@agentwonderland/mcp 0.1.49 → 0.1.51

package/dist/core/__tests__/payments.test.js

@@ -21,6 +21,7 @@ vi.mock("../config.js", () => ({
     getApiUrl: () => "http://api.test",
     getCardConfig: () => currentCard,
     getLinkConfig: () => currentLink,
+    getLinkCooldown: () => null,
     getConfig: () => ({ defaultPaymentMethod: currentDefaultPaymentMethod }),
     getDefaultWallet: () => currentDefaultWallet,
     getWallets: () => currentWallets,
@@ -124,16 +125,36 @@ describe("payment method initialization", () => {
             networkId: "profile_test",
         });
         expect(mockCreateLinkSharedPaymentToken).toHaveBeenCalledWith(expect.objectContaining({
-            amount: "10000",
+            amount: "25",
             currency: "usd",
             networkId: "profile_test",
             paymentMethodId: "csmrpd_link_123",
         }));
         const linkTokenRequest = mockCreateLinkSharedPaymentToken.mock.calls[0]?.[0];
-        expect(linkTokenRequest?.context).toContain("up to USD 100.00");
+        expect(linkTokenRequest?.context).toContain("up to USD 0.25");
         expect(linkTokenRequest?.context).toContain("quoted at USD 0.25");
     });
-    it("keeps Link approval floor at $100 even if a low env override is present", async () => {
+    it("uses an explicit Link approval override when configured", async () => {
+        process.env.AGENTWONDERLAND_LINK_APPROVAL_LIMIT_CENTS = "2000";
+        currentLink = {
+            paymentMethodId: "csmrpd_link_123",
+            label: "Visa ****4242",
+        };
+        currentDefaultPaymentMethod = "link";
+        const { getPaymentFetch } = await import("../payments.js");
+        await getPaymentFetch("link");
+        const stripeConfig = mockStripe.mock.calls[0]?.[0];
+        await stripeConfig.createToken({
+            amount: "25",
+            currency: "usd",
+            expiresAt: 1778290000,
+            networkId: "profile_test",
+        });
+        expect(mockCreateLinkSharedPaymentToken).toHaveBeenCalledWith(expect.objectContaining({
+            amount: "2000",
+        }));
+    });
+    it("allows a low env override while never approving below the quoted amount", async () => {
         process.env.AGENTWONDERLAND_LINK_APPROVAL_LIMIT_CENTS = "10";
         currentLink = {
             paymentMethodId: "csmrpd_link_123",
@@ -143,13 +164,13 @@ describe("payment method initialization", () => {
         await getPaymentFetch("link");
         const stripeConfig = mockStripe.mock.calls[0]?.[0];
         await stripeConfig.createToken({
-            amount: "10",
+            amount: "25",
             currency: "usd",
             expiresAt: 1778290000,
             networkId: "profile_test",
         });
         expect(mockCreateLinkSharedPaymentToken).toHaveBeenCalledWith(expect.objectContaining({
-            amount: "10000",
+            amount: "25",
         }));
     });
     it("advertises Link as Stripe SPT compatibility", async () => {

package/dist/core/config.d.ts

@@ -22,6 +22,22 @@ export interface PendingLinkSetup {
     phrase: string;
     createdAt: string;
 }
+export interface PendingLinkSpendRequest {
+    id: string;
+    approvalUrl?: string;
+    amount: string;
+    currency: string;
+    context: string;
+    expiresAt: number;
+    networkId: string;
+    paymentMethodId: string;
+    createdAt: string;
+}
+export interface LinkCooldown {
+    reason: string;
+    createdAt: string;
+    blockedUntil: string;
+}
 export interface SpendPolicy {
     maxPerTxUsd?: number;
     maxPerDayUsd?: number;
@@ -43,6 +59,8 @@ export interface Config {
     card: CardConfig | null;
     link: LinkConfig | null;
     pendingLinkSetup?: PendingLinkSetup | null;
+    pendingLinkSpendRequest?: PendingLinkSpendRequest | null;
+    linkCooldown?: LinkCooldown | null;
     pendingCardSetupToken?: string | null;
     favorites: string[];
     /** Require user confirmation before spending. Default: true. Set false for headless/automated use. */
@@ -103,6 +121,10 @@ export declare function removeWallet(id: string): void;
 export declare function getCardConfig(): CardConfig | null;
 export declare function getLinkConfig(): LinkConfig | null;
 export declare function getPendingLinkSetup(): PendingLinkSetup | null;
+export declare function getPendingLinkSpendRequest(): PendingLinkSpendRequest | null;
+export declare function setPendingLinkSpendRequest(pendingLinkSpendRequest: PendingLinkSpendRequest | null): void;
+export declare function getLinkCooldown(): LinkCooldown | null;
+export declare function setLinkCooldown(linkCooldown: LinkCooldown | null): void;
 /**
  * Save card configuration after setup.
  */

