npm - @true402.dev/mcp-server - Versions diffs - 0.3.0 → 0.5.0 - Mend

@true402.dev/mcp-server 0.3.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/index.js CHANGED Viewed

@@ -17,20 +17,29 @@ import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"
 import { registerModelsTool } from "./tools/models.js";
 import { registerChatTool } from "./tools/chat.js";
 import { registerStallTools } from "./tools/stalls.js";
+import { registerDiscoveredStalls } from "./tools/discover.js";
 const SERVER_URL = process.env.SERVER_URL ?? "https://true402.dev/api";
 const WALLET_PRIVATE_KEY = process.env.WALLET_PRIVATE_KEY;
 const server = new McpServer({
     name: "true402",
-    version: "0.3.0",
+    version: "0.5.0",
 });
-// Register tools
-registerModelsTool(server, SERVER_URL);
-registerChatTool(server, SERVER_URL, WALLET_PRIVATE_KEY);
-// Non-LLM paid stalls: seo_audit, web_extract, link_preview, robots_check,
-// headers_check, token_safety (all x402-gated, USDC on Base).
-registerStallTools(server, SERVER_URL, WALLET_PRIVATE_KEY);
 // Start server with stdio transport
 async function main() {
+    // Always-present built-in tools (LLM router — chat uses a $ref body + streaming, so it stays
+    // hand-written rather than discovered).
+    registerModelsTool(server, SERVER_URL);
+    registerChatTool(server, SERVER_URL, WALLET_PRIVATE_KEY);
+    // Paid stalls: ASK THE SERVER. Fetch its OpenAPI spec and register an MCP tool for every paid
+    // POST endpoint (x-payment-info), so a new marketplace stall surfaces automatically with no MCP
+    // release. Falls back to the built-in stall list only if the server is unreachable at startup.
+    const discovered = await registerDiscoveredStalls(server, SERVER_URL, WALLET_PRIVATE_KEY);
+    if (discovered) {
+        console.error(`true402 MCP: discovered ${discovered.length} paid stalls from ${SERVER_URL} (${discovered.join(", ")})`);
+    }
+    else {
+        registerStallTools(server, SERVER_URL, WALLET_PRIVATE_KEY);
+    }
     const transport = new StdioServerTransport();
     await server.connect(transport);
 }

package/dist/tools/discover.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+/**
+ * Fetch `${baseUrl}/openapi.json` and register an MCP tool for each paid POST stall.
+ * Returns the registered tool names, or null if discovery failed (caller should fall back).
+ */
+export declare function registerDiscoveredStalls(server: McpServer, baseUrl: string, walletPrivateKey: string | undefined): Promise<string[] | null>;

