<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: LemonCake</title>
    <description>The latest articles on DEV Community by LemonCake (@lemoncake).</description>
    <link>https://dev.to/lemoncake</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3936371%2Fa5acc724-5c59-4f01-b119-18172e5b4509.png</url>
      <title>DEV Community: LemonCake</title>
      <link>https://dev.to/lemoncake</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/lemoncake"/>
    <language>en</language>
    <item>
      <title>How I let AI agents pay for APIs per call (the HTTP 402 path)</title>
      <dc:creator>LemonCake</dc:creator>
      <pubDate>Wed, 17 Jun 2026 19:19:09 +0000</pubDate>
      <link>https://dev.to/lemoncake/how-i-let-ai-agents-pay-for-apis-per-call-the-http-402-path-3eo2</link>
      <guid>https://dev.to/lemoncake/how-i-let-ai-agents-pay-for-apis-per-call-the-http-402-path-3eo2</guid>
      <description>&lt;p&gt;If you've built an MCP server or any API that costs you money to run (an LLM call, a paid data source, compute), you've probably hit the same wall I did:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;How do you get paid per call — when the caller is an AI agent, not a human with a credit card form?&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;A human can sign up, enter a card, get an API key. An autonomous agent can't fill out a Stripe checkout form mid-task. And you don't want to hand an agent a raw API key with no spending limit — one runaway loop and your bill explodes.&lt;/p&gt;

&lt;p&gt;This post walks through the design I landed on. It's not the only way, but the pieces are reusable even if you build your own.&lt;/p&gt;

&lt;h2&gt;
  
  
  The core idea: HTTP 402
&lt;/h2&gt;

&lt;p&gt;&lt;code&gt;402 Payment Required&lt;/code&gt; has been a reserved HTTP status code since the beginning, basically unused. It turns out to be exactly the primitive we need.&lt;/p&gt;

&lt;p&gt;The flow:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;An agent calls your endpoint with no payment.&lt;/li&gt;
&lt;li&gt;You respond &lt;code&gt;402&lt;/code&gt; with a small JSON body describing &lt;strong&gt;how to pay&lt;/strong&gt; (price, where to top up, what token format you accept).&lt;/li&gt;
&lt;li&gt;The agent (or its owner) tops up once, getting a &lt;strong&gt;budget-capped token&lt;/strong&gt;.&lt;/li&gt;
&lt;li&gt;The agent retries with the token in the &lt;code&gt;Authorization&lt;/code&gt; header. Now it works — and keeps working until the budget runs out, then it gets &lt;code&gt;402&lt;/code&gt; again.
&lt;/li&gt;
&lt;/ol&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight http"&gt;&lt;code&gt;&lt;span class="k"&gt;HTTP&lt;/span&gt;&lt;span class="o"&gt;/&lt;/span&gt;&lt;span class="m"&gt;1.1&lt;/span&gt; &lt;span class="m"&gt;402&lt;/span&gt; &lt;span class="ne"&gt;Payment Required&lt;/span&gt;
&lt;span class="na"&gt;Content-Type&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="s"&gt;application/json&lt;/span&gt;

&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"accepts"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;[&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
      &lt;/span&gt;&lt;span class="nl"&gt;"scheme"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"lemoncake-pay-token"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
      &lt;/span&gt;&lt;span class="nl"&gt;"price"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"0.01"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
      &lt;/span&gt;&lt;span class="nl"&gt;"currency"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"USD"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
      &lt;/span&gt;&lt;span class="nl"&gt;"mintUrl"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"https://.../buy/&amp;lt;id&amp;gt;"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
      &lt;/span&gt;&lt;span class="nl"&gt;"gatewayUrl"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"https://.../g/&amp;lt;id&amp;gt;"&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;]&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This is the shape the &lt;a href="https://github.com/coinbase/x402" rel="noopener noreferrer"&gt;x402 spec&lt;/a&gt; standardizes. You don't strictly need the spec to do it — but following it means agent frameworks that already understand 402 can pay you without custom glue.&lt;/p&gt;

&lt;h2&gt;
  
  
  The budget cap is the important part
&lt;/h2&gt;

&lt;p&gt;The naive version — "give the agent an API key" — is dangerous because there's no ceiling. The whole point of an agent paying autonomously is that &lt;strong&gt;you stop watching it&lt;/strong&gt;. So the token has to carry its own limits:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight json"&gt;&lt;code&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"budget"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="mf"&gt;5.00&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"spent"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="mf"&gt;0.06&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"max_calls"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="mi"&gt;50&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"calls_used"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="mi"&gt;6&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"expires_at"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"2026-07-01T00:00:00Z"&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The gateway checks these on every call &lt;em&gt;before&lt;/em&gt; forwarding upstream. Budget exhausted → &lt;code&gt;402&lt;/code&gt;. Rate limit hit → &lt;code&gt;429&lt;/code&gt;. Expired → &lt;code&gt;402&lt;/code&gt;. The agent can never spend more than the token allows, even if it goes haywire.&lt;/p&gt;