package/dist/core/config.js

@@ -38,6 +38,8 @@ function migrateIfNeeded(raw) {
             card: raw.card ?? null,
             link: raw.link ?? null,
             pendingLinkSetup: raw.link ? null : (raw.pendingLinkSetup ?? null),
+            pendingLinkSpendRequest: raw.pendingLinkSpendRequest ?? null,
+            linkCooldown: raw.linkCooldown ?? null,
             pendingCardSetupToken: r.pendingCardSetupToken ?? null,
             favorites: r.favorites ?? [],
             confirmBeforeSpend: r.confirmBeforeSpend !== false,
@@ -113,6 +115,8 @@ function migrateIfNeeded(raw) {
         card,
         link: raw.link ?? null,
         pendingLinkSetup: raw.link ? null : (raw.pendingLinkSetup ?? null),
+        pendingLinkSpendRequest: raw.pendingLinkSpendRequest ?? null,
+        linkCooldown: raw.linkCooldown ?? null,
         pendingCardSetupToken: null,
         favorites: [],
         confirmBeforeSpend: true,
@@ -138,6 +142,8 @@ export function getConfig() {
         card: null,
         link: null,
         pendingLinkSetup: null,
+        pendingLinkSpendRequest: null,
+        linkCooldown: null,
         pendingCardSetupToken: null,
         favorites: [],
         confirmBeforeSpend: true,
@@ -301,6 +307,18 @@ export function getLinkConfig() {
 export function getPendingLinkSetup() {
     return getConfig().pendingLinkSetup ?? null;
 }
+export function getPendingLinkSpendRequest() {
+    return getConfig().pendingLinkSpendRequest ?? null;
+}
+export function setPendingLinkSpendRequest(pendingLinkSpendRequest) {
+    saveConfig({ pendingLinkSpendRequest });
+}
+export function getLinkCooldown() {
+    return getConfig().linkCooldown ?? null;
+}
+export function setLinkCooldown(linkCooldown) {
+    saveConfig({ linkCooldown });
+}
 /**
  * Save card configuration after setup.
  */
@@ -330,12 +348,14 @@ export function setLinkConfig(link) {
             link,
             defaultPaymentMethod: "link",
             pendingLinkSetup: null,
+            pendingLinkSpendRequest: null,
         });
     }
     else {
         saveConfig({
             link,
             pendingLinkSetup: null,
+            pendingLinkSpendRequest: null,
             defaultPaymentMethod: current.defaultPaymentMethod === "link"
                 ? undefined
                 : current.defaultPaymentMethod,

