@agentwonderland/mcp 0.1.24 → 0.1.26

package/dist/tools/observability.js

@@ -0,0 +1,20 @@
+import { apiPost } from "../core/api-client.js";
+function text(t) {
+    return { content: [{ type: "text", text: t }] };
+}
+export function registerObservabilityTools(server) {
+    server.tool("open_observability_dashboard", "Generate a secure one-click sign-in URL for the Agent Wonderland web observability dashboard. The dashboard shows your agent runs, spend, rebates, and recent activity.", {}, async () => {
+        const result = await apiPost("/observability/link", {}, { ensureConsumerPrincipal: true });
+        const lines = [
+            "Your secure observability link is ready:",
+            result.url,
+            "",
+            `Expires: ${result.expires_at}`,
+        ];
+        if (result.consumer_principal) {
+            lines.push(`Consumer principal: ${result.consumer_principal}`);
+        }
+        lines.push("", "Open the link in your browser to view usage metrics, spend, rebates, and recent runs.");
+        return text(lines.join("\n"));
+    });
+}

package/dist/tools/passes.js

@@ -1,9 +1,9 @@
 import { z } from "zod";
 import { apiGet, apiPostWithPayment } from "../core/api-client.js";
-import { formatCreditPack, formatCreditPackOffer, getCreditPackProgram, } from "../core/passes.js";
+import { formatCreditPack, formatCreditPackOffer, getCreditPackInventory, getCreditPackProgram, } from "../core/passes.js";
 import { getCompatiblePaymentMethods, getConfiguredMethods, hasWalletConfigured, normalizePaymentMethod, } from "../core/payments.js";
 import { requiresSpendConfirmation } from "../core/config.js";
-import { ensureConsumerPrincipal } from "../core/principal.js";
+import { ensureConsumerPrincipalForMethod } from "../core/principal.js";
 import { getOrCreatePendingCardSetup, formatCardSetupBlocks } from "../core/card-setup.js";
 import { formatPaymentChoicePrompt, formatPaymentLabel, resolveConfirmationMethod, } from "./_payment-confirmation.js";
 const pendingCreditPackPurchases = new Map();
@@ -51,7 +51,6 @@ export function registerPassTools(server) {
         }
         const agent = await getAgent(agent_id);
         const agentName = agent.name ?? agent_id;
-        const principal = await ensureConsumerPrincipal();
         const program = getCreditPackProgram(agent);
         const offers = (program?.packs ?? [])
             .map((pack) => findOffer(agent, pack.key ?? ""))
@@ -102,6 +101,7 @@ export function registerPassTools(server) {
             ].join("\n"));
         }
         const method = resolveConfirmationMethod(pay_with, pending?.method, compatibleMethods);
+        const principal = await ensureConsumerPrincipalForMethod(method);
         if (requiresSpendConfirmation() && !confirmed) {
             pendingCreditPackPurchases.set(agent.id, {
                 agentId: agent.id,
@@ -131,14 +131,19 @@ export function registerPassTools(server) {
             formatCreditPack(result.credit_pack),
             `Consumer principal: ${result.consumer_principal}`,
             "",
-            "Future runs through run_agent will automatically use this credit pack while units remain.",
+            "Future runs for this agent will automatically use this credit pack while units remain.",
+            "That includes run_agent, and solve whenever it selects this same agent.",
         ].join("\n"));
     });
     server.tool("list_agent_credit_packs", "Show discounted credit-pack offers for an agent plus any balances available under the current consumer principal.", {
         agent_id: z.string().describe("Agent ID (UUID, slug, or name)"),
-    }, async ({ agent_id }) => {
+        pay_with: z.string().optional().describe("Optional payment method context used to inspect the matching consumer principal."),
+    }, async ({ agent_id, pay_with }) => {
         const agent = await getAgent(agent_id);
-        const result = await apiGet(`/agents/${agent.id}/credit-packs`, { ensureConsumerPrincipal: true });
+        const result = await getCreditPackInventory(agent.id, pay_with);
+        if (!result) {
+            return text(`Could not load credit-pack inventory for ${agent.name}.`);
+        }
         const lines = [
             `Credit packs for ${agent.name}`,
             ...(result.consumer_principal ? [`Consumer principal: ${result.consumer_principal}`] : []),