&lt;p&gt;I encode the token as a signed JWT (HS256) so the gateway can verify it without a DB round-trip on the hot path, then check the live spend counter in Postgres. The JWT carries the token id, endpoint id, and owner id; the mutable budget lives in the DB.&lt;/p&gt;

&lt;h2&gt;
  
  
  The gateway pattern
&lt;/h2&gt;

&lt;p&gt;The key architectural move: &lt;strong&gt;a proxy in front of the real endpoint.&lt;/strong&gt; The agent never calls your upstream directly. It calls a gateway URL like &lt;code&gt;/g/&amp;lt;endpoint-id&amp;gt;&lt;/code&gt;. The gateway:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Verifies the pay token.&lt;/li&gt;
&lt;li&gt;Checks budget / rate limit / expiry.&lt;/li&gt;
&lt;li&gt;Forwards the request to your real upstream (with &lt;em&gt;your&lt;/em&gt; upstream auth attached server-side, so the agent never sees your real keys).&lt;/li&gt;
&lt;li&gt;Records the call + cost in a ledger.&lt;/li&gt;
&lt;li&gt;Returns the upstream response.
&lt;/li&gt;
&lt;/ol&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;agent ──► /g/&amp;lt;id&amp;gt; (gateway)
            ├─ verify token
            ├─ check budget
            ├─ forward ──► your real API (with your secret key)
            ├─ record usage + cost
            └─ return response
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This decouples two things that are usually tangled: &lt;strong&gt;who can call&lt;/strong&gt; (the agent's pay token) and &lt;strong&gt;how you authenticate upstream&lt;/strong&gt; (your secret, never exposed). It also means you can put a per-endpoint price on &lt;em&gt;any&lt;/em&gt; existing API without touching its code.&lt;/p&gt;

&lt;h2&gt;
  
  
  Settling the money
&lt;/h2&gt;

&lt;p&gt;Minting a budget-capped token means someone paid up front. I use Stripe Checkout as a Direct Charge on the provider's connected account (Stripe Connect), so the money lands in the provider's balance and the platform takes a small application fee — once, at payment time, not per call. The per-call cost is just a ledger figure that draws down the prepaid budget.&lt;/p&gt;

&lt;p&gt;This matters because charging a fee on every tiny call would get eaten by Stripe's per-transaction minimums. Prepaid bundle + ledger drawdown sidesteps that entirely.&lt;/p&gt;

&lt;h2&gt;
  
  
  What I'd tell you before you build your own
&lt;/h2&gt;

&lt;p&gt;A few things that bit me:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Don't put the fee on each call.&lt;/strong&gt; Stripe's minimum charge makes sub-cent per-call billing impossible. Prepay a budget, draw it down in your own ledger.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;The token must be re-displayable.&lt;/strong&gt; Agents lose context. The buyer needs a way to recover the same token (I key the success page off the Stripe session id, which is single-use and unguessable).&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Scope the token to one endpoint.&lt;/strong&gt; A token minted for endpoint A should be rejected at endpoint B. Otherwise a leaked token is a blank check.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Forward upstream auth server-side only.&lt;/strong&gt; The agent should never be able to read your real upstream key. The gateway attaches it after auth.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  The result
&lt;/h2&gt;

&lt;p&gt;I packaged this up as a project called &lt;strong&gt;LemonCake&lt;/strong&gt; — you wrap any API/MCP endpoint, set a price per call, and get a gateway URL an agent can pay through autonomously. There's a live demo (no signup) if you want to see the 402 → top-up → call loop run end to end: &lt;a href="https://www.lemoncake.xyz/demo" rel="noopener noreferrer"&gt;https://www.lemoncake.xyz/demo&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;If you'd rather not leave your terminal, you can watch a budget-capped token get minted and spent in about ten seconds:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="c"&gt;# 1) mint a sandbox pay token ($0.20 cap, 20 calls, no signup)&lt;/span&gt;
&lt;span class="nv"&gt;RESP&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="si"&gt;$(&lt;/span&gt;curl &lt;span class="nt"&gt;-s&lt;/span&gt; &lt;span class="nt"&gt;-X&lt;/span&gt; POST https://www.lemoncake.xyz/api/lc/demo/token&lt;span class="si"&gt;)&lt;/span&gt;
&lt;span class="nv"&gt;TOKEN&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="si"&gt;$(&lt;/span&gt;&lt;span class="nb"&gt;echo&lt;/span&gt; &lt;span class="s2"&gt;"&lt;/span&gt;&lt;span class="nv"&gt;$RESP&lt;/span&gt;&lt;span class="s2"&gt;"&lt;/span&gt; | jq &lt;span class="nt"&gt;-r&lt;/span&gt; .jwt&lt;span class="si"&gt;)&lt;/span&gt;
&lt;span class="nv"&gt;GATEWAY&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s2"&gt;"https://www.lemoncake.xyz&lt;/span&gt;&lt;span class="si"&gt;$(&lt;/span&gt;&lt;span class="nb"&gt;echo&lt;/span&gt; &lt;span class="s2"&gt;"&lt;/span&gt;&lt;span class="nv"&gt;$RESP&lt;/span&gt;&lt;span class="s2"&gt;"&lt;/span&gt; | jq &lt;span class="nt"&gt;-r&lt;/span&gt; .gatewayPath&lt;span class="si"&gt;)&lt;/span&gt;&lt;span class="s2"&gt;"&lt;/span&gt;