package/dist/core/link-cli.js

@@ -1,5 +1,6 @@
 import { execFile } from "node:child_process";
 import { promisify } from "node:util";
+import { getPendingLinkSpendRequest, setLinkCooldown, setPendingLinkSpendRequest, } from "./config.js";
 const execFileAsync = promisify(execFile);
 const LINK_CLI_PACKAGE = "@stripe/link-cli";
 const LINK_CLI_TIMEOUT_MS = 10 * 60 * 1000;
@@ -92,6 +93,34 @@ function extractSpendRequestApproval(output) {
     }
     return null;
 }
+function isMatchingPendingSpendRequest(pending, params) {
+    if (!pending)
+        return false;
+    if (pending.amount !== params.amount)
+        return false;
+    if (pending.currency.toLowerCase() !== params.currency.toLowerCase())
+        return false;
+    if (pending.context !== params.context)
+        return false;
+    if (pending.networkId !== params.networkId)
+        return false;
+    if (pending.paymentMethodId !== params.paymentMethodId)
+        return false;
+    if (pending.expiresAt <= Math.floor(Date.now() / 1000))
+        return false;
+    return true;
+}
+function isProjectedSpendCapError(message) {
+    return /projected daily spend|projected spend|exceeds limit/i.test(message);
+}
+function recordLinkCooldown(reason) {
+    const now = new Date();
+    setLinkCooldown({
+        reason,
+        createdAt: now.toISOString(),
+        blockedUntil: new Date(now.getTime() + 24 * 60 * 60 * 1000).toISOString(),
+    });
+}
 function normalizePaymentMethods(output) {
     const values = Array.isArray(output)
         ? output
@@ -181,6 +210,22 @@ export async function listLinkPaymentMethods() {
     return normalizePaymentMethods(output);
 }
 export async function createLinkSharedPaymentToken(params) {
+    const existing = getPendingLinkSpendRequest();
+    if (isMatchingPendingSpendRequest(existing, params)) {
+        try {
+            console.error(`Resuming pending Link approval: ${existing.id}`);
+            const spt = await retrieveSharedPaymentToken(existing.id, existing.approvalUrl);
+            setPendingLinkSpendRequest(null);
+            return spt;
+        }
+        catch (err) {
+            const message = err instanceof Error ? err.message : String(err);
+            if (!/denied|expired|not found|without a shared payment token|POLLING_TIMEOUT/i.test(message)) {
+                throw err;
+            }
+            setPendingLinkSpendRequest(null);
+        }
+    }
     const args = [
         "spend-request",
         "create",
@@ -207,6 +252,16 @@ export async function createLinkSharedPaymentToken(params) {
     }
     catch (err) {
         const message = err instanceof Error ? err.message : String(err);
+        if (isProjectedSpendCapError(message)) {
+            recordLinkCooldown(message);
+            throw new Error([
+                "Link is temporarily blocked by Stripe's projected-spend cap.",
+                "Reauthing Link or switching cards in the same Link account will not fix this.",
+                "Use USDC for now, wait for the rolling Link window to clear, or ask Stripe to raise/clear the merchant projected-spend cap.",
+                "",
+                message,
+            ].join("\n"));
+        }
         if (/invalid network_id|could not retrieve merchant information/i.test(message)) {
             throw new Error([
                 message,
@@ -219,41 +274,58 @@ export async function createLinkSharedPaymentToken(params) {
     }
     const spt = extractSharedPaymentToken(output);
     if (spt) {
+        setPendingLinkSpendRequest(null);
         return spt;
     }
     const approval = extractSpendRequestApproval(output);
     if (approval?.id && approval.status === "pending_approval") {
+        setPendingLinkSpendRequest({
+            id: approval.id,
+            approvalUrl: approval.approvalUrl,
+            amount: params.amount,
+            currency: params.currency,
+            context: params.context,
+            expiresAt: params.expiresAt,
+            networkId: params.networkId,
+            paymentMethodId: params.paymentMethodId,
+            createdAt: new Date().toISOString(),
+        });
         if (approval.approvalUrl) {
             console.error(`Link approval required: ${approval.approvalUrl}`);
         }
-        let retrieved = await runLinkCli([
+        const retrievedSpt = await retrieveSharedPaymentToken(approval.id, approval.approvalUrl);
+        setPendingLinkSpendRequest(null);
+        return retrievedSpt;
+    }
+    {
+        throw new Error("Link spend request completed without a shared payment token in the CLI response.");
+    }
+}
+async function retrieveSharedPaymentToken(spendRequestId, approvalUrl) {
+    let retrieved = await runLinkCli([
+        "spend-request",
+        "retrieve",
+        spendRequestId,
+        "--interval",
+        "2",
+        "--max-attempts",
+        "150",
+    ]);
+    let retrievedSpt = extractSharedPaymentToken(retrieved);
+    for (let attempt = 0; !retrievedSpt && attempt < 30; attempt += 1) {
+        await sleep(2_000);
+        retrieved = await runLinkCli([
             "spend-request",
             "retrieve",
-            approval.id,
-            "--interval",
-            "2",
-            "--max-attempts",
-            "150",
+            spendRequestId,
         ]);
-        let retrievedSpt = extractSharedPaymentToken(retrieved);
-        for (let attempt = 0; !retrievedSpt && attempt < 30; attempt += 1) {
-            await sleep(2_000);
-            retrieved = await runLinkCli([
-                "spend-request",
-                "retrieve",
-                approval.id,
-            ]);
-            retrievedSpt = extractSharedPaymentToken(retrieved);
-        }
-        if (retrievedSpt) {
-            return retrievedSpt;
-        }
-        throw new Error([
-            "Link spend request finished without a shared payment token.",
-            approval.approvalUrl ? `Approval URL: ${approval.approvalUrl}` : undefined,
-        ].filter(Boolean).join("\n"));
+        retrievedSpt = extractSharedPaymentToken(retrieved);
     }
-    {
-        throw new Error("Link spend request completed without a shared payment token in the CLI response.");
+    if (retrievedSpt) {
+        return retrievedSpt;
     }
+    throw new Error([
+        "Link spend request finished without a shared payment token.",
+        approvalUrl ? `Approval URL: ${approvalUrl}` : undefined,
+    ].filter(Boolean).join("\n"));
 }

