@agentwonderland/mcp 0.1.24 → 0.1.25

package/dist/tools/run.js

@@ -5,9 +5,10 @@ import { formatCreditPackOffer, getActiveCreditPack, getCreditPackInventory, get
 import { getCompatiblePaymentMethods, getConfiguredMethods, hasWalletConfigured, getWalletAddress, normalizePaymentMethod, } from "../core/payments.js";
 import { requiresSpendConfirmation, getDefaultTipAmount } from "../core/config.js";
 import { formatRunResult } from "../core/formatters.js";
+import { canSpend, recordSpend, requiresPolicyConfirmation } from "../core/spend-policy.js";
 import { storeFeedbackToken } from "./_token-cache.js";
 import { getOrCreatePendingCardSetup, formatCardSetupBlocks } from "../core/card-setup.js";
-import { formatPaymentChoicePrompt, formatPaymentLabel, formatRunConfirmationCommand, resolveConfirmationMethod, } from "./_payment-confirmation.js";
+import { formatPaymentLabel, formatRunConfirmationCommand, resolveConfirmationMethod, } from "./_payment-confirmation.js";
 const POLL_INTERVAL_MS = 3000;
 const POLL_MAX_MS = 120000;
 async function pollJobUntilDone(jobId) {
@@ -60,7 +61,7 @@ export function registerRunTools(server) {
     server.tool("run_agent", "Run an AI agent from the marketplace. Pays automatically via configured wallet. Returns the agent's output, cost, and job ID for tracking. If spending confirmation is enabled, first call returns a price quote — call again with confirmed: true to execute. Local file paths in the input (e.g. /Users/.../photo.jpg) are automatically uploaded to temporary storage and replaced with download URLs before execution.", {
         agent_id: z.string().describe("Agent ID (UUID, slug, or name)"),
         input: z.record(z.unknown()).describe("Input payload for the agent"),
-        pay_with: z.string().optional().describe("Payment method — wallet ID, chain name (tempo, base, etc.), or 'card'. Auto-detected if omitted."),
+        pay_with: z.string().trim().min(1).describe("Required payment method — wallet ID, chain name (tempo, base, etc.), or 'card'. Use wallet_status to see configured options."),
         confirmed: z.boolean().optional().describe("Set to true to confirm spending after seeing the price quote."),
     }, async ({ agent_id, input, pay_with, confirmed }) => {
         if (!hasWalletConfigured()) {
@@ -81,37 +82,36 @@ export function registerRunTools(server) {
         catch {
             return text(`Agent "${agent_id}" not found. Use search_agents to find available agents.`);
         }
-        const price = parseFloat(agent.pricePer1kTokens ?? "0.01");
+        const price = parseFloat(agent.pricePerRunUsd ?? "0.01");
         const agentName = agent.name ?? agent_id;
         const creditPackInventory = await getCreditPackInventory(agent.id);
         const activeCreditPack = getActiveCreditPack(creditPackInventory);
-        const configuredMethods = getConfiguredMethods();
-        const compatibleMethods = getCompatiblePaymentMethods(agent, configuredMethods);
+        const compatibleMethods = getCompatiblePaymentMethods(agent, getConfiguredMethods());
         const pending = pendingRuns.get(agent.id);
-        const requestedMethod = pay_with ?? pending?.method;
-        const normalizedRequestedMethod = requestedMethod ? normalizePaymentMethod(requestedMethod) : null;
-        if (!activeCreditPack && requestedMethod && !normalizedRequestedMethod) {
+        const requestedMethod = pay_with;
+        const normalizedRequestedMethod = normalizePaymentMethod(requestedMethod);
+        if (!normalizedRequestedMethod) {
             return text(`Payment method "${requestedMethod}" is not configured.\n\n` +
                 "Use wallet_status to review your current payment methods.");
         }
-        if (!activeCreditPack && normalizedRequestedMethod && !compatibleMethods.includes(normalizedRequestedMethod)) {
+        if (!compatibleMethods.includes(normalizedRequestedMethod)) {