&lt;span class="c"&gt;# 2) call the metered gateway with it — note the x-lemoncake-charge header&lt;/span&gt;
curl &lt;span class="nt"&gt;-s&lt;/span&gt; &lt;span class="nt"&gt;-D&lt;/span&gt; - &lt;span class="nt"&gt;-o&lt;/span&gt; /dev/null &lt;span class="nt"&gt;-X&lt;/span&gt; POST &lt;span class="s2"&gt;"&lt;/span&gt;&lt;span class="nv"&gt;$GATEWAY&lt;/span&gt;&lt;span class="s2"&gt;"&lt;/span&gt; &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;-H&lt;/span&gt; &lt;span class="s2"&gt;"Authorization: Bearer &lt;/span&gt;&lt;span class="nv"&gt;$TOKEN&lt;/span&gt;&lt;span class="s2"&gt;"&lt;/span&gt; &lt;span class="nt"&gt;-H&lt;/span&gt; &lt;span class="s2"&gt;"Content-Type: application/json"&lt;/span&gt; &lt;span class="nt"&gt;-d&lt;/span&gt; &lt;span class="s1"&gt;'{"ping":1}'&lt;/span&gt; &lt;span class="se"&gt;\&lt;/span&gt;
  | &lt;span class="nb"&gt;grep&lt;/span&gt; &lt;span class="nt"&gt;-i&lt;/span&gt; x-lemoncake-charge
&lt;span class="c"&gt;# -&amp;gt; x-lemoncake-charge: 0.01&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Keep calling and the budget drains; when it hits zero the gateway answers &lt;code&gt;402&lt;/code&gt; again and the agent simply stops.&lt;/p&gt;

&lt;p&gt;But honestly, even if you never touch it, the pattern stands on its own:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;&lt;strong&gt;402 to advertise the price → budget-capped token → gateway that verifies, forwards, and meters.&lt;/strong&gt;&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;I'm still genuinely unsure whether autonomous per-call payment is something agent builders need &lt;em&gt;today&lt;/em&gt; or whether I'm a year or two early. If you've hit the "how do I charge an agent" problem from the other side, I'd love to hear how you solved it.&lt;/p&gt;

</description>
      <category>ai</category>
      <category>webdev</category>
      <category>programming</category>
      <category>mcp</category>
    </item>
    <item>
      <title>How I let AI agents pay for APIs per call (the HTTP 402 path)</title>
      <dc:creator>LemonCake</dc:creator>
      <pubDate>Wed, 17 Jun 2026 18:07:56 +0000</pubDate>
      <link>https://dev.to/lemoncake/how-i-let-ai-agents-pay-for-apis-per-call-the-http-402-path-cp</link>
      <guid>https://dev.to/lemoncake/how-i-let-ai-agents-pay-for-apis-per-call-the-http-402-path-cp</guid>
      <description>&lt;p&gt;If you've built an MCP server or any API that costs you money to run (an LLM call, a paid data source, compute), you've probably hit the same wall I did:&lt;/p&gt;

&lt;p&gt;How do you get paid per call — when the caller is an AI agent, not a human with a credit card form?&lt;/p&gt;

&lt;p&gt;A human can sign up, enter a card, get an API key. An autonomous agent can't fill out a Stripe checkout form mid-task. And you don't want to hand an agent a raw API key with no spending limit — one runaway loop and your bill explodes.&lt;/p&gt;

&lt;p&gt;This post walks through the design I landed on. It's not the only way, but the pieces are reusable even if you build your own.&lt;/p&gt;

&lt;p&gt;The core idea: HTTP 402&lt;br&gt;
402 Payment Required has been a reserved HTTP status code since the beginning, basically unused. It turns out to be exactly the primitive we need.&lt;/p&gt;

&lt;p&gt;The flow:&lt;/p&gt;