package/dist/core/payments.js

@@ -9,7 +9,7 @@
  * Users can configure multiple wallets with different chains and select
  * which to use per-request via `--pay-with <wallet-id|chain|card>`.
  */
-import { getConfig, getWallets, getDefaultWallet, getCardConfig, getLinkConfig, resolveWalletAndChain, getApiUrl, } from "./config.js";
+import { getConfig, getWallets, getDefaultWallet, getCardConfig, getLinkConfig, getLinkCooldown, resolveWalletAndChain, getApiUrl, } from "./config.js";
 // Feature flag: disable card payment for launch. Flip to true once Stripe
 // approves the live SPT issuer. Config/card state is still persisted so this
 // can be re-enabled without reconfiguring wallets.
@@ -26,7 +26,6 @@ const REGISTRY_METHOD_MAP = {
     card: "stripe_card",
     link: "stripe_card",
 };
-const DEFAULT_LINK_APPROVAL_LIMIT_CENTS = 10_000;
 const ACCEPTED_PAYMENT_ALIASES = {
     tempo: ["tempo_usdc", "tempo"],
     base: ["base_usdc", "base"],
@@ -164,10 +163,24 @@ function formatMinorCurrencyAmount(currency, amount) {
 function getLinkApprovalLimitAmount(actualAmount) {
     const actualAmountCents = Number(actualAmount);
     const configuredLimit = Number(process.env.AGENTWONDERLAND_LINK_APPROVAL_LIMIT_CENTS);
-    const defaultLimit = Number.isFinite(configuredLimit) && configuredLimit > 0
-        ? Math.max(Math.floor(configuredLimit), DEFAULT_LINK_APPROVAL_LIMIT_CENTS)
-        : DEFAULT_LINK_APPROVAL_LIMIT_CENTS;
-    return String(Math.max(actualAmountCents, defaultLimit));
+    const approvalLimit = Number.isFinite(configuredLimit) && configuredLimit > 0
+        ? Math.max(actualAmountCents, Math.floor(configuredLimit))
+        : actualAmountCents;
+    return String(approvalLimit);
+}
+function assertLinkNotCoolingDown() {
+    const cooldown = getLinkCooldown();
+    if (!cooldown)
+        return;
+    const blockedUntil = Date.parse(cooldown.blockedUntil);
+    if (!Number.isFinite(blockedUntil) || blockedUntil <= Date.now())
+        return;
+    throw new Error([
+        "Link is temporarily blocked by Stripe's projected-spend cap.",
+        "Reauthing Link or switching cards in the same Link account will not fix this.",
+        `Try again after ${cooldown.blockedUntil}, use USDC, or ask Stripe to raise/clear the merchant projected-spend cap.`,
+        `Last Link error: ${cooldown.reason}`,
+    ].join("\n"));
 }
 function buildLinkApprovalContext(params) {
     const amountText = formatMinorCurrencyAmount(params.currency, params.amount);
@@ -188,6 +201,7 @@ async function initLink() {
             methods: [stripe({
                     paymentMethod: linkConfig.paymentMethodId,
                     createToken: async (params) => {
+                        assertLinkNotCoolingDown();
                         const approvalAmount = getLinkApprovalLimitAmount(params.amount);
                         console.error(`Requesting Link approval up to ${formatMinorCurrencyAmount(params.currency, approvalAmount)} ` +
                             `for this ${formatMinorCurrencyAmount(params.currency, params.amount)} Agent Wonderland run.`);

package/dist/core/version.d.ts

@@ -1 +1 @@
-export declare const MCP_PACKAGE_VERSION = "0.1.49";
+export declare const MCP_PACKAGE_VERSION = "0.1.51";

package/dist/core/version.js

@@ -1 +1 @@
-export const MCP_PACKAGE_VERSION = "0.1.49";
+export const MCP_PACKAGE_VERSION = "0.1.51";

package/dist/tools/__tests__/wallet.test.js

@@ -5,6 +5,7 @@ const state = vi.hoisted(() => ({
     card: null,
     link: null,
     pendingLinkSetup: null,
+    linkCooldown: null,
     pendingCardSetupToken: null,
     spendPolicies: {},
     defaultPaymentMethod: undefined,
@@ -53,6 +54,7 @@ vi.mock("../../core/config.js", () => ({
     },
     getCardConfig: () => state.card,
     getLinkConfig: () => state.link,
+    getLinkCooldown: () => state.linkCooldown,
     getPendingLinkSetup: () => state.pendingLinkSetup,
     getPendingCardSetupToken: () => state.pendingCardSetupToken,
     getSpendPolicy: (walletId) => state.spendPolicies[walletId] ?? null,
@@ -130,6 +132,7 @@ function resetState() {
     state.card = null;
     state.link = null;
     state.pendingLinkSetup = null;
+    state.linkCooldown = null;
     state.pendingCardSetupToken = null;
     state.spendPolicies = {};
     state.defaultPaymentMethod = undefined;

package/dist/tools/wallet.js

@@ -1,5 +1,5 @@
 import { z } from "zod";
-import { getWallets, getCardConfig, getLinkConfig, getPendingLinkSetup, setPendingLinkSetup, setLinkConfig, setCardConfig, addWallet, getPendingCardSetupToken, getSpendPolicy, setDefaultPaymentMethod, setSpendPolicy, } from "../core/config.js";
+import { getWallets, getCardConfig, getLinkConfig, getLinkCooldown, getPendingLinkSetup, setPendingLinkSetup, setLinkConfig, setCardConfig, addWallet, getPendingCardSetupToken, getSpendPolicy, setDefaultPaymentMethod, setSpendPolicy, } from "../core/config.js";
 import { getWalletAddress, isCardPaymentEnabled } from "../core/payments.js";
 import { fetchUsdcBalance } from "../core/balances.js";
 import { getSettings } from "../core/settings.js";
@@ -110,6 +110,12 @@ export function registerWalletTools(server) {
             lines.push(auth.authenticated
                 ? "  Link CLI: authenticated"
                 : "  Link CLI: not authenticated — run npx @stripe/link-cli auth login");
+            const cooldown = getLinkCooldown();
+            const blockedUntil = cooldown ? Date.parse(cooldown.blockedUntil) : NaN;
+            if (cooldown && Number.isFinite(blockedUntil) && blockedUntil > Date.now()) {
+                lines.push(`  Link status: temporarily blocked by Stripe projected-spend cap until ${cooldown.blockedUntil}`);
+                lines.push("  Link note: reauthing or switching cards in the same Link account will not clear this cap.");
+            }
         }
         if (pendingCardSetupToken) {
             lines.push("  Card setup: pending confirmation");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agentwonderland/mcp",
-  "version": "0.1.49",
+  "version": "0.1.51",
   "type": "module",
   "description": "MCP server for the Agent Wonderland AI agent marketplace",
   "bin": {