package/dist/tools/run.js

@@ -5,14 +5,15 @@ import { formatCreditPackOffer, getActiveCreditPack, getCreditPackInventory, get
 import { getCompatiblePaymentMethods, getConfiguredMethods, hasWalletConfigured, getWalletAddress, normalizePaymentMethod, } from "../core/payments.js";
 import { requiresSpendConfirmation, getDefaultTipAmount } from "../core/config.js";
 import { formatRunResult } from "../core/formatters.js";
+import { canSpend, recordSpend, requiresPolicyConfirmation } from "../core/spend-policy.js";
 import { storeFeedbackToken } from "./_token-cache.js";
 import { getOrCreatePendingCardSetup, formatCardSetupBlocks } from "../core/card-setup.js";
-import { formatPaymentChoicePrompt, formatPaymentLabel, formatRunConfirmationCommand, resolveConfirmationMethod, } from "./_payment-confirmation.js";
+import { formatPaymentLabel, formatRunConfirmationCommand, resolveConfirmationMethod, } from "./_payment-confirmation.js";
 const POLL_INTERVAL_MS = 3000;
 const POLL_MAX_MS = 120000;
-async function pollJobUntilDone(jobId) {
+async function pollJobUntilDone(jobId, paymentMethod) {
     const deadline = Date.now() + POLL_MAX_MS;
-    const walletAddress = await getWalletAddress();
+    const walletAddress = await getWalletAddress(paymentMethod);
     const walletParam = walletAddress ? `?wallet=${walletAddress}` : "";
     while (Date.now() < deadline) {
         await new Promise((r) => setTimeout(r, POLL_INTERVAL_MS));
@@ -60,7 +61,7 @@ export function registerRunTools(server) {
     server.tool("run_agent", "Run an AI agent from the marketplace. Pays automatically via configured wallet. Returns the agent's output, cost, and job ID for tracking. If spending confirmation is enabled, first call returns a price quote — call again with confirmed: true to execute. Local file paths in the input (e.g. /Users/.../photo.jpg) are automatically uploaded to temporary storage and replaced with download URLs before execution.", {
         agent_id: z.string().describe("Agent ID (UUID, slug, or name)"),
         input: z.record(z.unknown()).describe("Input payload for the agent"),
-        pay_with: z.string().optional().describe("Payment method — wallet ID, chain name (tempo, base, etc.), or 'card'. Auto-detected if omitted."),
+        pay_with: z.string().trim().min(1).optional().describe("Payment method — wallet ID, chain name (tempo, base, etc.), or 'card'. Auto-detected if omitted."),
         confirmed: z.boolean().optional().describe("Set to true to confirm spending after seeing the price quote."),
     }, async ({ agent_id, input, pay_with, confirmed }) => {
         if (!hasWalletConfigured()) {
@@ -81,37 +82,40 @@ export function registerRunTools(server) {
         catch {
             return text(`Agent "${agent_id}" not found. Use search_agents to find available agents.`);
         }
-        const price = parseFloat(agent.pricePer1kTokens ?? "0.01");
+        const price = parseFloat(agent.pricePerRunUsd ?? "0.01");
         const agentName = agent.name ?? agent_id;
-        const creditPackInventory = await getCreditPackInventory(agent.id);
-        const activeCreditPack = getActiveCreditPack(creditPackInventory);
-        const configuredMethods = getConfiguredMethods();
-        const compatibleMethods = getCompatiblePaymentMethods(agent, configuredMethods);
+        const compatibleMethods = getCompatiblePaymentMethods(agent, getConfiguredMethods());
         const pending = pendingRuns.get(agent.id);
         const requestedMethod = pay_with ?? pending?.method;
         const normalizedRequestedMethod = requestedMethod ? normalizePaymentMethod(requestedMethod) : null;
-        if (!activeCreditPack && requestedMethod && !normalizedRequestedMethod) {
+        const creditPackInventory = await getCreditPackInventory(agent.id, requestedMethod);
+        const activeCreditPack = getActiveCreditPack(creditPackInventory);
+        if (requestedMethod && !normalizedRequestedMethod) {
             return text(`Payment method "${requestedMethod}" is not configured.\n\n` +
                 "Use wallet_status to review your current payment methods.");
         }
-        if (!activeCreditPack && normalizedRequestedMethod && !compatibleMethods.includes(normalizedRequestedMethod)) {
+        if (normalizedRequestedMethod && !compatibleMethods.includes(normalizedRequestedMethod)) {
             return text(`This agent cannot be paid with "${requestedMethod}".\n\n` +