package/dist/tools/discover.js ADDED Viewed

@@ -0,0 +1,93 @@
+import { z } from "zod";
+import { registerStall } from "./stalls.js";
+/** Map one JSON-Schema property to a zod validator (covers the property kinds the stalls use). */
+function toZod(prop) {
+    let base;
+    if (Array.isArray(prop.enum) && prop.enum.length > 0) {
+        base = z.enum(prop.enum.map(String));
+    }
+    else if (prop.type === "number" || prop.type === "integer") {
+        base = z.number();
+    }
+    else if (prop.type === "boolean") {
+        base = z.boolean();
+    }
+    else {
+        base = z.string();
+    }
+    return prop.description ? base.describe(prop.description) : base;
+}
+/** Build a zod raw shape from a request-body JSON Schema's `properties` + `required`. */
+function bodyToShape(schema) {
+    const shape = {};
+    const required = new Set(schema?.required ?? []);
+    for (const [key, prop] of Object.entries(schema?.properties ?? {})) {
+        const v = toZod(prop);
+        shape[key] = required.has(key) ? v : v.optional();
+    }
+    return shape;
+}
+/**
+ * Fetch `${baseUrl}/openapi.json` and register an MCP tool for each paid POST stall.
+ * Returns the registered tool names, or null if discovery failed (caller should fall back).
+ */
+export async function registerDiscoveredStalls(server, baseUrl, walletPrivateKey) {
+    let spec;
+    try {
+        const controller = new AbortController();
+        const timer = setTimeout(() => controller.abort(), 10_000);
+        const res = await fetch(`${baseUrl}/openapi.json`, {
+            headers: { accept: "application/json" },
+            signal: controller.signal,
+        });
+        clearTimeout(timer);
+        if (!res.ok)
+            throw new Error(`HTTP ${res.status}`);
+        spec = (await res.json());
+    }
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        console.error(`true402 MCP: stall discovery from ${baseUrl}/openapi.json failed (${msg}); using built-in stall list`);
+        return null;
+    }
+    // OpenAPI path keys carry the base path (e.g. /api/v1/x); strip it so the tool path is relative
+    // to baseUrl (which already includes /api), matching how payAndFetch joins baseUrl + path.
+    let basePath = "";
+    try {
+        basePath = new URL(baseUrl).pathname.replace(/\/+$/, "");
+    }
+    catch {
+        /* baseUrl is relative — keys are already root-relative */
+    }
+    const registered = [];
+    for (const [key, ops] of Object.entries(spec.paths ?? {})) {
+        const op = ops.post;
+        if (!op || op["x-payment-info"] === undefined)
+            continue; // paid stalls only
+        if (key.endsWith("/chat/completions"))
+            continue; // chat is special-cased (hardcoded)
+        const rel = basePath && key.startsWith(basePath) ? key.slice(basePath.length) : key;
+        const toolName = (rel.replace(/\/+$/, "").split("/").pop() ?? "").replace(/-/g, "_");
+        if (!toolName)
+            continue;
+        const bodySchema = op.requestBody?.content?.["application/json"]?.schema;
+        const description = (op.description ?? op.summary ?? `Paid x402 stall ${rel}`) +
+            " (PAID x402 service — USDC on Base; the MCP server needs a funded wallet to settle.)";
+        registerStall(server, baseUrl, walletPrivateKey, {
+            toolName,
+            path: rel,
+            description,
+            inputSchema: bodyToShape(bodySchema),
+            // The discovered zod shape already mirrors the body, so pass validated args straight through.
+            buildBody: (args) => {
+                const body = {};
+                for (const [k, v] of Object.entries(args ?? {}))
+                    if (v !== undefined)
+                        body[k] = v;
+                return body;
+            },
+        });
+        registered.push(toolName);
+    }
+    return registered;
+}

package/dist/tools/stalls.d.ts CHANGED Viewed

@@ -1,6 +1,40 @@
 import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import type { ZodRawShapeCompat, ShapeOutput } from "@modelcontextprotocol/sdk/server/zod-compat.js";
 /**
- * Register all six non-LLM paid stalls (seo_audit, web_extract, link_preview,
- * robots_check, headers_check, token_safety) on the given MCP server.
+ * Paid, non-LLM stalls exposed by the true402 marketplace.
+ *
+ * Each of these is an x402-gated POST endpoint that takes a small JSON body and
+ * returns a structured JSON report. They are all PAID services (USDC on Base):
+ * the MCP server must have a funded wallet (WALLET_PRIVATE_KEY) configured for
+ * the calls to settle. With no wallet, the tools surface the 402 payment
+ * requirements instead of crashing.
+ */
+/**
+ * A generic paid stall: an MCP tool that POSTs a body to an x402-gated path and
+ * returns the parsed JSON report. The input type is inferred from the zod raw
+ * shape `Schema`, and the body is built from the validated tool args via
+ * `buildBody`.
+ */
+export interface StallSpec<Schema extends ZodRawShapeCompat> {
+    /** MCP tool name (e.g. "seo_audit"). */
+    toolName: string;
+    /** Server-side endpoint path (e.g. "/v1/seo-audit"). */
+    path: string;
+    /** Agent-facing description. Should make clear this is a PAID x402 service. */
+    description: string;
+    /** Zod raw shape (plain object of validators) describing the tool inputs. */
+    inputSchema: Schema;
+    /** Map validated args to the JSON request body sent to the endpoint. */
+    buildBody: (args: ShapeOutput<Schema>) => Record<string, unknown>;
+}
+/**
+ * Register a single paid stall as an MCP tool. The handler runs the shared
+ * x402 pay-and-retry flow and maps the result into the MCP content shape.
+ */
+export declare function registerStall<Schema extends ZodRawShapeCompat>(server: McpServer, baseUrl: string, walletPrivateKey: string | undefined, spec: StallSpec<Schema>): void;
+/**
+ * Register all nine non-LLM paid stalls on the given MCP server: the web utilities
+ * (seo_audit, web_extract, link_preview, robots_check, headers_check) and the Base
+ * on-chain trading signals (token_safety, new_pairs, liquidity_pulls, whale_swaps).
  */
 export declare function registerStallTools(server: McpServer, baseUrl: string, walletPrivateKey: string | undefined): void;