package/src/core/__tests__/payments.test.ts

@@ -26,6 +26,7 @@ vi.mock("../config.js", () => ({
   getApiUrl: () => "http://api.test",
   getCardConfig: () => currentCard,
   getLinkConfig: () => currentLink,
+  getLinkCooldown: () => null,
   getConfig: () => ({ defaultPaymentMethod: currentDefaultPaymentMethod }),
   getDefaultWallet: () => currentDefaultWallet,
   getWallets: () => currentWallets,
@@ -166,18 +167,51 @@ describe("payment method initialization", () => {
 
     expect(mockCreateLinkSharedPaymentToken).toHaveBeenCalledWith(
       expect.objectContaining({
-        amount: "10000",
+        amount: "25",
         currency: "usd",
         networkId: "profile_test",
         paymentMethodId: "csmrpd_link_123",
       }),
     );
     const linkTokenRequest = mockCreateLinkSharedPaymentToken.mock.calls[0]?.[0] as { context: string } | undefined;
-    expect(linkTokenRequest?.context).toContain("up to USD 100.00");
+    expect(linkTokenRequest?.context).toContain("up to USD 0.25");
     expect(linkTokenRequest?.context).toContain("quoted at USD 0.25");
   });
 
-  it("keeps Link approval floor at $100 even if a low env override is present", async () => {
+  it("uses an explicit Link approval override when configured", async () => {
+    process.env.AGENTWONDERLAND_LINK_APPROVAL_LIMIT_CENTS = "2000";
+    currentLink = {
+      paymentMethodId: "csmrpd_link_123",
+      label: "Visa ****4242",
+    };
+    currentDefaultPaymentMethod = "link";
+
+    const { getPaymentFetch } = await import("../payments.js");
+    await getPaymentFetch("link");
+
+    const stripeConfig = mockStripe.mock.calls[0]?.[0] as {
+      createToken: (params: {
+        amount: string;
+        currency: string;
+        expiresAt: number;
+        networkId: string;
+      }) => Promise<string>;
+    };
+    await stripeConfig.createToken({
+      amount: "25",
+      currency: "usd",
+      expiresAt: 1778290000,
+      networkId: "profile_test",
+    });
+
+    expect(mockCreateLinkSharedPaymentToken).toHaveBeenCalledWith(
+      expect.objectContaining({
+        amount: "2000",
+      }),
+    );
+  });
+
+  it("allows a low env override while never approving below the quoted amount", async () => {
     process.env.AGENTWONDERLAND_LINK_APPROVAL_LIMIT_CENTS = "10";
     currentLink = {
       paymentMethodId: "csmrpd_link_123",
@@ -196,7 +230,7 @@ describe("payment method initialization", () => {
       }) => Promise<string>;
     };
     await stripeConfig.createToken({
-      amount: "10",
+      amount: "25",
       currency: "usd",
       expiresAt: 1778290000,
       networkId: "profile_test",
@@ -204,7 +238,7 @@ describe("payment method initialization", () => {
 
     expect(mockCreateLinkSharedPaymentToken).toHaveBeenCalledWith(
       expect.objectContaining({
-        amount: "10000",
+        amount: "25",
       }),
     );
   });