                 `Available payment methods for this agent: ${compatibleMethods.join(", ") || "none"}.\n` +
                 "Use get_agent to inspect the agent details or choose another payment method.");
         }
-        if (!activeCreditPack && !requestedMethod && compatibleMethods.length === 0) {
+        if (!activeCreditPack && compatibleMethods.length === 0) {
             return text(`No compatible payment methods are configured for ${agentName}.\n\n` +
-                `Your configured methods: ${configuredMethods.join(", ") || "none"}\n` +
-                `Agent accepts: ${agent.payment?.accepted_payments?.join(", ") || "unknown"}\n` +
-                "Use wallet_status to review your current setup.");
+                "Use wallet_status to review your current payment methods.");
         }
-        if (!activeCreditPack && !requestedMethod && compatibleMethods.length > 1) {
-            return text(formatPaymentChoicePrompt(agentName, compatibleMethods, compatibleMethods.map((method) => formatRunConfirmationCommand(agent.id, method).replace(", confirmed: true", ""))));
+        const method = resolveConfirmationMethod(requestedMethod, pending?.method, compatibleMethods);
+        const spendCheckMethod = method ?? normalizedRequestedMethod ?? compatibleMethods[0];
+        if (!activeCreditPack) {
+            const spendCheck = canSpend({
+                method: spendCheckMethod,
+                amountUsd: price,
+            });
+            if (!spendCheck.ok) {
+                return text(spendCheck.message);
+            }
         }
-        const method = activeCreditPack
-            ? undefined
-            : resolveConfirmationMethod(pay_with, pending?.method, compatibleMethods);
-        if (!activeCreditPack && requiresSpendConfirmation() && !confirmed) {
+        const needsPolicyConfirmation = !activeCreditPack && requiresPolicyConfirmation(spendCheckMethod, price);
+        if (!activeCreditPack && (requiresSpendConfirmation() || needsPolicyConfirmation) && !confirmed) {
             pendingRuns.set(agent.id, {
                 agent: { id: agent.id, name: agentName, price },
                 input,
@@ -146,17 +150,29 @@ export function registerRunTools(server) {
             return text(`Error: ${msg}`);
         }
         let result;
+        let usedPaidMethod = !activeCreditPack;
         try {
-            result = activeCreditPack
-                ? await apiPost(`/agents/${agent.id}/run`, { input: processedInput }, { ensureConsumerPrincipal: true })
-                : await apiPostWithPayment(`/agents/${agent.id}/run`, { input: processedInput }, method);
+            if (activeCreditPack) {
+                try {
+                    result = await apiPost(`/agents/${agent.id}/run`, { input: processedInput }, { ensureConsumerPrincipal: true });
+                }
+                catch (packErr) {
+                    const packApiErr = packErr;
+                    if (packApiErr?.status !== 402)
+                        throw packErr;
+                    result = await apiPostWithPayment(`/agents/${agent.id}/run`, { input: processedInput }, method);
+                    usedPaidMethod = true;
+                }
+            }
+            else {
+                result = await apiPostWithPayment(`/agents/${agent.id}/run`, { input: processedInput }, method);
+            }
+            if (usedPaidMethod) {
+                recordSpend(spendCheckMethod, price);
+            }
         }
         catch (err) {
             const apiErr = err;
-            if (activeCreditPack && apiErr?.status === 402) {
-                return text(`Your available credit packs for ${agentName} could not cover this run.\n\n` +
-                    "Use list_agent_credit_packs to inspect your balances, or retry with a payment method.");
-            }
             if (apiErr?.status === 402) {
                 const allMethods = getConfiguredMethods();
                 const methodName = method ?? allMethods[0] ?? "auto";
@@ -189,7 +205,7 @@ export function registerRunTools(server) {
         const status = result.status;
         const usedCreditPack = result.consumption_mode === "credit_pack";
         if (status === "processing") {
-            const pollResult = await pollJobUntilDone(jobId);
+            const pollResult = await pollJobUntilDone(jobId, method);
             if (pollResult.status === "completed") {
                 const asyncFormatted = formatRunResult({
                     ...result,