&lt;p&gt;An agent calls your endpoint with no payment.&lt;br&gt;
You respond 402 with a small JSON body describing how to pay (price, where to top up, what token format you accept).&lt;br&gt;
The agent (or its owner) tops up once, getting a budget-capped token.&lt;br&gt;
The agent retries with the token in the Authorization header. Now it works — and keeps working until the budget runs out, then it gets 402 again.&lt;br&gt;
HTTP/1.1 402 Payment Required&lt;br&gt;
Content-Type: application/json&lt;/p&gt;

&lt;p&gt;{&lt;br&gt;
  "accepts": [&lt;br&gt;
    {&lt;br&gt;
      "scheme": "lemoncake-pay-token",&lt;br&gt;
      "price": "0.01",&lt;br&gt;
      "currency": "USD",&lt;br&gt;
      "mintUrl": "https://.../buy/",&lt;br&gt;
      "gatewayUrl": "https://.../g/"&lt;br&gt;
    }&lt;br&gt;
  ]&lt;br&gt;
}&lt;br&gt;
This is the shape the x402 spec standardizes. You don't strictly need the spec to do it — but following it means agent frameworks that already understand 402 can pay you without custom glue.&lt;/p&gt;

&lt;p&gt;The budget cap is the important part&lt;br&gt;
The naive version — "give the agent an API key" — is dangerous because there's no ceiling. The whole point of an agent paying autonomously is that you stop watching it. So the token has to carry its own limits:&lt;/p&gt;

&lt;p&gt;{&lt;br&gt;
  "budget": 5.00,&lt;br&gt;
  "spent": 0.06,&lt;br&gt;
  "max_calls": 50,&lt;br&gt;
  "calls_used": 6,&lt;br&gt;
  "expires_at": "2026-07-01T00:00:00Z"&lt;br&gt;
}&lt;br&gt;
The gateway checks these on every call before forwarding upstream. Budget exhausted → 402. Rate limit hit → 429. Expired → 402. The agent can never spend more than the token allows, even if it goes haywire.&lt;/p&gt;

&lt;p&gt;I encode the token as a signed JWT (HS256) so the gateway can verify it without a DB round-trip on the hot path, then check the live spend counter in Postgres. The JWT carries the token id, endpoint id, and owner id; the mutable budget lives in the DB.&lt;/p&gt;

&lt;p&gt;The gateway pattern&lt;br&gt;
The key architectural move: a proxy in front of the real endpoint. The agent never calls your upstream directly. It calls a gateway URL like /g/. The gateway:&lt;/p&gt;

&lt;p&gt;Verifies the pay token.&lt;br&gt;
Checks budget / rate limit / expiry.&lt;br&gt;
Forwards the request to your real upstream (with your upstream auth attached server-side, so the agent never sees your real keys).&lt;br&gt;
Records the call + cost in a ledger.&lt;br&gt;
Returns the upstream response.&lt;br&gt;
agent ──► /g/ (gateway)&lt;br&gt;
            ├─ verify token&lt;br&gt;
            ├─ check budget&lt;br&gt;
            ├─ forward ──► your real API (with your secret key)&lt;br&gt;
            ├─ record usage + cost&lt;br&gt;
            └─ return response&lt;br&gt;
This decouples two things that are usually tangled: who can call (the agent's pay token) and how you authenticate upstream (your secret, never exposed). It also means you can put a per-endpoint price on any existing API without touching its code.&lt;/p&gt;

&lt;p&gt;Settling the money&lt;br&gt;
Minting a budget-capped token means someone paid up front. I use Stripe Checkout as a Direct Charge on the provider's connected account (Stripe Connect), so the money lands in the provider's balance and the platform takes a small application fee — once, at payment time, not per call. The per-call cost is just a ledger figure that draws down the prepaid budget.&lt;/p&gt;

&lt;p&gt;This matters because charging a fee on every tiny call would get eaten by Stripe's per-transaction minimums. Prepaid bundle + ledger drawdown sidesteps that entirely.&lt;/p&gt;

&lt;p&gt;What I'd tell you before you build your own&lt;br&gt;
A few things that bit me:&lt;/p&gt;

&lt;p&gt;Don't put the fee on each call. Stripe's minimum charge makes sub-cent per-call billing impossible. Prepay a budget, draw it down in your own ledger.&lt;br&gt;
The token must be re-displayable. Agents lose context. The buyer needs a way to recover the same token (I key the success page off the Stripe session id, which is single-use and unguessable).&lt;br&gt;
Scope the token to one endpoint. A token minted for endpoint A should be rejected at endpoint B. Otherwise a leaked token is a blank check.&lt;br&gt;
Forward upstream auth server-side only. The agent should never be able to read your real upstream key. The gateway attaches it after auth.&lt;br&gt;
The result&lt;br&gt;
I packaged this up as a project called LemonCake — you wrap any API/MCP endpoint, set a price per call, and get a gateway URL an agent can pay through autonomously. There's a live demo (no signup) if you want to see the 402 → top-up → call loop run end to end: &lt;a href="https://www.lemoncake.xyz/demo" rel="noopener noreferrer"&gt;https://www.lemoncake.xyz/demo&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;But honestly, even if you never touch it, the pattern stands on its own:&lt;/p&gt;