             return text(`This agent cannot be paid with "${requestedMethod}".\n\n` +
                 `Available payment methods for this agent: ${compatibleMethods.join(", ") || "none"}.\n` +
                 "Use get_agent to inspect the agent details or choose another payment method.");
         }
-        if (!activeCreditPack && !requestedMethod && compatibleMethods.length === 0) {
-            return text(`No compatible payment methods are configured for ${agentName}.\n\n` +
-                `Your configured methods: ${configuredMethods.join(", ") || "none"}\n` +
-                `Agent accepts: ${agent.payment?.accepted_payments?.join(", ") || "unknown"}\n` +
-                "Use wallet_status to review your current setup.");
-        }
-        if (!activeCreditPack && !requestedMethod && compatibleMethods.length > 1) {
-            return text(formatPaymentChoicePrompt(agentName, compatibleMethods, compatibleMethods.map((method) => formatRunConfirmationCommand(agent.id, method).replace(", confirmed: true", ""))));
+        const method = resolveConfirmationMethod(pay_with, pending?.method, compatibleMethods);
+        const spendCheckMethod = method ?? normalizedRequestedMethod;
+        if (!activeCreditPack) {
+            const spendCheck = canSpend({
+                method: spendCheckMethod,
+                amountUsd: price,
+            });
+            if (!spendCheck.ok) {
+                return text(spendCheck.message);
+            }
         }
-        const method = activeCreditPack
-            ? undefined
-            : resolveConfirmationMethod(pay_with, pending?.method, compatibleMethods);
-        if (!activeCreditPack && requiresSpendConfirmation() && !confirmed) {
+        const needsPolicyConfirmation = !activeCreditPack && requiresPolicyConfirmation(spendCheckMethod, price);
+        if (!activeCreditPack && (requiresSpendConfirmation() || needsPolicyConfirmation) && !confirmed) {
             pendingRuns.set(agent.id, {
                 agent: { id: agent.id, name: agentName, price },
                 input,
@@ -146,17 +146,29 @@ export function registerRunTools(server) {
             return text(`Error: ${msg}`);
         }
         let result;
+        let usedPaidMethod = !activeCreditPack;
         try {
-            result = activeCreditPack
-                ? await apiPost(`/agents/${agent.id}/run`, { input: processedInput }, { ensureConsumerPrincipal: true })
-                : await apiPostWithPayment(`/agents/${agent.id}/run`, { input: processedInput }, method);
+            if (activeCreditPack) {
+                try {
+                    result = await apiPost(`/agents/${agent.id}/run`, { input: processedInput }, { ensureConsumerPrincipal: true });
+                }
+                catch (packErr) {
+                    const packApiErr = packErr;
+                    if (packApiErr?.status !== 402)
+                        throw packErr;
+                    result = await apiPostWithPayment(`/agents/${agent.id}/run`, { input: processedInput }, method);
+                    usedPaidMethod = true;
+                }
+            }
+            else {
+                result = await apiPostWithPayment(`/agents/${agent.id}/run`, { input: processedInput }, method);
+            }
+            if (usedPaidMethod) {
+                recordSpend(spendCheckMethod, price);
+            }
         }
         catch (err) {
             const apiErr = err;
-            if (activeCreditPack && apiErr?.status === 402) {
-                return text(`Your available credit packs for ${agentName} could not cover this run.\n\n` +
-                    "Use list_agent_credit_packs to inspect your balances, or retry with a payment method.");
-            }
             if (apiErr?.status === 402) {
                 const allMethods = getConfiguredMethods();
                 const methodName = method ?? allMethods[0] ?? "auto";