package/dist/tools/solve.js

@@ -4,15 +4,16 @@ import { getOrCreatePendingCardSetup, formatCardSetupBlocks } from "../core/card
 import { getCompatiblePaymentMethods, hasWalletConfigured, getConfiguredMethods, getAcceptedPaymentMethods, getWalletAddress, normalizePaymentMethod, toRegistryPaymentMethod, } from "../core/payments.js";
 import { requiresSpendConfirmation, getDefaultTipAmount } from "../core/config.js";
 import { agentList, formatRunResult } from "../core/formatters.js";
+import { canSpend, recordSpend, requiresPolicyConfirmation } from "../core/spend-policy.js";
 import { uploadLocalFiles } from "../core/file-upload.js";
 import { storeFeedbackToken } from "./_token-cache.js";
-import { formatPaymentChoicePrompt, formatPaymentLabel, formatSolveConfirmationCommand, makeSolvePendingKey, resolveConfirmationMethod, } from "./_payment-confirmation.js";
+import { formatPaymentLabel, formatSolveConfirmationCommand, makeSolvePendingKey, resolveConfirmationMethod, } from "./_payment-confirmation.js";
 import { getActiveCreditPack, getCreditPackInventory, getCreditPackProgram } from "../core/passes.js";
 const POLL_INTERVAL_MS = 3000;
 const POLL_MAX_MS = 120000;
-async function pollSolveJob(jobId) {
+async function pollSolveJob(jobId, paymentMethod) {
     const deadline = Date.now() + POLL_MAX_MS;
-    const walletAddress = await getWalletAddress();
+    const walletAddress = await getWalletAddress(paymentMethod);
     const walletParam = walletAddress ? `?wallet=${walletAddress}` : "";
     while (Date.now() < deadline) {
         await new Promise((r) => setTimeout(r, POLL_INTERVAL_MS));
@@ -103,6 +104,8 @@ export function registerSolveTools(server) {
             .describe("Maximum budget in USD"),
         pay_with: z
             .string()
+            .trim()
+            .min(1)
             .optional()
             .describe("Payment method — wallet ID, chain name (tempo, base, etc.), or 'card'. Auto-detected if omitted."),
         confirmed: z
@@ -157,10 +160,12 @@ export function registerSolveTools(server) {
             return multiText(formatRunResult(result), feedbackAsk(jobId, agentId, usedCreditPack ? undefined : cost, tipMsg));
         }
         catch (err) {
-            const isAuthError = err instanceof Error &&
-                "status" in err &&
-                err.status === 401;
-            if (!isAuthError || !hasWalletConfigured())
+            const status = err instanceof Error &&
+                "status" in err
+                ? err.status
+                : undefined;
+            const isRecoverableDirectSolveError = status === 401 || status === 402;
+            if (!isRecoverableDirectSolveError || !hasWalletConfigured())
                 throw err;
         }
         const params = new URLSearchParams({ q: intent, limit: "5" });
@@ -175,41 +180,28 @@ export function registerSolveTools(server) {
             return text(`No agents found matching "${intent}".`);
         }
         const discovery = agentList(agents, intent);
-        const inputTokens = Math.ceil(JSON.stringify(input).length / 4);
         const affordable = agents.filter((agent) => {
-            const price = parseFloat(agent.pricePer1kTokens ?? "0.01");
-            const cost = agent.pricingModel === "fixed" ? price : (inputTokens / 1000) * price;
-            return cost <= budget;
+            const price = parseFloat(agent.pricePerRunUsd ?? "0.01");
+            return price <= budget;
         });
         const selected = affordable[0] ?? agents[0];
-        const activeCreditPack = await getCreditPackInventory(selected.id).then(getActiveCreditPack);
+        const activeCreditPack = await getCreditPackInventory(selected.id, requestedMethod).then(getActiveCreditPack);
         const compatibleMethods = getCompatiblePaymentMethods(selected, configuredMethods);
-        if (!activeCreditPack && normalizedRequestedMethod && !compatibleMethods.includes(normalizedRequestedMethod)) {
+        if (normalizedRequestedMethod && !compatibleMethods.includes(normalizedRequestedMethod)) {
             return text(`The best matching agent cannot be paid with "${requestedMethod}".\n\n` +
                 `Available payment methods for ${selected.name}: ${compatibleMethods.join(", ") || "none"}.\n` +
                 "Choose another payment method or refine your search.");
         }
-        if (!activeCreditPack && !requestedMethod && compatibleMethods.length === 0) {
+        if (!activeCreditPack && compatibleMethods.length === 0) {
             return text(`No compatible payment methods are configured for ${selected.name}.\n\n` +