package/src/core/config.ts

@@ -32,6 +32,24 @@ export interface PendingLinkSetup {
   createdAt: string;
 }
 
+export interface PendingLinkSpendRequest {
+  id: string;
+  approvalUrl?: string;
+  amount: string;
+  currency: string;
+  context: string;
+  expiresAt: number;
+  networkId: string;
+  paymentMethodId: string;
+  createdAt: string;
+}
+
+export interface LinkCooldown {
+  reason: string;
+  createdAt: string;
+  blockedUntil: string;
+}
+
 export interface SpendPolicy {
   maxPerTxUsd?: number;
   maxPerDayUsd?: number;
@@ -55,6 +73,8 @@ export interface Config {
   card: CardConfig | null;
   link: LinkConfig | null;
   pendingLinkSetup?: PendingLinkSetup | null;
+  pendingLinkSpendRequest?: PendingLinkSpendRequest | null;
+  linkCooldown?: LinkCooldown | null;
   pendingCardSetupToken?: string | null;
   favorites: string[];
   /** Require user confirmation before spending. Default: true. Set false for headless/automated use. */
@@ -113,6 +133,8 @@ interface LegacyConfig {
   card?: CardConfig | null;
   link?: LinkConfig | null;
   pendingLinkSetup?: PendingLinkSetup | null;
+  pendingLinkSpendRequest?: PendingLinkSpendRequest | null;
+  linkCooldown?: LinkCooldown | null;
   pendingCardSetupToken?: string | null;
   spendPolicies?: Record<string, SpendPolicy>;
   spendLedger?: SpendLedgerEntry[];
@@ -136,6 +158,8 @@ function migrateIfNeeded(raw: LegacyConfig): Config {
       card: raw.card ?? null,
       link: raw.link ?? null,
       pendingLinkSetup: raw.link ? null : (raw.pendingLinkSetup ?? null),
+      pendingLinkSpendRequest: raw.pendingLinkSpendRequest ?? null,
+      linkCooldown: raw.linkCooldown ?? null,
       pendingCardSetupToken: (r.pendingCardSetupToken as string | null | undefined) ?? null,
       favorites: r.favorites as string[] ?? [],
       confirmBeforeSpend: r.confirmBeforeSpend !== false,
@@ -214,6 +238,8 @@ function migrateIfNeeded(raw: LegacyConfig): Config {
     card,
     link: raw.link ?? null,
     pendingLinkSetup: raw.link ? null : (raw.pendingLinkSetup ?? null),
+    pendingLinkSpendRequest: raw.pendingLinkSpendRequest ?? null,
+    linkCooldown: raw.linkCooldown ?? null,
     pendingCardSetupToken: null,
     favorites: [],
     confirmBeforeSpend: true,
@@ -243,6 +269,8 @@ export function getConfig(): Config {
     card: null,
     link: null,
     pendingLinkSetup: null,
+    pendingLinkSpendRequest: null,
+    linkCooldown: null,
     pendingCardSetupToken: null,
     favorites: [],
     confirmBeforeSpend: true,
@@ -432,6 +460,22 @@ export function getPendingLinkSetup(): PendingLinkSetup | null {
   return getConfig().pendingLinkSetup ?? null;
 }
 
+export function getPendingLinkSpendRequest(): PendingLinkSpendRequest | null {
+  return getConfig().pendingLinkSpendRequest ?? null;
+}
+
+export function setPendingLinkSpendRequest(pendingLinkSpendRequest: PendingLinkSpendRequest | null): void {
+  saveConfig({ pendingLinkSpendRequest });
+}
+
+export function getLinkCooldown(): LinkCooldown | null {
+  return getConfig().linkCooldown ?? null;
+}
+
+export function setLinkCooldown(linkCooldown: LinkCooldown | null): void {
+  saveConfig({ linkCooldown });
+}
+
 /**
  * Save card configuration after setup.
  */
@@ -461,11 +505,13 @@ export function setLinkConfig(link: LinkConfig | null): void {
       link,
       defaultPaymentMethod: "link",
       pendingLinkSetup: null,
+      pendingLinkSpendRequest: null,
     });
   } else {
     saveConfig({
       link,
       pendingLinkSetup: null,
+      pendingLinkSpendRequest: null,
       defaultPaymentMethod: current.defaultPaymentMethod === "link"
         ? undefined
         : current.defaultPaymentMethod,

package/src/core/link-cli.ts

@@ -1,5 +1,11 @@
 import { execFile } from "node:child_process";
 import { promisify } from "node:util";
+import {
+  getPendingLinkSpendRequest,
+  setLinkCooldown,
+  setPendingLinkSpendRequest,
+  type PendingLinkSpendRequest,
+} from "./config.js";
 
 const execFileAsync = promisify(execFile);
 const LINK_CLI_PACKAGE = "@stripe/link-cli";
@@ -116,6 +122,40 @@ function extractSpendRequestApproval(output: unknown): { id: string; approvalUrl
   return null;
 }
 