&lt;p&gt;402 to advertise the price → budget-capped token → gateway that verifies, forwards, and meters.&lt;/p&gt;

&lt;p&gt;I'm still genuinely unsure whether autonomous per-call payment is something agent builders need today or whether I'm a year or two early. If you've hit the "how do I charge an agent" problem from the other side, I'd love to hear how you solved it.&lt;/p&gt;

</description>
      <category>ai</category>
      <category>mcp</category>
      <category>webdev</category>
    </item>
    <item>
      <title>How to Monetize Your MCP Server with Pay-Per-Call USDC Payments</title>
      <dc:creator>LemonCake</dc:creator>
      <pubDate>Sun, 17 May 2026 13:58:52 +0000</pubDate>
      <link>https://dev.to/lemoncake/how-to-monetize-your-mcp-server-with-pay-per-call-usdc-payments-3mg9</link>
      <guid>https://dev.to/lemoncake/how-to-monetize-your-mcp-server-with-pay-per-call-usdc-payments-3mg9</guid>
      <description>&lt;h1&gt;
  
  
  How to Monetize Your MCP Server with Pay-Per-Call USDC Payments
&lt;/h1&gt;

&lt;p&gt;&lt;em&gt;If you've built an MCP server, you've probably wondered: how do I actually charge for this?&lt;/em&gt;&lt;/p&gt;




&lt;h2&gt;
  
  
  The Monetization Gap in the MCP Ecosystem
&lt;/h2&gt;

&lt;p&gt;The MCP ecosystem is exploding. Thousands of servers listed on registries, npm, Glama, Smithery. But look closely at the pricing model for almost all of them:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Free.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Not "freemium." Just free. With a GitHub Sponsors link buried at the bottom that nobody clicks.&lt;/p&gt;

&lt;p&gt;This makes sense for early adoption — you want distribution. But it's not a business. And the obvious alternatives don't fit agentic workflows:&lt;/p&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Model&lt;/th&gt;
&lt;th&gt;Problem&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;Monthly subscription&lt;/td&gt;
&lt;td&gt;AI agents don't have credit cards. Who signs up?&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;API key + quota&lt;/td&gt;
&lt;td&gt;Rate limits = agent blocking at 3am. Friction.&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Per-seat SaaS&lt;/td&gt;
&lt;td&gt;Makes sense for humans, not for 100 parallel agents&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;There's a mismatch. MCP tools are called programmatically, at scale, in automated pipelines. The payment model should match.&lt;/p&gt;

&lt;p&gt;That's the gap I wanted to fill.&lt;/p&gt;




&lt;h2&gt;
  
  
  The Pay Token Pattern
&lt;/h2&gt;

&lt;p&gt;Here's the insight: &lt;strong&gt;treat every tool call like an API call with a receipt&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;An agent that can call &lt;code&gt;search_markets()&lt;/code&gt; or &lt;code&gt;place_order()&lt;/code&gt; should be able to pay for those calls — automatically, with no human approval per call, within pre-set limits.&lt;/p&gt;

&lt;p&gt;The pattern looks like this:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;User (human)                    MCP Client            MCP Server (your tool)
     │                               │                        │
     ├─ Top up $20 USDC once ───────&amp;gt;│                        │
     ├─ Set daily cap $5 ───────────&amp;gt;│                        │
     │                               │                        │
     │ (agent runs autonomously)     │                        │
     │                               ├─ call_tool(args) ─────&amp;gt;│
     │                               │   + LEMONCAKE_PAY_TOKEN │
     │                               │                        ├─ charge $0.01
     │                               │&amp;lt;─ result + receipt ────┤
     │                               │                        │
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The key element is the &lt;strong&gt;Pay Token&lt;/strong&gt; — a short-lived, scoped JWT that:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Carries a spend limit the agent cannot exceed&lt;/li&gt;
&lt;li&gt;Can be revoked instantly (kill switch)&lt;/li&gt;
&lt;li&gt;Doesn't expose your wallet or API key to the MCP server&lt;/li&gt;
&lt;li&gt;Produces a machine-readable receipt on every successful charge&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  The Safety Mechanic: Spend Caps the Agent Can't Override
&lt;/h2&gt;

&lt;p&gt;This is what took the most thought to get right.&lt;/p&gt;