package/dist/tools/solve.js

@@ -4,9 +4,10 @@ import { getOrCreatePendingCardSetup, formatCardSetupBlocks } from "../core/card
 import { getCompatiblePaymentMethods, hasWalletConfigured, getConfiguredMethods, getAcceptedPaymentMethods, getWalletAddress, normalizePaymentMethod, toRegistryPaymentMethod, } from "../core/payments.js";
 import { requiresSpendConfirmation, getDefaultTipAmount } from "../core/config.js";
 import { agentList, formatRunResult } from "../core/formatters.js";
+import { canSpend, recordSpend, requiresPolicyConfirmation } from "../core/spend-policy.js";
 import { uploadLocalFiles } from "../core/file-upload.js";
 import { storeFeedbackToken } from "./_token-cache.js";
-import { formatPaymentChoicePrompt, formatPaymentLabel, formatSolveConfirmationCommand, makeSolvePendingKey, resolveConfirmationMethod, } from "./_payment-confirmation.js";
+import { formatPaymentLabel, formatSolveConfirmationCommand, makeSolvePendingKey, resolveConfirmationMethod, } from "./_payment-confirmation.js";
 import { getActiveCreditPack, getCreditPackInventory, getCreditPackProgram } from "../core/passes.js";
 const POLL_INTERVAL_MS = 3000;
 const POLL_MAX_MS = 120000;
@@ -103,8 +104,9 @@ export function registerSolveTools(server) {
             .describe("Maximum budget in USD"),
         pay_with: z
             .string()
-            .optional()
-            .describe("Payment method — wallet ID, chain name (tempo, base, etc.), or 'card'. Auto-detected if omitted."),
+            .trim()
+            .min(1)
+            .describe("Required payment method — wallet ID, chain name (tempo, base, etc.), or 'card'. Use wallet_status to see configured options."),
         confirmed: z
             .boolean()
             .optional()
@@ -124,9 +126,9 @@ export function registerSolveTools(server) {
         const pendingKey = makeSolvePendingKey(intent, input, budget);
         const pending = pendingSolves.get(pendingKey);
         const configuredMethods = getConfiguredMethods();
-        const requestedMethod = pay_with ?? pending?.method;
-        const normalizedRequestedMethod = requestedMethod ? normalizePaymentMethod(requestedMethod) : null;
-        if (requestedMethod && !normalizedRequestedMethod) {
+        const requestedMethod = pay_with;
+        const normalizedRequestedMethod = normalizePaymentMethod(requestedMethod);
+        if (!normalizedRequestedMethod) {
             return text(`Payment method "${requestedMethod}" is not configured.\n\n` +
                 "Use wallet_status to review your current payment methods.");
         }
@@ -175,41 +177,24 @@ export function registerSolveTools(server) {
             return text(`No agents found matching "${intent}".`);
         }
         const discovery = agentList(agents, intent);
-        const inputTokens = Math.ceil(JSON.stringify(input).length / 4);
         const affordable = agents.filter((agent) => {
-            const price = parseFloat(agent.pricePer1kTokens ?? "0.01");
-            const cost = agent.pricingModel === "fixed" ? price : (inputTokens / 1000) * price;
-            return cost <= budget;
+            const price = parseFloat(agent.pricePerRunUsd ?? "0.01");
+            return price <= budget;
         });
         const selected = affordable[0] ?? agents[0];
         const activeCreditPack = await getCreditPackInventory(selected.id).then(getActiveCreditPack);
         const compatibleMethods = getCompatiblePaymentMethods(selected, configuredMethods);
-        if (!activeCreditPack && normalizedRequestedMethod && !compatibleMethods.includes(normalizedRequestedMethod)) {
+        if (!compatibleMethods.includes(normalizedRequestedMethod)) {
             return text(`The best matching agent cannot be paid with "${requestedMethod}".\n\n` +
                 `Available payment methods for ${selected.name}: ${compatibleMethods.join(", ") || "none"}.\n` +
                 "Choose another payment method or refine your search.");
         }
-        if (!activeCreditPack && !requestedMethod && compatibleMethods.length === 0) {
