@x402scan/mcp 0.0.1

package/dist/server-CD4OSIVL.js

@@ -0,0 +1,1109 @@
+import {
+  getUSDCBalance,
+  tokenStringToNumber
+} from "./chunk-KD3GRRAV.js";
+import {
+  DEFAULT_NETWORK,
+  getChainName,
+  getDepositLink,
+  getWallet,
+  log,
+  openDepositLink,
+  requestSchema,
+  requestWithHeadersSchema
+} from "./chunk-FFXFOKKF.js";
+
+// src/server/index.ts
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+
+// src/server/tools/fetch-x402-resource.ts
+import { x402Client, x402HTTPClient } from "@x402/core/client";
+import { ExactEvmScheme } from "@x402/evm/exact/client";
+import { wrapFetchWithPayment } from "@x402/fetch";
+
+// src/server/lib/response.ts
+var mcpSuccess = (data) => {
+  return {
+    content: [{ type: "text", text: JSON.stringify(data, null, 2) }]
+  };
+};
+var mcpError = (error, context) => {
+  const message = error instanceof Error ? error.message : typeof error === "string" ? error : String(error);
+  const details = error instanceof Error && error.cause ? { cause: JSON.stringify(error.cause) } : void 0;
+  return {
+    content: [
+      {
+        type: "text",
+        text: JSON.stringify(
+          {
+            error: message,
+            ...details && { details },
+            ...context && { context }
+          },
+          null,
+          2
+        )
+      }
+    ],
+    isError: true
+  };
+};
+
+// src/server/lib/check-balance.ts
+var checkBalance = async ({
+  server,
+  address,
+  amountNeeded,
+  message,
+  flags
+}) => {
+  const balance = await getUSDCBalance({
+    address
+  });
+  if (balance < amountNeeded) {
+    const capabilities = server.server.getClientCapabilities();
+    if (!capabilities?.elicitation) {
+      throw new Error(
+        `${message(balance)}
+
+You can deposit USDC at ${getDepositLink(address, flags)}`
+      );
+    }
+    const result = await server.server.elicitInput({
+      mode: "form",
+      message: message(balance),
+      requestedSchema: {
+        type: "object",
+        properties: {}
+      }
+    });
+    if (result.action === "accept") {
+      await openDepositLink(address, flags);
+    }
+  }
+  return balance;
+};
+
+// src/server/tools/fetch-x402-resource.ts
+var registerFetchX402ResourceTool = ({
+  server,
+  account,
+  flags
+}) => {
+  server.registerTool(
+    "fetch",
+    {
+      description: "Fetches an x402-protected resource and handles payment automatically. If the resource is not x402-protected, it will return the raw response.",
+      inputSchema: requestWithHeadersSchema
+    },
+    async ({ url, method, body, headers }) => {
+      const coreClient = x402Client.fromConfig({
+        schemes: [
+          { network: DEFAULT_NETWORK, client: new ExactEvmScheme(account) }
+        ]
+      });
+      let state = "initial_request" /* INITIAL_REQUEST */;
+      coreClient.onBeforePaymentCreation(async ({ selectedRequirements }) => {
+        const amount = tokenStringToNumber(selectedRequirements.amount);
+        await checkBalance({
+          server,
+          address: account.address,
+          amountNeeded: amount,
+          message: (balance) => `This request costs ${amount} USDC. Your current balance is ${balance} USDC.`,
+          flags
+        });
+        state = "payment_required" /* PAYMENT_REQUIRED */;
+      });
+      coreClient.onAfterPaymentCreation(async (ctx) => {
+        state = "payment_created" /* PAYMENT_CREATED */;
+        log.info("After payment creation", ctx);
+        return Promise.resolve();
+      });
+      coreClient.onPaymentCreationFailure(async (ctx) => {
+        state = "payment_failed" /* PAYMENT_FAILED */;
+        log.info("Payment creation failure", ctx);
+        return Promise.resolve();
+      });
+      const client = new x402HTTPClient(coreClient);
+      const fetchWithPay = wrapFetchWithPayment(fetch, client);
+      try {
+        const response = await fetchWithPay(url, {
+          method,
+          body: body ? JSON.stringify(body) : void 0,
+          headers: {
+            ...body ? { "Content-Type": "application/json" } : {},
+            ...headers
+          }
+        });
+        if (!response.ok) {
+          const errorData = await response.text();
+          const errorResponse = {
+            data: errorData,
+            statusCode: response.status,
+            state
+          };
+          if (response.status === 402) {
+            return mcpError("Payment required", errorResponse);
+          }
+          return mcpError(
+            response.statusText ?? "Request failed",
+            errorResponse
+          );
+        }
+        const getSettlement = () => {
+          try {
+            return client.getPaymentSettleResponse(
+              (name) => response.headers.get(name)
+            );
+          } catch {
+            return void 0;
+          }
+        };
