key" -w
The database file is mounted as read-only (:ro) by default. Remove :ro if you need write access

Security Warning: Storing both the encryption key and encrypted passphrase as plain text in your configuration file is a security risk. See DOCKER_CONFIGURATION.md for secure alternatives.

Custom Cipher Profile

Override the default SQLCipher 4 settings by including a cipherProfile in the configuration JSON:

{
  "mcpServers": {
    "encrypted-sqlite": {
      "command": "/path/to/mcp-encrypted-sqlite/build/install/mcp-encrypted-sqlite/bin/mcp-encrypted-sqlite",
      "args": [
        "--args",
        "{\"db_path\":\"/path/to/your/database.sqlite\",\"passphrase\":\"your-passphrase\",\"cipherProfile\":{\"name\":\"SQLCipher 4 defaults\",\"pageSize\":4096,\"kdfIterations\":256000,\"hmacAlgorithm\":\"HMAC_SHA512\",\"kdfAlgorithm\":\"PBKDF2_HMAC_SHA512\"}}"
      ]
    }
  }
}

Encrypted Passphrases

For enhanced security, you can store passphrases in encrypted form. The server uses AES-256-GCM encryption, which provides authenticated encryption and is both secure and fast.

macOS Keychain (Recommended for macOS)

Generate and store key in Keychain: Run: ./store-key-in-keychain.sh --generate
Encrypt your passphrase: Run: ./encrypt-passphrase.sh "your-plain-passphrase"

The key is automatically loaded from the Keychain when no environment variable is set.

Benefits:

Key is securely encrypted and stored by macOS
No environment variables needed
Automatic unlock with macOS user password
Works system-wide for all applications

Environment Variable (Cross-Platform)

Generate an encryption key: Run: java -cp build/libs/mcp-encrypted-sqlite-VERSION.jar com.example.mcp.sqlite.config.PassphraseEncryption
Set the encryption key: Run: export MCP_SQLITE_ENCRYPTION_KEY="<your-generated-key>"
Encrypt your passphrase: Run: java -cp build/libs/mcp-encrypted-sqlite-VERSION.jar com.example.mcp.sqlite.util.EncryptPassphrase "your-plain-passphrase"

Usage

Use the encrypted passphrase (with encrypted: prefix) in your configuration:

On macOS with Keychain (recommended):

{
  "mcpServers": {
    "encrypted-sqlite": {
      "command": "/path/to/mcp-encrypted-sqlite/build/install/mcp-encrypted-sqlite/bin/mcp-encrypted-sqlite",
      "args": [
        "--args",
        "{\"db_path\":\"/path/to/your/database.sqlite\",\"passphrase\":\"encrypted:<encrypted-passphrase>\"}"
      ]
    }
  }
}

Note: No env section needed - the key is automatically loaded from macOS Keychain.

With environment variable (cross-platform):

{
  "mcpServers": {
    "encrypted-sqlite": {
      "command": "/path/to/mcp-encrypted-sqlite/build/install/mcp-encrypted-sqlite/bin/mcp-encrypted-sqlite",
      "args": [
        "--args",
        "{\"db_path\":\"/path/to/your/database.sqlite\",\"passphrase\":\"encrypted:<encrypted-passphrase>\"}"
      ],
      "env": {
        "MCP_SQLITE_ENCRYPTION_KEY": "<your-encryption-key>"
      }
    }
  }
}

Important Security Notes:

The encryption key MUST be available (macOS Keychain or MCP_SQLITE_ENCRYPTION_KEY environment variable)
The server automatically detects encrypted passphrases (starting with encrypted:) and decrypts them
Use PassphraseEncryption.generateKey() to generate strong keys (256 bits / 32 bytes)
AES-256-GCM provides authenticated encryption
Weak keys are automatically rejected

Available Tools

`list_tables`

List all tables in the database. By default only table names, with include_columns=true also column details.

Parameters:

db_path (optional if configured): Path to the database file
passphrase (optional if configured): Database passphrase
include_columns (optional, default: false): If true, column details are also returned

Example:

{
  "name": "list_tables",
  "arguments": {
    "include_columns": true
  }
}

`get_table_data`

Read data from a table with optional filtering, column selection, and pagination.