-            return text(`No compatible payment methods are configured for ${selected.name}.\n\n` +
-                `Your configured methods: ${configuredMethods.join(", ") || "none"}\n` +
-                `Agent accepts: ${selected.payment?.accepted_payments?.join(", ") || "unknown"}\n` +
-                "Use wallet_status to review your current setup.");
-        }
-        if (!activeCreditPack && !requestedMethod && compatibleMethods.length > 1) {
-            return text([
-                discovery,
-                "",
-                formatPaymentChoicePrompt(selected.name ?? selected.id, compatibleMethods, compatibleMethods.map((method) => formatSolveConfirmationCommand(intent, budget, method).replace(", confirmed: true", ""))),
-            ].join("\n"));
-        }
-        const method = activeCreditPack
-            ? undefined
-            : resolveConfirmationMethod(pay_with, pending?.method, compatibleMethods);
-        const selectedPrice = parseFloat(selected.pricePer1kTokens ?? "0.01");
-        const estimatedCost = selected.pricingModel === "fixed"
-            ? selectedPrice
-            : (inputTokens / 1000) * selectedPrice;
-        if (!activeCreditPack && requiresSpendConfirmation() && !confirmed) {
+        const method = resolveConfirmationMethod(pay_with, pending?.method, compatibleMethods);
+        const spendCheckMethod = method ?? normalizedRequestedMethod;
+        const selectedPrice = parseFloat(selected.pricePerRunUsd ?? "0.01");
+        const estimatedCost = selectedPrice;
+        const needsPolicyConfirmation = !activeCreditPack && requiresPolicyConfirmation(spendCheckMethod, estimatedCost);
+        if (!activeCreditPack && (requiresSpendConfirmation() || needsPolicyConfirmation) && !confirmed) {
             pendingSolves.set(pendingKey, { method });
             return text([
                 discovery,
@@ -229,17 +214,38 @@ export function registerSolveTools(server) {
             ].join("\n"));
         }
         let result;
+        if (!activeCreditPack) {
+            const spendCheck = canSpend({
+                method: spendCheckMethod,
+                amountUsd: estimatedCost,
+            });
+            if (!spendCheck.ok) {
+                return text(spendCheck.message);
+            }
+        }
         try {
-            result = activeCreditPack
-                ? await apiPost(`/agents/${selected.id}/run`, { input: processedInput }, { ensureConsumerPrincipal: true })
-                : await apiPostWithPayment(`/agents/${selected.id}/run`, { input: processedInput }, method);
+            let usedPaidMethod = !activeCreditPack;
+            if (activeCreditPack) {
+                try {
+                    result = await apiPost(`/agents/${selected.id}/run`, { input: processedInput }, { ensureConsumerPrincipal: true });
+                }
+                catch (packErr) {
+                    const packApiErr = packErr;
+                    if (packApiErr?.status !== 402)
+                        throw packErr;
+                    result = await apiPostWithPayment(`/agents/${selected.id}/run`, { input: processedInput }, method);
+                    usedPaidMethod = true;
+                }
+            }
+            else {
+                result = await apiPostWithPayment(`/agents/${selected.id}/run`, { input: processedInput }, method);
+            }
+            if (usedPaidMethod) {
+                recordSpend(spendCheckMethod, estimatedCost);
+            }
         }
         catch (err) {
             const apiErr = err;
-            if (activeCreditPack && apiErr?.status === 402) {
-                return text(`Your available credit packs for ${selected.name} could not cover this run.\n\n` +
-                    "Use list_agent_credit_packs to inspect your balances, or retry with a payment method.");
-            }
             if (apiErr?.status === 402) {
                 return text([
                     "Payment failed — your wallet may not have enough funds or the selected method was rejected.",