-                `Your configured methods: ${configuredMethods.join(", ") || "none"}\n` +
-                `Agent accepts: ${selected.payment?.accepted_payments?.join(", ") || "unknown"}\n` +
-                "Use wallet_status to review your current setup.");
-        }
-        if (!activeCreditPack && !requestedMethod && compatibleMethods.length > 1) {
-            return text([
-                discovery,
-                "",
-                formatPaymentChoicePrompt(selected.name ?? selected.id, compatibleMethods, compatibleMethods.map((method) => formatSolveConfirmationCommand(intent, budget, method).replace(", confirmed: true", ""))),
-            ].join("\n"));
+                "Use wallet_status to review your current payment methods.");
         }
-        const method = activeCreditPack
-            ? undefined
-            : resolveConfirmationMethod(pay_with, pending?.method, compatibleMethods);
-        const selectedPrice = parseFloat(selected.pricePer1kTokens ?? "0.01");
-        const estimatedCost = selected.pricingModel === "fixed"
-            ? selectedPrice
-            : (inputTokens / 1000) * selectedPrice;
-        if (!activeCreditPack && requiresSpendConfirmation() && !confirmed) {
+        const method = resolveConfirmationMethod(requestedMethod, pending?.method, compatibleMethods);
+        const spendCheckMethod = method ?? normalizedRequestedMethod ?? compatibleMethods[0];
+        const selectedPrice = parseFloat(selected.pricePerRunUsd ?? "0.01");
+        const estimatedCost = selectedPrice;
+        const needsPolicyConfirmation = !activeCreditPack && requiresPolicyConfirmation(spendCheckMethod, estimatedCost);
+        if (!activeCreditPack && (requiresSpendConfirmation() || needsPolicyConfirmation) && !confirmed) {
             pendingSolves.set(pendingKey, { method });
             return text([
                 discovery,
@@ -229,17 +221,38 @@ export function registerSolveTools(server) {
             ].join("\n"));
         }
         let result;
+        if (!activeCreditPack) {
+            const spendCheck = canSpend({
+                method: spendCheckMethod,
+                amountUsd: estimatedCost,
+            });
+            if (!spendCheck.ok) {
+                return text(spendCheck.message);
+            }
+        }
         try {
-            result = activeCreditPack
-                ? await apiPost(`/agents/${selected.id}/run`, { input: processedInput }, { ensureConsumerPrincipal: true })
-                : await apiPostWithPayment(`/agents/${selected.id}/run`, { input: processedInput }, method);
+            let usedPaidMethod = !activeCreditPack;
+            if (activeCreditPack) {
+                try {
+                    result = await apiPost(`/agents/${selected.id}/run`, { input: processedInput }, { ensureConsumerPrincipal: true });
+                }
+                catch (packErr) {
+                    const packApiErr = packErr;
+                    if (packApiErr?.status !== 402)
+                        throw packErr;
+                    result = await apiPostWithPayment(`/agents/${selected.id}/run`, { input: processedInput }, method);
+                    usedPaidMethod = true;
+                }
+            }
+            else {
+                result = await apiPostWithPayment(`/agents/${selected.id}/run`, { input: processedInput }, method);
+            }
+            if (usedPaidMethod) {
+                recordSpend(spendCheckMethod, estimatedCost);
+            }
         }
         catch (err) {
             const apiErr = err;
-            if (activeCreditPack && apiErr?.status === 402) {
-                return text(`Your available credit packs for ${selected.name} could not cover this run.\n\n` +
-                    "Use list_agent_credit_packs to inspect your balances, or retry with a payment method.");
-            }
             if (apiErr?.status === 402) {
                 return text([
                     "Payment failed — your wallet may not have enough funds or the selected method was rejected.",
@@ -262,7 +275,7 @@ export function registerSolveTools(server) {
             storeFeedbackToken(jobId, result.feedback_token, agentId);
         }
         if (status === "processing") {
-            const pollResult = await pollSolveJob(jobId);
+            const pollResult = await pollSolveJob(jobId, method);
             if (pollResult.status === "completed") {
                 const asyncFormatted = formatRunResult({
                     ...result,