+        const settlement = getSettlement();
+        return mcpSuccess({
+          data: await response.text().catch(() => void 0),
+          payment: settlement
+        });
+      } catch (err) {
+        return mcpError(err, { state });
+      }
+    }
+  );
+};
+
+// src/server/tools/auth.ts
+import { x402Client as x402Client2, x402HTTPClient as x402HTTPClient2 } from "@x402/core/client";
+
+// src/server/lib/x402/protocol.ts
+function isV1Response(pr) {
+  if (!pr || typeof pr !== "object") return false;
+  const obj = pr;
+  if (obj.x402Version === 1) return true;
+  const accepts = obj.accepts;
+  if (Array.isArray(accepts) && accepts.length > 0) {
+    return "maxAmountRequired" in accepts[0];
+  }
+  return false;
+}
+function normalizeV1Requirement(req) {
+  if (!req.maxAmountRequired) {
+    throw new Error("v1 requirement missing maxAmountRequired field");
+  }
+  return {
+    scheme: req.scheme,
+    network: req.network,
+    amount: req.maxAmountRequired,
+    asset: req.asset,
+    payTo: req.payTo,
+    maxTimeoutSeconds: req.maxTimeoutSeconds,
+    extra: req.extra,
+    resource: req.resource,
+    description: req.description,
+    mimeType: req.mimeType
+  };
+}
+function normalizeV2Requirement(req) {
+  if (!req.amount) {
+    throw new Error("v2 requirement missing amount field");
+  }
+  return {
+    scheme: req.scheme,
+    network: req.network,
+    amount: req.amount,
+    asset: req.asset,
+    payTo: req.payTo,
+    maxTimeoutSeconds: req.maxTimeoutSeconds,
+    extra: req.extra
+  };
+}
+function normalizePaymentRequired(pr) {
+  const version = pr.x402Version ?? 1;
+  if (isV1Response(pr)) {
+    const v1 = pr;
+    return {
+      x402Version: 1,
+      error: v1.error,
+      accepts: v1.accepts.map(normalizeV1Requirement)
+    };
+  }
+  const v2 = pr;
+  return {
+    x402Version: version,
+    error: v2.error,
+    accepts: v2.accepts.map(normalizeV2Requirement),
+    resource: v2.resource,
+    extensions: v2.extensions
+  };
+}
+
+// src/server/vendor/sign-in-with-x/solana.ts
+import { base58 } from "@scure/base";
+import nacl from "tweetnacl";
+function extractSolanaChainReference(chainId) {
+  const [, reference] = chainId.split(":");
+  return reference;
+}
+function formatSIWSMessage(info, address) {
+  const lines = [
+    `${info.domain} wants you to sign in with your Solana account:`,
+    address,
+    ""
+  ];
+  if (info.statement) {
+    lines.push(info.statement, "");
+  }
+  lines.push(
+    `URI: ${info.uri}`,
+    `Version: ${info.version}`,
+    `Chain ID: ${extractSolanaChainReference(info.chainId)}`,
+    `Nonce: ${info.nonce}`,
+    `Issued At: ${info.issuedAt}`
+  );
+  if (info.expirationTime) {
+    lines.push(`Expiration Time: ${info.expirationTime}`);
+  }
+  if (info.notBefore) {
+    lines.push(`Not Before: ${info.notBefore}`);
+  }
+  if (info.requestId) {
+    lines.push(`Request ID: ${info.requestId}`);
+  }
+  if (info.resources && info.resources.length > 0) {
+    lines.push("Resources:");
+    for (const resource of info.resources) {
+      lines.push(`- ${resource}`);
+    }
+  }
+  return lines.join("\n");
+}
+function encodeBase58(bytes) {
+  return base58.encode(bytes);
+}
+
+// src/server/vendor/sign-in-with-x/sign.ts
+function getEVMAddress(signer) {
+  if (signer.account?.address) {
+    return signer.account.address;
+  }
+  if (signer.address) {
+    return signer.address;
+  }
+  throw new Error("EVM signer missing address");
+}
+function getSolanaAddress(signer) {
+  const pk = signer.publicKey;
+  return typeof pk === "string" ? pk : pk.toBase58();
+}
+async function signEVMMessage(message, signer) {
+  if (signer.account) {
+    return signer.signMessage({ message, account: signer.account });
+  }
+  return signer.signMessage({ message });
+}
+async function signSolanaMessage(message, signer) {
+  const messageBytes = new TextEncoder().encode(message);
+  const signatureBytes = await signer.signMessage(messageBytes);
+  return encodeBase58(signatureBytes);
+}
+
+// src/server/vendor/sign-in-with-x/evm.ts
+import { verifyMessage } from "viem";
+import { SiweMessage } from "siwe";
+function extractEVMChainId(chainId) {
+  const match = /^eip155:(\d+)$/.exec(chainId);
+  if (!match) {
+    throw new Error(
+      `Invalid EVM chainId format: ${chainId}. Expected eip155:<number>`
+    );
+  }
+  return parseInt(match[1], 10);
+}
+function formatSIWEMessage(info, address) {
+  const numericChainId = extractEVMChainId(info.chainId);
+  const siweMessage = new SiweMessage({
+    domain: info.domain,
+    address,
+    statement: info.statement,
+    uri: info.uri,
+    version: info.version,
+    chainId: numericChainId,
+    nonce: info.nonce,
+    issuedAt: info.issuedAt,
+    expirationTime: info.expirationTime,
+    notBefore: info.notBefore,
+    requestId: info.requestId,
+    resources: info.resources