+function isMatchingPendingSpendRequest(
+  pending: PendingLinkSpendRequest | null,
+  params: {
+    amount: string;
+    currency: string;
+    context: string;
+    expiresAt: number;
+    networkId: string;
+    paymentMethodId: string;
+  },
+): pending is PendingLinkSpendRequest {
+  if (!pending) return false;
+  if (pending.amount !== params.amount) return false;
+  if (pending.currency.toLowerCase() !== params.currency.toLowerCase()) return false;
+  if (pending.context !== params.context) return false;
+  if (pending.networkId !== params.networkId) return false;
+  if (pending.paymentMethodId !== params.paymentMethodId) return false;
+  if (pending.expiresAt <= Math.floor(Date.now() / 1000)) return false;
+  return true;
+}
+
+function isProjectedSpendCapError(message: string): boolean {
+  return /projected daily spend|projected spend|exceeds limit/i.test(message);
+}
+
+function recordLinkCooldown(reason: string): void {
+  const now = new Date();
+  setLinkCooldown({
+    reason,
+    createdAt: now.toISOString(),
+    blockedUntil: new Date(now.getTime() + 24 * 60 * 60 * 1000).toISOString(),
+  });
+}
+
 function normalizePaymentMethods(output: unknown): LinkCliPaymentMethod[] {
   const values = Array.isArray(output)
     ? output
@@ -215,6 +255,22 @@ export async function createLinkSharedPaymentToken(params: {
   networkId: string;
   paymentMethodId: string;
 }): Promise<string> {
+  const existing = getPendingLinkSpendRequest();
+  if (isMatchingPendingSpendRequest(existing, params)) {
+    try {
+      console.error(`Resuming pending Link approval: ${existing.id}`);
+      const spt = await retrieveSharedPaymentToken(existing.id, existing.approvalUrl);
+      setPendingLinkSpendRequest(null);
+      return spt;
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      if (!/denied|expired|not found|without a shared payment token|POLLING_TIMEOUT/i.test(message)) {
+        throw err;
+      }
+      setPendingLinkSpendRequest(null);
+    }
+  }
+
   const args = [
     "spend-request",
     "create",
@@ -242,6 +298,18 @@ export async function createLinkSharedPaymentToken(params: {
     output = await runLinkCli(args);
   } catch (err) {
     const message = err instanceof Error ? err.message : String(err);
+    if (isProjectedSpendCapError(message)) {
+      recordLinkCooldown(message);
+      throw new Error(
+        [
+          "Link is temporarily blocked by Stripe's projected-spend cap.",
+          "Reauthing Link or switching cards in the same Link account will not fix this.",
+          "Use USDC for now, wait for the rolling Link window to clear, or ask Stripe to raise/clear the merchant projected-spend cap.",
+          "",
+          message,
+        ].join("\n"),
+      );
+    }
     if (/invalid network_id|could not retrieve merchant information/i.test(message)) {
       throw new Error(
         [
@@ -256,45 +324,63 @@ export async function createLinkSharedPaymentToken(params: {
   }
   const spt = extractSharedPaymentToken(output);
   if (spt) {
+    setPendingLinkSpendRequest(null);
     return spt;
   }
 
   const approval = extractSpendRequestApproval(output);
   if (approval?.id && approval.status === "pending_approval") {
+    setPendingLinkSpendRequest({
+      id: approval.id,
+      approvalUrl: approval.approvalUrl,
+      amount: params.amount,
+      currency: params.currency,
+      context: params.context,
+      expiresAt: params.expiresAt,
+      networkId: params.networkId,
+      paymentMethodId: params.paymentMethodId,
+      createdAt: new Date().toISOString(),
+    });
     if (approval.approvalUrl) {
       console.error(`Link approval required: ${approval.approvalUrl}`);
     }
-    let retrieved = await runLinkCli([
-      "spend-request",
-      "retrieve",
-      approval.id,
-      "--interval",
-      "2",
-      "--max-attempts",
-      "150",
-    ]);
-    let retrievedSpt = extractSharedPaymentToken(retrieved);
-    for (let attempt = 0; !retrievedSpt && attempt < 30; attempt += 1) {
-      await sleep(2_000);
-      retrieved = await runLinkCli([
-        "spend-request",
-        "retrieve",
-        approval.id,
-      ]);
-      retrievedSpt = extractSharedPaymentToken(retrieved);
-    }
-    if (retrievedSpt) {
-      return retrievedSpt;
-    }
-    throw new Error(
-      [
-        "Link spend request finished without a shared payment token.",
-        approval.approvalUrl ? `Approval URL: ${approval.approvalUrl}` : undefined,
-      ].filter(Boolean).join("\n"),
-    );
+    const retrievedSpt = await retrieveSharedPaymentToken(approval.id, approval.approvalUrl);
+    setPendingLinkSpendRequest(null);
+    return retrievedSpt;
   }
 
   {
     throw new Error("Link spend request completed without a shared payment token in the CLI response.");
   }
 }
+
+async function retrieveSharedPaymentToken(spendRequestId: string, approvalUrl?: string): Promise<string> {
+  let retrieved = await runLinkCli([
+    "spend-request",
+    "retrieve",
+    spendRequestId,
+    "--interval",
+    "2",
+    "--max-attempts",
+    "150",
+  ]);
+  let retrievedSpt = extractSharedPaymentToken(retrieved);
+  for (let attempt = 0; !retrievedSpt && attempt < 30; attempt += 1) {
+    await sleep(2_000);
+    retrieved = await runLinkCli([
+      "spend-request",
+      "retrieve",
+      spendRequestId,
+    ]);
+    retrievedSpt = extractSharedPaymentToken(retrieved);
+  }
+  if (retrievedSpt) {
+    return retrievedSpt;
+  }
+  throw new Error(
+    [
+      "Link spend request finished without a shared payment token.",
+      approvalUrl ? `Approval URL: ${approvalUrl}` : undefined,
+    ].filter(Boolean).join("\n"),
+  );
+}

package/src/core/payments.ts

@@ -16,6 +16,7 @@ import {
   getDefaultWallet,
   getCardConfig,
   getLinkConfig,
+  getLinkCooldown,
   resolveWalletAndChain,
   getApiUrl,
   type WalletEntry,
@@ -41,8 +42,6 @@ const REGISTRY_METHOD_MAP: Record<string, string> = {
   link: "stripe_card",
 };
 