package/dist/tools/stalls.js CHANGED Viewed

@@ -4,7 +4,7 @@ import { payAndFetch } from "../x402-pay.js";
  * Register a single paid stall as an MCP tool. The handler runs the shared
  * x402 pay-and-retry flow and maps the result into the MCP content shape.
  */
-function registerStall(server, baseUrl, walletPrivateKey, spec) {
+export function registerStall(server, baseUrl, walletPrivateKey, spec) {
     const handler = async (args) => {
         const body = spec.buildBody(args);
         const result = await payAndFetch(baseUrl, spec.path, body, walletPrivateKey);
@@ -31,8 +31,9 @@ const urlField = z
     .url()
     .describe("Absolute http(s) URL of the page to process");
 /**
- * Register all six non-LLM paid stalls (seo_audit, web_extract, link_preview,
- * robots_check, headers_check, token_safety) on the given MCP server.
+ * Register all nine non-LLM paid stalls on the given MCP server: the web utilities
+ * (seo_audit, web_extract, link_preview, robots_check, headers_check) and the Base
+ * on-chain trading signals (token_safety, new_pairs, liquidity_pulls, whale_swaps).
  */
 export function registerStallTools(server, baseUrl, walletPrivateKey) {
     // 1. SEO + GEO audit.
@@ -131,4 +132,91 @@ export function registerStallTools(server, baseUrl, walletPrivateKey) {
             return body;
         },
     });
+    // 7. New token / new pair detection — recently-created Base DEX pairs.
+    registerStall(server, baseUrl, walletPrivateKey, {
+        toolName: "new_pairs",
+        path: "/v1/base/new-pairs",
+        description: "Recently-created Base DEX pairs (Uniswap V3 + Aerodrome) — fresh token launches for " +
+            "trading/sniper agents. Returns each new token, its quote (WETH/USDC), pool, fee|stable, " +
+            "block and approx age, newest first. Bundle with token_safety for a pre-trade rug/honeypot " +
+            "check. On-chain log indexing, no API key. PAID x402 service (USDC on Base) — needs a funded " +
+            "wallet on the MCP server.",
+        inputSchema: {
+            since: z.number().int().nonnegative().optional().describe("Only pairs first seen at or after this block"),
+            limit: z.number().int().min(1).max(200).optional().describe("Max pairs to return (1–200, default 50)"),
+            dex: z.enum(["uniswap-v3", "aerodrome"]).optional().describe("Filter by DEX"),
+            withToken: z.boolean().optional().describe("Only token launches (vs all pools); default true"),
+        },
+        buildBody: ({ since, limit, dex, withToken }) => {
+            const body = {};
+            if (since !== undefined)
+                body.since = since;
+            if (limit !== undefined)
+                body.limit = limit;
+            if (dex !== undefined)
+                body.dex = dex;
+            if (withToken !== undefined)
+                body.withToken = withToken;
+            return body;
+        },
+    });
+    // 8. Liquidity-pull / rug alerts — liquidity-removal (Burn) events on tracked Base pools.
+    registerStall(server, baseUrl, walletPrivateKey, {
+        toolName: "liquidity_pulls",
+        path: "/v1/base/liquidity-pulls",
+        description: "Liquidity-pull / rug alerts on Base — liquidity-removal (Burn) events on recently-launched " +
+            "DEX pools (Uniswap V3 + Aerodrome). Returns the pool, token, and WETH/USDC amount removed " +
+            "(the rug magnitude), newest first — an early rug warning. Cross-check the token with " +
+            "token_safety. On-chain log indexing, no API key. PAID x402 service (USDC on Base) — needs a " +
+            "funded wallet on the MCP server.",
+        inputSchema: {
+            since: z.number().int().nonnegative().optional().describe("Only pulls first seen at or after this block"),
