@quackai/q402-mcp 0.3.11 → 0.3.12

package/README.md

@@ -100,7 +100,7 @@ The server has no client-specific code. If your client speaks stdio MCP, point i
 | `q402_quote` | none | Compare gas cost and supported tokens across chains. Read-only. |
 | `q402_balance` | API key | Verify the API key and report its plan tier + remaining quota credits (live vs sandbox). |
 | `q402_pay` | API key + private key + flag | Send a gasless payment to a single recipient. **Sandbox by default** — see [Sandbox vs live mode](#sandbox-vs-live-mode). |
-| `q402_batch_pay` | API key + private key + flag | Send a gasless payment to **multiple** recipients in one call on a single chain × token. Trial keys: 5 rows max. Paid keys: 20 rows max. **Supported chains: avax, bnb, eth, mantle, injective** (default EIP-7702 mode). xlayer + stable are NOT batchable — use `q402_pay` in a loop for those. Same sandbox gating as `q402_pay`. |
+| `q402_batch_pay` | API key + private key + flag | Send a gasless payment to **multiple** recipients in one call on a single chain × token. Trial keys: 5 rows max. Paid keys: 20 rows max. **Supported chains: avax, bnb, eth, mantle, injective** (default EIP-7702 mode). xlayer + stable are NOT batchable — use `q402_pay` in a loop for those. Same sandbox gating as `q402_pay`. **Rate-limit note:** the inner `/api/relay` budget (30/min per key) is consumed per row, so a paid 20-row batch leaves ~10 inner slots for the next minute. |
 | `q402_receipt` | none | Look up a Trust Receipt by `rct_…` id and locally verify its ECDSA signature against the relayer EOA. Returns the public settlement record + a `verified` boolean. *receiptId-only today; tx-hash lookup reserved for a future release.* |
 
 `q402_pay` and `q402_batch_pay` follow a "confirm in chat first" contract: the tool description instructs the model to never call it without explicit user approval of the recipient address(es), amount(s), chain, and token. For batch calls the user must approve the **full batch**, not the individual rows.

package/dist/index.js

@@ -449,11 +449,10 @@ var Q402NodeClient = class _Q402NodeClient {
    * Signature shape: `{ token, recipients }`. The previous revision took
    * `PayInput[]` (with token on each row), which read as if rows could
    * carry different tokens — but the request body only ships one token
-   * field, so the per-row token on rows 1..N was silently ignored.
-   * Codex audit P2: surface the constraint in the type so consumers
-   * can't accidentally build a "mixed-token batch" that quietly drops
-   * the second token. Same chain + same token across one batch, full
-   * stop.
+   * field, so the per-row token on rows 1..N was silently ignored. The
+   * new shape surfaces the constraint in the type so consumers can't
+   * accidentally build a "mixed-token batch" that quietly drops the
+   * second token. Same chain + same token across one batch, full stop.
    */
   async batchPay(input) {
     const { token, recipients: rows } = input;
@@ -551,6 +550,12 @@ var Q402NodeClient = class _Q402NodeClient {
         data.aborted ? `Batch aborted: recipient[0] failed (${data.results?.[0]?.error ?? "unknown"}). No transfers landed.` : data.totalFailed > 0 ? `Batch completed with ${data.totalFailed}/${data.results?.length ?? "?"} failed rows.` : data.error ?? `relay/batch failed (HTTP ${resp.status})`,
         {
           aborted: !!data.aborted,
+          // Preserve the server's scope/limit so the MCP tool surface can
+          // report the actual tier (trial vs paid) rather than guessing.
+          // Falls back to "paid" / row count only when the failure didn't
+          // come from the relay route (e.g. network-level error).
+          scope: data.scope ?? "paid",
+          limit: data.limit ?? signedRows.length,
           totalSuccess: data.totalSuccess ?? 0,
           totalFailed: data.totalFailed ?? signedRows.length,
           results: data.results ?? []
@@ -567,6 +572,8 @@ var Q402NodeClient = class _Q402NodeClient {
 };
 var BatchPayError = class extends Error {
   aborted;
+  scope;
+  limit;
   totalSuccess;
   totalFailed;
   results;
@@ -574,6 +581,8 @@ var BatchPayError = class extends Error {
     super(message);
     this.name = "BatchPayError";
     this.aborted = details.aborted;
+    this.scope = details.scope;
+    this.limit = details.limit;
     this.totalSuccess = details.totalSuccess;
     this.totalFailed = details.totalFailed;
     this.results = details.results;
@@ -802,6 +811,7 @@ async function runBatchPay(input) {
   } catch (err) {
     if (err instanceof BatchPayError) {
       guardsApplied.push("mode=live");
+      guardsApplied.push(`scope=${err.scope} (server enforced)`);
       guardsApplied.push(`batch_${err.aborted ? "aborted" : "partial_failure"}`);
       const status = err.aborted ? "aborted" : "partial_failure";
       return {
@@ -809,8 +819,8 @@ async function runBatchPay(input) {
         status,
         result: {
           ok: false,
-          scope: "paid",
-          limit: input.recipients.length,
+          scope: err.scope,
+          limit: err.limit,
           totalSuccess: err.totalSuccess,
           totalFailed: err.totalFailed,
           aborted: err.aborted,
@@ -1094,7 +1104,7 @@ var RECEIPT_TOOL = {
 
 // src/index.ts
 var PACKAGE_NAME = "@quackai/q402-mcp";
-var PACKAGE_VERSION = "0.3.11";
+var PACKAGE_VERSION = "0.3.12";
 function jsonText(value) {
   return { type: "text", text: JSON.stringify(value, null, 2) };
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@quackai/q402-mcp",
-  "version": "0.3.11",
+  "version": "0.3.12",
   "description": "MCP server for Q402 — gasless USDC, USDT, and RLUSD payments across 7 EVM chains, callable from Claude (Desktop / Code), OpenAI Codex CLI, and any other Model Context Protocol client.",
   "mcpName": "io.github.bitgett/q402-mcp",
   "keywords": [