-const DEFAULT_LINK_APPROVAL_LIMIT_CENTS = 10_000;
-
 const ACCEPTED_PAYMENT_ALIASES: Record<string, string[]> = {
   tempo: ["tempo_usdc", "tempo"],
   base: ["base_usdc", "base"],
@@ -200,10 +199,25 @@ function formatMinorCurrencyAmount(currency: string, amount: string): string {
 function getLinkApprovalLimitAmount(actualAmount: string): string {
   const actualAmountCents = Number(actualAmount);
   const configuredLimit = Number(process.env.AGENTWONDERLAND_LINK_APPROVAL_LIMIT_CENTS);
-  const defaultLimit = Number.isFinite(configuredLimit) && configuredLimit > 0
-    ? Math.max(Math.floor(configuredLimit), DEFAULT_LINK_APPROVAL_LIMIT_CENTS)
-    : DEFAULT_LINK_APPROVAL_LIMIT_CENTS;
-  return String(Math.max(actualAmountCents, defaultLimit));
+  const approvalLimit = Number.isFinite(configuredLimit) && configuredLimit > 0
+    ? Math.max(actualAmountCents, Math.floor(configuredLimit))
+    : actualAmountCents;
+  return String(approvalLimit);
+}
+
+function assertLinkNotCoolingDown(): void {
+  const cooldown = getLinkCooldown();
+  if (!cooldown) return;
+  const blockedUntil = Date.parse(cooldown.blockedUntil);
+  if (!Number.isFinite(blockedUntil) || blockedUntil <= Date.now()) return;
+  throw new Error(
+    [
+      "Link is temporarily blocked by Stripe's projected-spend cap.",
+      "Reauthing Link or switching cards in the same Link account will not fix this.",
+      `Try again after ${cooldown.blockedUntil}, use USDC, or ask Stripe to raise/clear the merchant projected-spend cap.`,
+      `Last Link error: ${cooldown.reason}`,
+    ].join("\n"),
+  );
 }
 
 function buildLinkApprovalContext(params: {
@@ -239,6 +253,7 @@ async function initLink(): Promise<typeof fetch | null> {
           expiresAt: number;
           metadata?: Record<string, string>;
         }) => {
+          assertLinkNotCoolingDown();
           const approvalAmount = getLinkApprovalLimitAmount(params.amount);
           console.error(
             `Requesting Link approval up to ${formatMinorCurrencyAmount(params.currency, approvalAmount)} ` +

package/src/core/version.ts

@@ -1 +1 @@
-export const MCP_PACKAGE_VERSION = "0.1.49";
+export const MCP_PACKAGE_VERSION = "0.1.51";

package/src/tools/__tests__/wallet.test.ts

@@ -29,6 +29,12 @@ type PendingLinkSetup = {
   createdAt: string;
 } | null;
 
+type LinkCooldown = {
+  reason: string;
+  createdAt: string;
+  blockedUntil: string;
+} | null;
+
 type WalletToolResult = {
   content: Array<{ type: "text"; text: string }>;
 };
@@ -39,6 +45,7 @@ const state = vi.hoisted(() => ({
   card: null as CardConfig,
   link: null as LinkConfig,
   pendingLinkSetup: null as PendingLinkSetup,
+  linkCooldown: null as LinkCooldown,
   pendingCardSetupToken: null as string | null,
   spendPolicies: {} as Record<string, unknown>,
   defaultPaymentMethod: undefined as string | undefined,
@@ -93,6 +100,7 @@ vi.mock("../../core/config.js", () => ({
   },
   getCardConfig: () => state.card,
   getLinkConfig: () => state.link,
+  getLinkCooldown: () => state.linkCooldown,
   getPendingLinkSetup: () => state.pendingLinkSetup,
   getPendingCardSetupToken: () => state.pendingCardSetupToken,
   getSpendPolicy: (walletId: string) => state.spendPolicies[walletId] ?? null,
@@ -176,6 +184,7 @@ function resetState(): void {
   state.card = null;
   state.link = null;
   state.pendingLinkSetup = null;
+  state.linkCooldown = null;
   state.pendingCardSetupToken = null;
   state.spendPolicies = {};
   state.defaultPaymentMethod = undefined;

package/src/tools/wallet.ts

@@ -4,6 +4,7 @@ import {
   getWallets,
   getCardConfig,
   getLinkConfig,
+  getLinkCooldown,
   getPendingLinkSetup,
   setPendingLinkSetup,
   setLinkConfig,
@@ -157,6 +158,12 @@ export function registerWalletTools(server: McpServer): void {
         lines.push(auth.authenticated
           ? "  Link CLI: authenticated"
           : "  Link CLI: not authenticated — run npx @stripe/link-cli auth login");
+        const cooldown = getLinkCooldown();
+        const blockedUntil = cooldown ? Date.parse(cooldown.blockedUntil) : NaN;
+        if (cooldown && Number.isFinite(blockedUntil) && blockedUntil > Date.now()) {
+          lines.push(`  Link status: temporarily blocked by Stripe projected-spend cap until ${cooldown.blockedUntil}`);
+          lines.push("  Link note: reauthing or switching cards in the same Link account will not clear this cap.");
+        }
       }
 
       if (pendingCardSetupToken) {