+            limit: z.number().int().min(1).max(200).optional().describe("Max pulls to return (1–200, default 50)"),
+            dex: z.enum(["uniswap-v3", "aerodrome"]).optional().describe("Filter by DEX"),
+            minQuote: z.number().nonnegative().optional().describe("Only removals of at least this much WETH/USDC"),
+        },
+        buildBody: ({ since, limit, dex, minQuote }) => {
+            const body = {};
+            if (since !== undefined)
+                body.since = since;
+            if (limit !== undefined)
+                body.limit = limit;
+            if (dex !== undefined)
+                body.dex = dex;
+            if (minQuote !== undefined)
+                body.minQuote = minQuote;
+            return body;
+        },
+    });
+    // 9. Whale swaps — large ($-value) Base DEX Swap events (whale-follow / copy-trade signal).
+    registerStall(server, baseUrl, walletPrivateKey, {
+        toolName: "whale_swaps",
+        path: "/v1/base/whale-swaps",
+        description: "Recent large ($-value) Base DEX Swap events (whale trades) on tracked pools — a " +
+            "whale-following / copy-trade signal. Returns the pool, dex, token, quote (WETH/USDC), USD " +
+            "size, direction (buy/sell of the non-quote token), block and approx age, newest first. " +
+            "On-chain log indexing, no API key. PAID x402 service (USDC on Base) — needs a funded wallet " +
+            "on the MCP server.",
+        inputSchema: {
+            min: z.number().nonnegative().optional().describe("Only swaps of at least this USD size (default 10000)"),
+            dex: z.enum(["uniswap-v3", "aerodrome"]).optional().describe("Filter by DEX"),
+            since: z.number().int().nonnegative().optional().describe("Only swaps at or after this block"),
+            limit: z.number().int().min(1).max(200).optional().describe("Max swaps to return (1–200, default 50)"),
+            direction: z.enum(["buy", "sell"]).optional().describe("Filter by trade direction (of the non-quote token)"),
+        },
+        buildBody: ({ min, dex, since, limit, direction }) => {
+            const body = {};
+            if (min !== undefined)
+                body.min = min;
+            if (dex !== undefined)
+                body.dex = dex;
+            if (since !== undefined)
+                body.since = since;
+            if (limit !== undefined)
+                body.limit = limit;
+            if (direction !== undefined)
+                body.direction = direction;
+            return body;
+        },
+    });
 }

package/package.json CHANGED Viewed

@@ -1,8 +1,8 @@
 {
   "name": "@true402.dev/mcp-server",
-  "version": "0.3.0",
+  "version": "0.5.0",
   "mcpName": "dev.true402/mcp-server",
-  "description": "MCP server for the true402 machine-native marketplace — pay-per-call AI + web tools over x402 (USDC on Base): LLM inference, SEO/GEO audit, web extract, link preview, robots/AI-crawler check, security headers, on-chain token safety (rug/honeypot check).",
+  "description": "MCP server for the true402 machine-native marketplace — pay-per-call AI + web + Base on-chain tools over x402 (USDC on Base): LLM inference, SEO/GEO audit, web extract, link preview, robots/AI-crawler check, security headers, and on-chain DeFi trading signals (token rug/honeypot safety, new token pairs, liquidity-pull/rug alerts, whale swaps).",
   "type": "module",
   "main": "dist/index.js",
   "bin": {
@@ -31,7 +31,12 @@
     "seo",
     "geo",
     "web-scraping",
-    "tools"
+    "tools",
+    "defi",
+    "trading",
+    "onchain",
+    "rug-check",
+    "honeypot"
   ],
   "homepage": "https://true402.dev",
   "license": "MIT",