&lt;p&gt;The obvious approach is trusting the agent to "spend responsibly." This doesn't work. An injected prompt, a hallucinated loop, or a misconfigured instruction can rack up charges before you notice.&lt;/p&gt;

&lt;p&gt;The safer design: &lt;strong&gt;the cap is enforced server-side, outside the agent's call graph&lt;/strong&gt;.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight typescript"&gt;&lt;code&gt;&lt;span class="c1"&gt;// alpaca-guard-mcp: preflight before every order&lt;/span&gt;
&lt;span class="k"&gt;async&lt;/span&gt; &lt;span class="kd"&gt;function&lt;/span&gt; &lt;span class="nf"&gt;guarded_place_order&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nx"&gt;args&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;PlaceOrderArgs&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
  &lt;span class="c1"&gt;// 1. Resolve notional cost&lt;/span&gt;
  &lt;span class="kd"&gt;const&lt;/span&gt; &lt;span class="nx"&gt;notional&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="nx"&gt;args&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;qty&lt;/span&gt; &lt;span class="o"&gt;*&lt;/span&gt; &lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nx"&gt;args&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;limitPrice&lt;/span&gt; &lt;span class="o"&gt;??&lt;/span&gt; &lt;span class="k"&gt;await&lt;/span&gt; &lt;span class="nf"&gt;get_latest_quote&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nx"&gt;args&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;symbol&lt;/span&gt;&lt;span class="p"&gt;));&lt;/span&gt;

  &lt;span class="c1"&gt;// 2. Preflight against cap.json — BEFORE any Alpaca call&lt;/span&gt;
  &lt;span class="kd"&gt;const&lt;/span&gt; &lt;span class="nx"&gt;cap&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="k"&gt;await&lt;/span&gt; &lt;span class="nf"&gt;readCap&lt;/span&gt;&lt;span class="p"&gt;();&lt;/span&gt; &lt;span class="c1"&gt;// { dailyLimitUsd: 50, todayUsedUsd: 12.50 }&lt;/span&gt;
  &lt;span class="kd"&gt;const&lt;/span&gt; &lt;span class="nx"&gt;remaining&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="nx"&gt;cap&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;dailyLimitUsd&lt;/span&gt; &lt;span class="o"&gt;-&lt;/span&gt; &lt;span class="nx"&gt;cap&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;todayUsedUsd&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;

  &lt;span class="k"&gt;if &lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nx"&gt;notional&lt;/span&gt; &lt;span class="o"&gt;&amp;gt;&lt;/span&gt; &lt;span class="nx"&gt;remaining&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
    &lt;span class="k"&gt;return&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
      &lt;span class="na"&gt;allowed&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="kc"&gt;false&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
      &lt;span class="na"&gt;status&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;BUDGET_EXCEEDED&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
      &lt;span class="na"&gt;hint&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="s2"&gt;`This order would cost ~$&lt;/span&gt;&lt;span class="p"&gt;${&lt;/span&gt;&lt;span class="nx"&gt;notional&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="s2"&gt; but only $&lt;/span&gt;&lt;span class="p"&gt;${&lt;/span&gt;&lt;span class="nx"&gt;remaining&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="s2"&gt; remains under today's $&lt;/span&gt;&lt;span class="p"&gt;${&lt;/span&gt;&lt;span class="nx"&gt;cap&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;dailyLimitUsd&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="s2"&gt; cap.`&lt;/span&gt;
    &lt;span class="p"&gt;};&lt;/span&gt;
  &lt;span class="p"&gt;}&lt;/span&gt;

  &lt;span class="c1"&gt;// 3. Only then: call Alpaca&lt;/span&gt;
  &lt;span class="kd"&gt;const&lt;/span&gt; &lt;span class="nx"&gt;order&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="k"&gt;await&lt;/span&gt; &lt;span class="nx"&gt;alpaca&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;placeOrder&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nx"&gt;args&lt;/span&gt;&lt;span class="p"&gt;);&lt;/span&gt;

  &lt;span class="c1"&gt;// 4. Record the charge&lt;/span&gt;
  &lt;span class="k"&gt;await&lt;/span&gt; &lt;span class="nf"&gt;recordCharge&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nx"&gt;notional&lt;/span&gt;&lt;span class="p"&gt;);&lt;/span&gt;
  &lt;span class="k"&gt;return&lt;/span&gt; &lt;span class="nx"&gt;order&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;
&lt;span class="p"&gt;}&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The agent sees the &lt;code&gt;BUDGET_EXCEEDED&lt;/code&gt; structured response and can explain it to the user. It cannot retry past the cap. There's no agent-side override.&lt;/p&gt;




&lt;h2&gt;
  
  
  Adding Billing to Your Own MCP Server
&lt;/h2&gt;