package/dist/tools/wallet.js

@@ -1,5 +1,5 @@
 import { z } from "zod";
-import { getWallets, getCardConfig, setCardConfig, addWallet, getPendingCardSetupToken, } from "../core/config.js";
+import { getWallets, getCardConfig, setCardConfig, addWallet, getPendingCardSetupToken, getSpendPolicy, setSpendPolicy, } from "../core/config.js";
 import { getWalletAddress } from "../core/payments.js";
 import { getOrCreatePendingCardSetup, formatCardSetupBlocks, getCardCapabilities, pollCardSetup, } from "../core/card-setup.js";
 import { isOwsAvailable, createOwsWallet, importKeyToOws, listOwsWallets, listOwsWalletsByChain, } from "../core/ows-adapter.js";
@@ -269,26 +269,42 @@ export function registerWalletTools(server) {
             .positive()
             .optional()
             .describe("Maximum USD per day across all transactions"),
-    }, async ({ wallet_id, max_per_tx, max_per_day }) => {
+        require_confirmation_above: z
+            .number()
+            .positive()
+            .optional()
+            .describe("Require manual confirmation above this USD amount even when auto-spend is enabled"),
+    }, async ({ wallet_id, max_per_tx, max_per_day, require_confirmation_above }) => {
         const wallets = getWallets();
         const wallet = wallets.find((w) => w.id === wallet_id);
         if (!wallet) {
             const available = wallets.map((w) => w.id).join(", ") || "none";
             return text(`Wallet "${wallet_id}" not found. Available wallets: ${available}`);
         }
-        if (max_per_tx == null && max_per_day == null) {
-            return text("No policy changes specified. Provide max_per_tx and/or max_per_day.");
+        if (max_per_tx == null &&
+            max_per_day == null &&
+            require_confirmation_above == null) {
+            return text("No policy changes specified. Provide at least one policy field.");
         }
+        const existing = getSpendPolicy(wallet_id) ?? {};
+        const nextPolicy = {
+            ...existing,
+            ...(max_per_tx != null ? { maxPerTxUsd: max_per_tx } : {}),
+            ...(max_per_day != null ? { maxPerDayUsd: max_per_day } : {}),
+            ...(require_confirmation_above != null ? { requireConfirmationAboveUsd: require_confirmation_above } : {}),
+        };
+        setSpendPolicy(wallet_id, nextPolicy);
         // Build policy summary
         const policies = [];
-        if (max_per_tx != null) {
-            policies.push(`Max per transaction: $${max_per_tx.toFixed(2)}`);
+        if (nextPolicy.maxPerTxUsd != null) {
+            policies.push(`Max per transaction: $${nextPolicy.maxPerTxUsd.toFixed(2)}`);
+        }
+        if (nextPolicy.maxPerDayUsd != null) {
+            policies.push(`Max per day: $${nextPolicy.maxPerDayUsd.toFixed(2)}`);
         }
-        if (max_per_day != null) {
-            policies.push(`Max per day: $${max_per_day.toFixed(2)}`);
+        if (nextPolicy.requireConfirmationAboveUsd != null) {
+            policies.push(`Require confirmation above: $${nextPolicy.requireConfirmationAboveUsd.toFixed(2)}`);
         }
-        // Note: actual persistence depends on the config module supporting policy fields.
-        // For now, we report what would be set. The core/config module will handle storage.
         return text([
             `Spending policy set for wallet "${wallet_id}":`,
             ...policies.map((p) => `  ${p}`),

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agentwonderland/mcp",
-  "version": "0.1.24",
+  "version": "0.1.25",
   "type": "module",
   "description": "MCP server for the Agent Wonderland AI agent marketplace",
   "bin": {

package/src/core/__tests__/amount-utils.test.ts

@@ -0,0 +1,13 @@
+import { describe, expect, it } from "vitest";
+import { toAtomicAmount } from "../amount-utils.js";
+
+describe("toAtomicAmount", () => {
+  it("converts decimal USDC challenge amounts into atomic units", () => {
+    expect(toAtomicAmount("0.020000")).toBe(20000n);
+    expect(toAtomicAmount("1.000000")).toBe(1000000n);
+  });
+
+  it("supports different decimal precisions", () => {
+    expect(toAtomicAmount("0.50", 2)).toBe(50n);
+  });
+});

package/src/core/__tests__/payments.test.ts

@@ -1,5 +1,7 @@
 import { beforeEach, describe, expect, it, vi } from "vitest";
 