package/dist/tools/wallet.js

@@ -1,6 +1,8 @@
 import { z } from "zod";
-import { getWallets, getCardConfig, setCardConfig, addWallet, getPendingCardSetupToken, } from "../core/config.js";
-import { getWalletAddress } from "../core/payments.js";
+import { getWallets, getCardConfig, setCardConfig, addWallet, getPendingCardSetupToken, getSpendPolicy, setSpendPolicy, } from "../core/config.js";
+import { getWalletAddress, isCardPaymentEnabled } from "../core/payments.js";
+import { fetchUsdcBalance } from "../core/balances.js";
+import { getSettings } from "../core/settings.js";
 import { getOrCreatePendingCardSetup, formatCardSetupBlocks, getCardCapabilities, pollCardSetup, } from "../core/card-setup.js";
 import { isOwsAvailable, createOwsWallet, importKeyToOws, listOwsWallets, listOwsWalletsByChain, } from "../core/ows-adapter.js";
 import { ensureConsumerPrincipal, getConsumerPrincipal } from "../core/principal.js";
@@ -17,18 +19,33 @@ export function registerWalletTools(server) {
         if (wallets.length === 0 && !card && !pendingCardSetupToken) {
             return text("No payment methods configured.\nUse wallet_setup to create or import a wallet.");
         }
-        const lines = ["Payment methods:"];
+        const settings = await getSettings();
+        const networkLabel = settings ? ` (${settings.network})` : "";
+        const lines = [`Payment methods${networkLabel}:`];
         for (const w of wallets) {
             const label = w.label ? ` (${w.label})` : "";
             const storage = w.keyType === "ows" ? " [encrypted]" : " [plaintext]";
-            const chainAddresses = await Promise.all(w.chains.map(async (chainName) => {
+            const chainLines = await Promise.all(w.chains.map(async (chainName) => {
                 const addr = await getWalletAddress(chainName);
-                return `${chainName}: ${addr ?? "unknown"}`;
+                if (!addr)
+                    return `${chainName}: unknown`;
+                let balanceStr = "";
+                if (chainName === "tempo" || chainName === "base" || chainName === "solana") {
+                    const balance = await fetchUsdcBalance(chainName, addr);
+                    if (balance !== null) {
+                        const num = Number(balance);
+                        balanceStr = `   ${Number.isFinite(num) ? num.toFixed(4).replace(/\.?0+$/, "") : balance} USDC`;
+                    }
+                }
+                return `${chainName}: ${addr}${balanceStr}`;
             }));
-            lines.push(`  ${w.id}${label}${storage}: ${chainAddresses.join(" | ")}`);
+            lines.push(`  ${w.id}${label}${storage}:`);
+            for (const line of chainLines)
+                lines.push(`    ${line}`);
         }
-        if (card) {
-            lines.push(`  Card: ${card.brand} ****${card.last4}`);
+        if (card && isCardPaymentEnabled()) {
+            const stripeMode = settings?.stripe.mode === "test" ? " [Stripe test mode]" : "";
+            lines.push(`  Card: ${card.brand} ****${card.last4}${stripeMode}`);
             const capabilities = await getCardCapabilities();
             if (capabilities.spt_status === "enabled") {
                 lines.push("  Card MPP: ready");
@@ -49,7 +66,7 @@ export function registerWalletTools(server) {
         return text(lines.join("\n"));
     });
     // ── wallet_setup (NEW) ──────────────────────────────────────────
-    server.tool("wallet_setup", "Set up or manage payment methods. Options: 'add-card' to connect a credit/debit card (recommended), 'remove-card' to disconnect a card, 'create' a crypto wallet, or 'import' an existing key. For crypto wallet changes (removal, key rotation), direct users to edit their config files manually — never handle private keys programmatically.", {
+    server.tool("wallet_setup", "Set up or manage payment methods. Options: 'add-card' to connect a credit/debit card, 'remove-card' to disconnect a card, 'create' a crypto wallet, or 'import' an existing key. After card setup, use wallet_status to confirm whether card-backed MPP is ready. For crypto wallet changes (removal, key rotation), direct users to edit their config files manually — never handle private keys programmatically.", {
         action: z
             .enum(["create", "import", "add-card", "remove-card"])
             .describe("'add-card' to connect a card, 'remove-card' to disconnect it, 'create' a crypto wallet, or 'import' an existing key"),
@@ -66,6 +83,9 @@ export function registerWalletTools(server) {
     }, async ({ action, name, key, chain }) => {
         // ── Card setup flow ──────────────────────────────────────
         if (action === "add-card") {