&lt;p&gt;If you've built an MCP server and want to add pay-per-call billing, it's three lines:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;npm &lt;span class="nb"&gt;install&lt;/span&gt; @lemon-cake/mcp-sdk
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;





&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight typescript"&gt;&lt;code&gt;&lt;span class="k"&gt;import&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt; &lt;span class="nx"&gt;McpServer&lt;/span&gt; &lt;span class="p"&gt;}&lt;/span&gt; &lt;span class="k"&gt;from&lt;/span&gt; &lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;@modelcontextprotocol/sdk/server/mcp.js&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;
&lt;span class="k"&gt;import&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt; &lt;span class="nx"&gt;createLemonCakeSDK&lt;/span&gt; &lt;span class="p"&gt;}&lt;/span&gt; &lt;span class="k"&gt;from&lt;/span&gt; &lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;@lemon-cake/mcp-sdk&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;

&lt;span class="kd"&gt;const&lt;/span&gt; &lt;span class="nx"&gt;server&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="k"&gt;new&lt;/span&gt; &lt;span class="nc"&gt;McpServer&lt;/span&gt;&lt;span class="p"&gt;({&lt;/span&gt; &lt;span class="na"&gt;name&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;my-server&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt; &lt;span class="na"&gt;version&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;1.0.0&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt; &lt;span class="p"&gt;});&lt;/span&gt;
&lt;span class="kd"&gt;const&lt;/span&gt; &lt;span class="nx"&gt;lc&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="nf"&gt;createLemonCakeSDK&lt;/span&gt;&lt;span class="p"&gt;({&lt;/span&gt; &lt;span class="na"&gt;sellerKey&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;process&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;env&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;LEMONCAKE_SELLER_KEY&lt;/span&gt; &lt;span class="p"&gt;});&lt;/span&gt;

&lt;span class="nx"&gt;server&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;tool&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;
  &lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;my_paid_tool&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
  &lt;span class="p"&gt;{&lt;/span&gt; &lt;span class="na"&gt;query&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;string&lt;/span&gt;&lt;span class="p"&gt;()&lt;/span&gt; &lt;span class="p"&gt;},&lt;/span&gt;
  &lt;span class="c1"&gt;// Wrap your handler with lc.charge()&lt;/span&gt;
  &lt;span class="nx"&gt;lc&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;charge&lt;/span&gt;&lt;span class="p"&gt;({&lt;/span&gt; &lt;span class="na"&gt;price&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="mf"&gt;0.05&lt;/span&gt; &lt;span class="p"&gt;})(&lt;/span&gt;&lt;span class="k"&gt;async &lt;/span&gt;&lt;span class="p"&gt;({&lt;/span&gt; &lt;span class="nx"&gt;query&lt;/span&gt; &lt;span class="p"&gt;})&lt;/span&gt; &lt;span class="o"&gt;=&amp;gt;&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
    &lt;span class="kd"&gt;const&lt;/span&gt; &lt;span class="nx"&gt;result&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="k"&gt;await&lt;/span&gt; &lt;span class="nf"&gt;doExpensiveOperation&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nx"&gt;query&lt;/span&gt;&lt;span class="p"&gt;);&lt;/span&gt;
    &lt;span class="k"&gt;return&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt; &lt;span class="na"&gt;content&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="p"&gt;[{&lt;/span&gt; &lt;span class="na"&gt;type&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;text&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt; &lt;span class="na"&gt;text&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;result&lt;/span&gt; &lt;span class="p"&gt;}]&lt;/span&gt; &lt;span class="p"&gt;};&lt;/span&gt;
  &lt;span class="p"&gt;})&lt;/span&gt;
&lt;span class="p"&gt;);&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Demo Mode&lt;/strong&gt;: if &lt;code&gt;LEMONCAKE_SELLER_KEY&lt;/code&gt; is absent, &lt;code&gt;lc.charge()&lt;/code&gt; is a no-op. Your tool runs, charges are logged to stderr, no real billing. Safe for local dev.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Live Mode&lt;/strong&gt;: set &lt;code&gt;LEMONCAKE_SELLER_KEY&lt;/code&gt; in your server env. Every successful tool call deducts from the caller's Pay Token balance and returns a receipt.&lt;/p&gt;




&lt;h2&gt;
  
  
  The Full Flow for a Paid Tool Call
&lt;/h2&gt;