+const TEST_KEY = "1111111111111111111111111111111111111111111111111111111111111111";
+
 let currentCard = {
   consumerToken: "consumer_one",
   paymentMethodId: "pm_one",
@@ -7,17 +9,23 @@ let currentCard = {
   brand: "visa",
 };
 
-const createdFetches = [vi.fn(), vi.fn(), vi.fn()];
+let currentDefaultWallet: any;
+let currentWallets: any[] = [];
+let currentResolvedMethod: { wallet: any; chain: string } | null = null;
+
+const createdFetches = [vi.fn(), vi.fn(), vi.fn(), vi.fn()];
 const mockMppxCreate = vi.fn();
 const mockStripe = vi.fn((opts: unknown) => opts);
+const mockTempo = vi.fn((..._args: unknown[]) => "tempo_method");
+const mockBaseChargeClient = vi.fn((..._args: unknown[]) => "base_method");
 
 vi.mock("../config.js", () => ({
   getApiUrl: () => "http://api.test",
   getCardConfig: () => currentCard,
   getConfig: () => ({ defaultPaymentMethod: "card" }),
-  getDefaultWallet: () => undefined,
-  getWallets: () => [],
-  resolveWalletAndChain: () => null,
+  getDefaultWallet: () => currentDefaultWallet,
+  getWallets: () => currentWallets,
+  resolveWalletAndChain: () => currentResolvedMethod,
 }));
 
 vi.mock("mppx/client", () => ({
@@ -25,21 +33,31 @@ vi.mock("mppx/client", () => ({
     create: (config: unknown) => mockMppxCreate(config),
   },
   stripe: (config: unknown) => mockStripe(config),
+  tempo: (config: unknown) => mockTempo(config),
+}));
+
+vi.mock("../base-charge.js", () => ({
+  baseChargeClient: (config: unknown) => mockBaseChargeClient(config),
 }));
 
-describe("card payment fetch cache", () => {
+describe("payment method initialization", () => {
   beforeEach(() => {
     vi.clearAllMocks();
+    vi.resetModules();
     currentCard = {
       consumerToken: "consumer_one",
       paymentMethodId: "pm_one",
       last4: "1111",
       brand: "visa",
     };
+    currentDefaultWallet = undefined;
+    currentWallets = [];
+    currentResolvedMethod = null;
     mockMppxCreate
       .mockReturnValueOnce({ fetch: createdFetches[0] })
       .mockReturnValueOnce({ fetch: createdFetches[1] })
-      .mockReturnValueOnce({ fetch: createdFetches[2] });
+      .mockReturnValueOnce({ fetch: createdFetches[2] })
+      .mockReturnValueOnce({ fetch: createdFetches[3] });
   });
 
   it("rebuilds the cached card fetch when the card config changes", async () => {
@@ -57,4 +75,48 @@ describe("card payment fetch cache", () => {
     expect(firstFetch).not.toBe(secondFetch);
     expect(mockMppxCreate).toHaveBeenCalledTimes(2);
   });
+
+  it("initializes only the Base method when base is requested", async () => {
+    const wallet = {
+      id: "aw-main",
+      keyType: "raw",
+      key: TEST_KEY,
+      chains: ["tempo", "base"],
+      defaultChain: "base",
+    };
+    currentDefaultWallet = wallet;
+    currentWallets = [wallet];
+    currentResolvedMethod = { wallet, chain: "base" };
+
+    const { getPaymentFetch } = await import("../payments.js");
+    await getPaymentFetch("base");
+
+    expect(mockBaseChargeClient).toHaveBeenCalledTimes(1);
+    expect(mockTempo).not.toHaveBeenCalled();
+    expect(mockMppxCreate).toHaveBeenCalledWith(
+      expect.objectContaining({ methods: ["base_method"] }),
+    );
+  });
+
+  it("initializes only the Tempo method when tempo is requested", async () => {
+    const wallet = {
+      id: "aw-main",
+      keyType: "raw",
+      key: TEST_KEY,
+      chains: ["tempo", "base"],
+      defaultChain: "tempo",
+    };
+    currentDefaultWallet = wallet;
+    currentWallets = [wallet];
+    currentResolvedMethod = { wallet, chain: "tempo" };
+
+    const { getPaymentFetch } = await import("../payments.js");
+    await getPaymentFetch("tempo");
+
+    expect(mockTempo).toHaveBeenCalledTimes(1);
+    expect(mockBaseChargeClient).not.toHaveBeenCalled();
+    expect(mockMppxCreate).toHaveBeenCalledWith(
+      expect.objectContaining({ methods: ["tempo_method"] }),
+    );
+  });
 });