+            if (!isCardPaymentEnabled()) {
+                return text("Card payments are temporarily unavailable. Use wallet_setup({ action: \"create\" }) for a crypto wallet instead.");
+            }
             const existing = getCardConfig();
             if (existing) {
                 return text(`Card already connected: ${existing.brand} ****${existing.last4}\n\nTo replace it, remove the current card first.`);
@@ -257,8 +277,8 @@ export function registerWalletTools(server) {
         }
     });
     // ── wallet_set_policy (NEW) ─────────────────────────────────────
-    server.tool("wallet_set_policy", "Set spending limits on a wallet to control agent costs. Limits reset daily.", {
-        wallet_id: z.string().describe("Wallet ID to set policy on"),
+    server.tool("wallet_set_policy", "Set client-side spending limits on a wallet to control agent costs in this MCP client. Limits reset daily.", {
+        wallet_id: z.string().describe("Wallet ID to set local policy on"),
         max_per_tx: z
             .number()
             .positive()
@@ -269,31 +289,47 @@ export function registerWalletTools(server) {
             .positive()
             .optional()
             .describe("Maximum USD per day across all transactions"),
-    }, async ({ wallet_id, max_per_tx, max_per_day }) => {
+        require_confirmation_above: z
+            .number()
+            .positive()
+            .optional()
+            .describe("Require manual confirmation above this USD amount even when auto-spend is enabled"),
+    }, async ({ wallet_id, max_per_tx, max_per_day, require_confirmation_above }) => {
         const wallets = getWallets();
         const wallet = wallets.find((w) => w.id === wallet_id);
         if (!wallet) {
             const available = wallets.map((w) => w.id).join(", ") || "none";
             return text(`Wallet "${wallet_id}" not found. Available wallets: ${available}`);
         }
-        if (max_per_tx == null && max_per_day == null) {
-            return text("No policy changes specified. Provide max_per_tx and/or max_per_day.");
+        if (max_per_tx == null &&
+            max_per_day == null &&
+            require_confirmation_above == null) {
+            return text("No policy changes specified. Provide at least one policy field.");
         }
+        const existing = getSpendPolicy(wallet_id) ?? {};
+        const nextPolicy = {
+            ...existing,
+            ...(max_per_tx != null ? { maxPerTxUsd: max_per_tx } : {}),
+            ...(max_per_day != null ? { maxPerDayUsd: max_per_day } : {}),
+            ...(require_confirmation_above != null ? { requireConfirmationAboveUsd: require_confirmation_above } : {}),
+        };
+        setSpendPolicy(wallet_id, nextPolicy);
         // Build policy summary
         const policies = [];
-        if (max_per_tx != null) {
-            policies.push(`Max per transaction: $${max_per_tx.toFixed(2)}`);
+        if (nextPolicy.maxPerTxUsd != null) {
+            policies.push(`Max per transaction: $${nextPolicy.maxPerTxUsd.toFixed(2)}`);
+        }
+        if (nextPolicy.maxPerDayUsd != null) {
+            policies.push(`Max per day: $${nextPolicy.maxPerDayUsd.toFixed(2)}`);
         }
-        if (max_per_day != null) {
-            policies.push(`Max per day: $${max_per_day.toFixed(2)}`);
+        if (nextPolicy.requireConfirmationAboveUsd != null) {
+            policies.push(`Require confirmation above: $${nextPolicy.requireConfirmationAboveUsd.toFixed(2)}`);
         }
-        // Note: actual persistence depends on the config module supporting policy fields.
-        // For now, we report what would be set. The core/config module will handle storage.
         return text([
-            `Spending policy set for wallet "${wallet_id}":`,
+            `Local spending policy set for wallet "${wallet_id}":`,
             ...policies.map((p) => `  ${p}`),
             "",
-            "Policy will be enforced on all future transactions from this wallet.",
+            "Policy is stored in this MCP client's local config and enforced on future transactions from this wallet on this client.",
         ].join("\n"));
     });
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agentwonderland/mcp",
-  "version": "0.1.24",
+  "version": "0.1.26",
   "type": "module",
   "description": "MCP server for the Agent Wonderland AI agent marketplace",
   "bin": {
@@ -25,7 +25,7 @@
     "@modelcontextprotocol/sdk": "^1.12.1",
     "@solana/spl-token": "^0.4.14",
     "@solana/web3.js": "^1.98.4",
-    "mppx": "^0.4.9",
+    "mppx": "^0.5.10",
     "qrcode": "^1.5.4",
     "viem": "^2.47.6",
     "zod": "^3.24.0"

