Open Source vs. Hosted MCP Server

An open-source MCP server is published as code — usually on GitHub and as an npm or PyPI package — that you download, configure, and run on your own machine or infrastructure. A hosted MCP server is run by its author (or a third party) and exposed as a remote endpoint; you add a URL to your client and never touch the code.

The two categories often overlap: many popular servers ship open-source code and a hosted endpoint for the same functionality. The question is not which kind of software it is, but who operates the process that answers your agent's calls.

A self-run server typically starts as a subprocess of your MCP client over the stdio transport — the client config specifies a command like npx -y some-server or uvx some-server, plus environment variables for any credentials. You supply your own API keys, you control the version, and nothing leaves your machine except the upstream API calls the server makes.

The costs are operational. Every machine needs its own setup, dependency updates are on you, and if the server wraps a paid upstream API you still need an account and key with that provider. Free as in license does not mean free as in operation.

A hosted server lives on the operator's infrastructure and speaks Streamable HTTP. Connecting takes one URL — no runtime, no package install, no local credentials beyond whatever authentication the endpoint requires. The operator handles scaling, upgrades, and uptime, and can serve thousands of clients from one deployment.

The tradeoffs are dependency and trust: your agent's requests transit the operator's servers, an outage on their side is an outage for you, and the operator's terms govern rate limits and data handling.

Hosted servers are the natural fit for per-call monetization, because the operator controls the endpoint and can gate it with an x402 challenge: an unpaid request gets HTTP 402 plus a price, the agent's wallet pays in USDC, settlement lands on Base in about two seconds, and the handler runs. There is no equivalent choke point for code a user runs locally — once the source is on someone's machine, there is nothing to gate.

This is why the common commercial pattern is open core, hosted edge: keep the code open source for self-hosters, and offer a paid hosted endpoint for everyone who would rather pay $0.01 a call than run infrastructure.

The Loomal Index lists both kinds. Open-source server listings carry the package name, install command, and live-probed tool list; hosted listings carry the remote endpoint. A maintainer who verifies GitHub ownership can claim their listing and attach x402 pricing to a hosted endpoint — minimum $0.01 per call, with Loomal's 5% fee on settled transactions currently waived — while the open-source distribution stays exactly as free as its license says.