Parameters:

table (required): Table name
columns (optional): Array of column names to select
filters (optional): Object with column-value pairs for filtering
limit (optional, default: 200): Maximum number of rows
offset (optional, default: 0): Offset for pagination

Example:

{
  "name": "get_table_data",
  "arguments": {
    "table": "accounts",
    "columns": ["id", "name", "balance"],
    "filters": {"status": "active"},
    "limit": 50,
    "offset": 0
  }
}

`execute_sql`

Execute arbitrary SQL statements (SELECT, INSERT, UPDATE, DELETE, DDL).

Parameters:

sql (required): SQL statement to execute

Example:

{
  "name": "execute_sql",
  "arguments": {
    "sql": "SELECT COUNT(*) FROM transactions WHERE amount > 1000"
  }
}

`insert_or_update`

Perform UPSERT operations (INSERT or UPDATE on conflict).

Parameters:

table (required): Table name
primary_keys (required): Array of primary key column names
rows (required): Array of row objects to insert/update

Example:

{
  "name": "insert_or_update",
  "arguments": {
    "table": "accounts",
    "primary_keys": ["id"],
    "rows": [
      {"id": 1, "name": "Account 1", "balance": 1000.0},
      {"id": 2, "name": "Account 2", "balance": 2000.0}
    ]
  }
}

`delete_rows`

Delete rows from a table based on filters.

Parameters:

table (required): Table name
filters (required): Object with column-value pairs for filtering

Example:

{
  "name": "delete_rows",
  "arguments": {
    "table": "transactions",
    "filters": {"status": "cancelled"}
  }
}

`get_table_schema`

Retrieves detailed schema information for a table (columns, indexes, foreign keys, constraints).

Parameters:

table (required): Table name

Example:

{
  "name": "get_table_schema",
  "arguments": {
    "table": "accounts"
  }
}

`list_indexes`

Lists all indexes of a table.

Parameters:

table (required): Table name

Example:

{
  "name": "list_indexes",
  "arguments": {
    "table": "accounts"
  }
}

Debug Mode

Enable debug mode:

{
  "mcpServers": {
    "encrypted-sqlite": {
      "command": "/path/to/mcp-encrypted-sqlite/build/install/mcp-encrypted-sqlite/bin/mcp-encrypted-sqlite",
      "args": [
        "--args",
        "{\"db_path\":\"/path/to/your/database.sqlite\",\"passphrase\":\"your-passphrase\"}"
      ],
      "env": {
        "MCP_DEBUG": "true"
      }
    }
  }
}

Debug output includes:

Server startup information (Java version, OS, arguments)
Configuration parsing details
Request processing information
Response sizes and structures
Database connection details

Note: Debug output is disabled by default to keep logs clean. Only enable it when troubleshooting issues.

Default Cipher Profile

The server uses SQLCipher 4 defaults by default:

cipher_page_size: 4096
kdf_iter: 256000
cipher_hmac_algorithm: HMAC_SHA512
cipher_kdf_algorithm: PBKDF2_HMAC_SHA512
cipher_use_hmac: ON
cipher_plaintext_header_size: 0

These settings match the defaults used by tools like "DB Browser for SQLite" with SQLCipher 4.

Development

See DEVELOPMENT.md for development setup, building, testing, and project structure.

Security Considerations

General Security

Passphrases: Passphrases are only stored in memory and never logged
Encrypted Passphrases: Use encrypted passphrases with AES-256-GCM for storing passphrases in configuration files (see Encrypted Passphrases section)
Memory: Note that decrypted passphrases remain in memory as Java Strings (immutable). For maximum security, consider using char[] arrays, though this is not currently implemented.
Transport: Use secure transport channels (e.g., encrypted sessions) when accessing the server remotely
File Permissions: Ensure database files have appropriate file system permissions

Security Best Practices

Use encrypted passphrases with AES-256-GCM encryption
Generate strong keys using PassphraseEncryption.generateKey() (256 bits / 32 bytes)
Store encryption keys securely: Use macOS Keychain (recommended on macOS) or secure secret storage
Never store both encryption key and encrypted passphrase in the same configuration file - Use wrapper scripts or environment variables to load the key securely (see DOCKER_CONFIGURATION.md for details)
Rotate keys periodically - when rotating, re-encrypt all passphrases with the new key
Use different keys for different environments (development, staging, production)
Never commit keys or encrypted passphrases to version control
Restrict file permissions on configuration files containing secrets (chmod 600)

Troubleshooting

Debugging MCP Server Communication Issues

The MCP server includes extensive debugging features to help diagnose communication problems.