package/src/core/__tests__/spend-policy.test.ts

@@ -0,0 +1,58 @@
+import { beforeEach, describe, expect, it, vi } from "vitest";
+
+const state = {
+  policies: {} as Record<string, {
+    maxPerTxUsd?: number;
+    maxPerDayUsd?: number;
+    requireConfirmationAboveUsd?: number;
+  }>,
+  ledger: [] as Array<{ method: string; amountUsd: number; day: string; timestamp: string }>,
+};
+
+vi.mock("../config.js", () => ({
+  getSpendPolicy: (method: string) => state.policies[method] ?? null,
+  getSpendLedger: () => state.ledger,
+  saveSpendLedger: (entries: Array<{ method: string; amountUsd: number; day: string; timestamp: string }>) => {
+    state.ledger = entries;
+  },
+}));
+
+import {
+  canSpend,
+  getDailySpend,
+  recordSpend,
+  requiresPolicyConfirmation,
+} from "../spend-policy.js";
+
+describe("spend-policy", () => {
+  beforeEach(() => {
+    state.policies = {};
+    state.ledger = [];
+  });
+
+  it("allows spend when no policy is set", () => {
+    expect(canSpend({ method: "wallet-1", amountUsd: 5 })).toEqual({ ok: true });
+  });
+
+  it("blocks spends above max_per_tx", () => {
+    state.policies["wallet-1"] = { maxPerTxUsd: 2 };
+    const result = canSpend({ method: "wallet-1", amountUsd: 3 });
+    expect(result.ok).toBe(false);
+  });
+
+  it("tracks daily spend totals per method", () => {
+    const now = new Date("2026-04-08T12:00:00.000Z");
+    recordSpend("wallet-1", 1.25, now);
+    recordSpend("wallet-1", 0.75, now);
+    recordSpend("wallet-2", 10, now);
+
+    expect(getDailySpend("wallet-1", now)).toBeCloseTo(2);
+    expect(getDailySpend("wallet-2", now)).toBeCloseTo(10);
+  });
+
+  it("requires explicit confirmation above configured threshold", () => {
+    state.policies["wallet-1"] = { requireConfirmationAboveUsd: 2 };
+    expect(requiresPolicyConfirmation("wallet-1", 1.99)).toBe(false);
+    expect(requiresPolicyConfirmation("wallet-1", 2)).toBe(true);
+  });
+});

package/src/core/amount-utils.ts

@@ -0,0 +1,5 @@
+import { parseUnits } from "viem";
+
+export function toAtomicAmount(amount: string, decimals = 6): bigint {
+  return parseUnits(amount, decimals);
+}

package/src/core/base-charge.ts

@@ -6,6 +6,7 @@
  */
 import { Method, Credential, z } from "mppx";
 import type { LocalAccount } from "viem/accounts";
+import { toAtomicAmount } from "./amount-utils.js";
 
 // Base USDC (Circle native)
 const BASE_USDC = "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913" as const;
@@ -63,12 +64,12 @@ export function baseChargeClient(config: BaseChargeClientConfig) {
   return Method.toClient(baseChargeMethod as any, {
     async createCredential({ challenge }: any) {
       const { request } = challenge;
-      const amount = BigInt(request.amount);
+      const amount = toAtomicAmount(request.amount, request.decimals ?? 6);
       const recipient = request.recipient as `0x${string}`;
       const currency = (request.currency ?? BASE_USDC) as `0x${string}`;
 