&lt;p&gt;What actually happens when an agent calls a billed tool:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;strong&gt;Agent calls tool&lt;/strong&gt; → MCP client injects &lt;code&gt;LEMONCAKE_PAY_TOKEN&lt;/code&gt; from its env&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;SDK validates token&lt;/strong&gt; → checks signature, expiry, remaining balance&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Handler executes&lt;/strong&gt; → your actual logic runs&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;SDK charges token&lt;/strong&gt; → atomic debit from Pay Token balance&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Receipt returned&lt;/strong&gt; → &lt;code&gt;x402Receipt&lt;/code&gt; appended to tool result&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Agent gets result + receipt&lt;/strong&gt; → can log, display, or ignore&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;If the token is expired, exhausted, or revoked at step 2, the tool returns a structured error — the agent never calls your downstream API.&lt;/p&gt;




&lt;h2&gt;
  
  
  Real MCPs Using This Pattern
&lt;/h2&gt;

&lt;p&gt;I've shipped several MCP servers using this model:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;&lt;a href="https://www.npmjs.com/package/agent-payment-mcp" rel="noopener noreferrer"&gt;agent-payment-mcp&lt;/a&gt;&lt;/strong&gt; — pays for calls to 10+ APIs (Serper, Hunter, Jina, Firecrawl, Slack). Free demo mode, no signup.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;&lt;a href="https://www.npmjs.com/package/alpaca-guard-mcp" rel="noopener noreferrer"&gt;alpaca-guard-mcp&lt;/a&gt;&lt;/strong&gt; — wraps Alpaca trading API with a hard daily USD cap. Paper trading default.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;&lt;a href="https://www.npmjs.com/package/polymarket-guard-mcp" rel="noopener noreferrer"&gt;polymarket-guard-mcp&lt;/a&gt;&lt;/strong&gt; — Polymarket prediction markets with USDC billing. Read-only free.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;&lt;a href="https://www.npmjs.com/package/xstocks-mcp" rel="noopener noreferrer"&gt;xstocks-mcp&lt;/a&gt;&lt;/strong&gt; — tokenized US stocks on Solana via Jupiter DEX. $0.10/trade.&lt;/p&gt;

&lt;p&gt;All use the same pattern: free read tools, charged write tools, spend caps enforced before any destructive operation.&lt;/p&gt;




&lt;h2&gt;
  
  
  The x402 Connection
&lt;/h2&gt;

&lt;p&gt;If you've been following the &lt;a href="https://www.x402.org/" rel="noopener noreferrer"&gt;x402 protocol&lt;/a&gt; — HTTP-native machine payments — this is the same idea applied to MCP.&lt;/p&gt;

&lt;p&gt;&lt;code&gt;agent-payment-mcp&lt;/code&gt; speaks x402: every successful charge returns an &lt;code&gt;x402Receipt&lt;/code&gt;, and upstream 402 challenges from APIs are parsed and handled automatically. Agent code written for on-chain x402 works unmodified.&lt;/p&gt;

&lt;p&gt;The eventual goal is for the cap ledger to live on a server-side API rather than a local file — same daily cap mechanic, but shared across MCP clients and auditable. That's the Phase B roadmap item.&lt;/p&gt;




&lt;h2&gt;
  
  
  Getting Started
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;As a user&lt;/strong&gt; (call billed tools):&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Sign up at &lt;a href="https://lemoncake.xyz" rel="noopener noreferrer"&gt;lemoncake.xyz&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;Top up $5+ USDC&lt;/li&gt;
&lt;li&gt;Copy your Buyer JWT&lt;/li&gt;
&lt;li&gt;Add &lt;code&gt;LEMON_CAKE_BUYER_JWT&lt;/code&gt; to any of the MCPs above&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;As a developer&lt;/strong&gt; (add billing to your MCP server):&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;&lt;code&gt;npm install @lemon-cake/mcp-sdk&lt;/code&gt;&lt;/li&gt;
&lt;li&gt;Wrap handlers with &lt;code&gt;lc.charge({ price: 0.01 })(handler)&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;Apply to &lt;a href="https://lemoncake.xyz" rel="noopener noreferrer"&gt;lemoncake.xyz&lt;/a&gt; to list in the marketplace&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Demo mode works immediately with no signup. You can ship a billed tool today and test the full flow before going live.&lt;/p&gt;




&lt;p&gt;&lt;em&gt;Questions? Drop them below or find me at &lt;a href="https://twitter.com/evidai" rel="noopener noreferrer"&gt;@evidai&lt;/a&gt;. The spec for the Pay Token format and x402 compatibility is in the &lt;a href="https://github.com/evidai/agent-payment-mcp" rel="noopener noreferrer"&gt;agent-payment-mcp README&lt;/a&gt;.&lt;/em&gt;&lt;/p&gt;




&lt;p&gt;&lt;strong&gt;Tags:&lt;/strong&gt; mcp, ai, agents, payments, usdc, claude, typescript&lt;/p&gt;

</description>
      <category>ai</category>
      <category>cryptocurrency</category>
      <category>mcp</category>
      <category>tutorial</category>
    </item>
  </channel>
</rss>