Viewing Logs

In MCP clients:

Check your client's log output (e.g., Cursor: Output panel → "MCP Logs")
All debug output is written to stderr

Manual testing: Run: ./build/install/mcp-encrypted-sqlite/bin/mcp-encrypted-sqlite --args '{"db_path":"/path/to/db.sqlite","passphrase":"secret"}' 2>&1 | tee mcp-debug.log

Common Communication Problems

1. Server does not start

Symptom: No logs visible, server does not respond
Debugging: Check startup logs:
- Java version is logged
- Arguments are logged
- Configuration parsing is logged
Solution:
- Verify Java is correctly installed
- Check the MCP configuration (mcp.json)
- Check paths in command and args fields

2. JSON Parsing Errors

Symptom: "Parse error" in logs
Debugging: The server logs:
- First 500 characters of received JSON
- Exact exception with stack trace
Solution:
- Check JSON structure in MCP configuration
- Ensure JSON is properly escaped
- Verify all required fields are present

3. Missing or Incorrect Responses

Symptom: Requests are not answered or timeouts occur
Debugging: The server logs:
- Each received request with ID and method
- Response size and status
- Flush status after writing
Solution:
- Check if STDOUT is available (logged at startup)
- Check response size (very large responses can cause problems)
- Verify flush was successful

4. Invalid Requests

Symptom: "Invalid Request" errors
Debugging: The server logs:
- Missing fields (e.g., method, id)
- JSON-RPC version mismatches
- Invalid parameters
Solution:
- Ensure all requests comply with JSON-RPC 2.0 standard
- Verify method and id fields are present
- Check parameter structure

5. Database Connection Problems

Symptom: "Database error" errors
Debugging: The server logs:
- Used DB paths (Default vs. Override)
- Passphrase status (encrypted/decrypted)
- CipherProfile configuration
Solution:
- Check DB path in logs
- Verify passphrase was correctly decrypted
- Check CipherProfile settings

Debugging Features in Detail

The server automatically logs:

Startup Information:
- Java version and Java Home
- Operating system information
- Number and content of arguments
- Configuration parsing status
Request Processing:
- Each received request with number and length
- JSON-RPC validation
- Method calls with parameters
- Response size and status
Error Handling:
- Detailed exception information with stack traces
- JSON-RPC error codes according to specification
- Error responses with additional debug data
Database Operations:
- Used configurations (Default vs. Override)
- SQL queries (first 100 characters)
- Result sizes and affected rows

Database cannot be opened

Verify the passphrase is correct
Check that the database uses SQLCipher 4 defaults (or configure a custom cipher profile)
Ensure the database file path is correct and accessible
Check logs: The server logs detailed information about passphrase decryption and DB path

Connection issues

Verify Java is installed: java -version
Check that JAVA_HOME is set correctly in the MCP configuration
Review your MCP client logs for detailed error messages

FTS (Full-Text Search) tables

The server automatically handles FTS virtual tables that may not have accessible metadata. These tables will appear with empty column lists.

License

Licensed under the Apache License, Version 2.0. See LICENSE for details.

Third-Party Licenses

sqlite-jdbc-crypt (Apache License 2.0) - SQLite JDBC driver with encryption support
- Source: https://github.com/Willena/sqlite-jdbc-crypt
Gson (Apache License 2.0) - JSON library for Java
- Source: https://github.com/google/gson
JUnit Jupiter (Eclipse Public License 2.0) - Testing framework
- Source: https://junit.org/junit5/

See NOTICE for detailed attribution information.

Acknowledgments

sqlite-jdbc-crypt - SQLite JDBC driver with encryption support
Model Context Protocol - MCP specification

Contributing

Contributions are welcome! Please feel free to submit a Pull Request. See CONTRIBUTING.md for guidelines.

Support

For issues, questions, or contributions, please open an issue on GitHub.

Buy me a coffee

Like this integration? Feel free to buy me a coffee! Your support helps me continue working on cool features.