package/src/core/__tests__/amount-utils.test.ts

@@ -0,0 +1,13 @@
+import { describe, expect, it } from "vitest";
+import { toAtomicAmount } from "../amount-utils.js";
+
+describe("toAtomicAmount", () => {
+  it("converts decimal USDC challenge amounts into atomic units", () => {
+    expect(toAtomicAmount("0.020000")).toBe(20000n);
+    expect(toAtomicAmount("1.000000")).toBe(1000000n);
+  });
+
+  it("supports different decimal precisions", () => {
+    expect(toAtomicAmount("0.50", 2)).toBe(50n);
+  });
+});

package/src/core/__tests__/api-client.test.ts

@@ -0,0 +1,78 @@
+import { beforeEach, describe, expect, it, vi } from "vitest";
+
+const {
+  mockGetApiUrl,
+  mockGetApiKey,
+  mockGetPaymentFetch,
+  mockEnsureConsumerPrincipalForMethod,
+  mockGetConsumerPrincipalForMethod,
+  mockGetBaseRebatePrincipal,
+  mockPaymentFetch,
+} = vi.hoisted(() => ({
+  mockGetApiUrl: vi.fn(),
+  mockGetApiKey: vi.fn(),
+  mockGetPaymentFetch: vi.fn(),
+  mockEnsureConsumerPrincipalForMethod: vi.fn(),
+  mockGetConsumerPrincipalForMethod: vi.fn(),
+  mockGetBaseRebatePrincipal: vi.fn(),
+  mockPaymentFetch: vi.fn(),
+}));
+
+vi.mock("../config.js", () => ({
+  getApiUrl: () => mockGetApiUrl(),
+  getApiKey: () => mockGetApiKey(),
+}));
+
+vi.mock("../payments.js", () => ({
+  getPaymentFetch: (...args: unknown[]) => mockGetPaymentFetch(...args),
+}));
+
+vi.mock("../principal.js", () => ({
+  ensureConsumerPrincipal: vi.fn(),
+  ensureConsumerPrincipalForMethod: (...args: unknown[]) => mockEnsureConsumerPrincipalForMethod(...args),
+  getConsumerPrincipal: vi.fn(),
+  getConsumerPrincipalForMethod: (...args: unknown[]) => mockGetConsumerPrincipalForMethod(...args),
+  getBaseRebatePrincipal: (...args: unknown[]) => mockGetBaseRebatePrincipal(...args),
+}));
+
+describe("api-client headers", () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+    mockGetApiUrl.mockReturnValue("https://api.agentwonderland.test");
+    mockGetApiKey.mockReturnValue(null);
+    mockGetPaymentFetch.mockResolvedValue(mockPaymentFetch);
+    mockEnsureConsumerPrincipalForMethod.mockResolvedValue(
+      "did:pkh:solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp:42W2HfLfveSm1T5et9WTLp2CZ2QXdF2EYCUvyJ2gPpxF",
+    );
+    mockGetConsumerPrincipalForMethod.mockResolvedValue(
+      "did:pkh:eip155:8453:0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+    );
+    mockGetBaseRebatePrincipal.mockResolvedValue(
+      "did:pkh:eip155:8453:0xbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
+    );
+    mockPaymentFetch.mockResolvedValue(new Response(JSON.stringify({ ok: true }), {
+      status: 200,
+      headers: { "content-type": "application/json" },
+    }));
+  });
+
+  it("includes the Base rebate principal alongside the method-specific consumer principal", async () => {
+    const { apiPostWithPayment } = await import("../api-client.js");
+
+    await apiPostWithPayment("/agents/agent-1/run", { input: { text: "hello" } }, "solana");
+
+    expect(mockPaymentFetch).toHaveBeenCalledWith(
+      "https://api.agentwonderland.test/agents/agent-1/run",
+      expect.objectContaining({
+        headers: expect.objectContaining({
+          "Content-Type": "application/json",
+          Accept: "application/json",
+          "X-AW-Consumer-Principal":
+            "did:pkh:solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp:42W2HfLfveSm1T5et9WTLp2CZ2QXdF2EYCUvyJ2gPpxF",
+          "X-AW-Rebate-Principal":
+            "did:pkh:eip155:8453:0xbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
+        }),
+      }),
+    );
+  });
+});

package/src/core/__tests__/formatters.test.ts

@@ -14,4 +14,16 @@ describe("formatRunResult", () => {
     expect(output).toContain("Covered by credit pack (pack-123)");
     expect(output).not.toContain("Paid:");
   });
+
+  it("formats string-valued settled amounts from job lookups", () => {
+    const output = formatRunResult({
+      agent_name: "Async Analyzer",
+      status: "completed",
+      settled_amount: "0.100000",
+      job_id: "job-123",
+    }, { paymentMethod: "card" });
+
+    expect(output).toContain("Paid: $0.10 via card");
+    expect(output).toContain("Job ID: job-123");
+  });
 });