       // Dynamic imports to keep the module lightweight
-      const { createWalletClient, createPublicClient, http, encodeFunctionData } = await import("viem");
+      const { createWalletClient, createPublicClient, http } = await import("viem");
       const { base } = await import("viem/chains");
 
       const rpcUrl = config.rpcUrl ?? "https://mainnet.base.org";

package/src/core/config.ts

@@ -21,6 +21,19 @@ export interface CardConfig {
   brand: string;
 }
 
+export interface SpendPolicy {
+  maxPerTxUsd?: number;
+  maxPerDayUsd?: number;
+  requireConfirmationAboveUsd?: number;
+}
+
+export interface SpendLedgerEntry {
+  method: string;
+  amountUsd: number;
+  day: string;
+  timestamp: string;
+}
+
 export interface Config {
   apiUrl: string;
   apiKey: string | null;
@@ -35,6 +48,10 @@ export interface Config {
   confirmBeforeSpend: boolean;
   /** Auto-tip amount in USD for successful runs. Default: 0 (no auto-tip). */
   defaultTipAmount: number;
+  /** Optional per-method spend policies enforced client-side by MCP tools. */
+  spendPolicies?: Record<string, SpendPolicy>;
+  /** Daily spend ledger used to enforce max-per-day limits. */
+  spendLedger?: SpendLedgerEntry[];
 }
 
 /** All supported chain identifiers. */
@@ -82,6 +99,8 @@ interface LegacyConfig {
   defaultWallet?: string | null;
   card?: CardConfig | null;
   pendingCardSetupToken?: string | null;
+  spendPolicies?: Record<string, SpendPolicy>;
+  spendLedger?: SpendLedgerEntry[];
 }
 
 /**
@@ -104,6 +123,8 @@ function migrateIfNeeded(raw: LegacyConfig): Config {
       favorites: r.favorites as string[] ?? [],
       confirmBeforeSpend: r.confirmBeforeSpend !== false,
       defaultTipAmount: typeof r.defaultTipAmount === "number" ? r.defaultTipAmount : 0,
+      spendPolicies: r.spendPolicies as Record<string, SpendPolicy> | undefined,
+      spendLedger: r.spendLedger as SpendLedgerEntry[] | undefined,
     };
   }
 
@@ -178,6 +199,8 @@ function migrateIfNeeded(raw: LegacyConfig): Config {
     favorites: [],
     confirmBeforeSpend: true,
     defaultTipAmount: 0,
+    spendPolicies: {},
+    spendLedger: [],
   };
 
   // Write migrated config (only if there was something to migrate)
@@ -203,6 +226,8 @@ export function getConfig(): Config {
     favorites: [],
     confirmBeforeSpend: true,
     defaultTipAmount: 0,
+    spendPolicies: {},
+    spendLedger: [],
   };
 
   if (!existsSync(CONFIG_FILE)) {
@@ -249,6 +274,26 @@ export function getDefaultTipAmount(): number {
   return getConfig().defaultTipAmount;
 }
 
+export function getSpendPolicy(method: string): SpendPolicy | null {
+  const policies = getConfig().spendPolicies ?? {};
+  return policies[method] ?? null;
+}
+
+export function setSpendPolicy(method: string, policy: SpendPolicy): void {
+  const config = getConfig();
+  const policies = config.spendPolicies ?? {};
+  policies[method] = policy;
+  saveConfig({ spendPolicies: policies });
+}
+
+export function getSpendLedger(): SpendLedgerEntry[] {
+  return getConfig().spendLedger ?? [];
+}
+
+export function saveSpendLedger(entries: SpendLedgerEntry[]): void {
+  saveConfig({ spendLedger: entries });
+}
+
 // ── Wallet helpers ─────────────────────────────────────────────────
 
 /**