+  });
+  return siweMessage.prepareMessage();
+}
+
+// src/server/vendor/sign-in-with-x/message.ts
+function createSIWxMessage(serverInfo, address) {
+  if (serverInfo.chainId.startsWith("eip155:")) {
+    return formatSIWEMessage(serverInfo, address);
+  }
+  if (serverInfo.chainId.startsWith("solana:")) {
+    return formatSIWSMessage(serverInfo, address);
+  }
+  throw new Error(
+    `Unsupported chain namespace: ${serverInfo.chainId}. Supported: eip155:* (EVM), solana:* (Solana)`
+  );
+}
+
+// src/server/vendor/sign-in-with-x/client.ts
+async function createSIWxPayload(serverExtension, signer) {
+  const isSolana = serverExtension.chainId.startsWith("solana:");
+  const address = isSolana ? getSolanaAddress(signer) : getEVMAddress(signer);
+  const message = createSIWxMessage(serverExtension, address);
+  const signature = isSolana ? await signSolanaMessage(message, signer) : await signEVMMessage(message, signer);
+  return {
+    domain: serverExtension.domain,
+    address,
+    statement: serverExtension.statement,
+    uri: serverExtension.uri,
+    version: serverExtension.version,
+    chainId: serverExtension.chainId,
+    type: serverExtension.type,
+    nonce: serverExtension.nonce,
+    issuedAt: serverExtension.issuedAt,
+    expirationTime: serverExtension.expirationTime,
+    notBefore: serverExtension.notBefore,
+    requestId: serverExtension.requestId,
+    resources: serverExtension.resources,
+    signatureScheme: serverExtension.signatureScheme,
+    signature
+  };
+}
+
+// src/server/vendor/sign-in-with-x/encode.ts
+import { safeBase64Encode } from "@x402/core/utils";
+function encodeSIWxHeader(payload) {
+  return safeBase64Encode(JSON.stringify(payload));
+}
+
+// src/server/tools/auth.ts
+var registerAuthTools = ({ server, account }) => {
+  server.registerTool(
+    "authed_call",
+    {
+      description: "Make a request to a SIWX-protected endpoint. Handles auth flow automatically: detects SIWX requirement from 402 response, signs proof with server-provided challenge, retries.",
+      inputSchema: requestWithHeadersSchema
+    },
+    async ({ url, method, body, headers }) => {
+      try {
+        const httpClient = new x402HTTPClient2(new x402Client2());
+        const firstResponse = await fetch(url, {
+          method,
+          headers: {
+            "Content-Type": "application/json",
+            ...headers
+          },
+          body: body ? JSON.stringify(body) : void 0
+        });
+        if (firstResponse.status !== 402) {
+          const responseHeaders2 = Object.fromEntries(
+            firstResponse.headers.entries()
+          );
+          if (firstResponse.ok) {
+            let data2;
+            const contentType2 = firstResponse.headers.get("content-type");
+            if (contentType2?.includes("application/json")) {
+              data2 = await firstResponse.json();
+            } else {
+              data2 = await firstResponse.text();
+            }
+            return mcpSuccess({
+              statusCode: firstResponse.status,
+              headers: responseHeaders2,
+              data: data2
+            });
+          }
+          let errorBody;
+          try {
+            errorBody = await firstResponse.json();
+          } catch {
+            errorBody = await firstResponse.text();
+          }
+          return mcpError(`HTTP ${firstResponse.status}`, {
+            statusCode: firstResponse.status,
+            headers: responseHeaders2,
+            body: errorBody
+          });
+        }
+        let rawBody;
+        try {
+          rawBody = await firstResponse.clone().json();
+        } catch {
+          rawBody = void 0;
+        }
+        const rawPaymentRequired = httpClient.getPaymentRequiredResponse(
+          (name) => firstResponse.headers.get(name),
+          rawBody
+        );
+        const paymentRequired = normalizePaymentRequired(rawPaymentRequired);
+        const siwxExtension = paymentRequired.extensions?.["sign-in-with-x"];
+        if (!siwxExtension?.info) {
+          return mcpError(
+            "Endpoint returned 402 but no sign-in-with-x extension found",
+            {
+              statusCode: 402,
+              x402Version: paymentRequired.x402Version,
+              extensions: Object.keys(paymentRequired.extensions ?? {}),
+              hint: "This endpoint may require payment instead of authentication. Use execute_call for paid requests."
+            }
+          );
+        }
+        const serverInfo = siwxExtension.info;
+        const requiredFields = [
+          "domain",
+          "uri",
+          "version",
+          "chainId",
+          "nonce",
+          "issuedAt"
+        ];
+        const missingFields = requiredFields.filter(
+          (f) => !serverInfo[f]
+        );
+        if (missingFields.length > 0) {
+          return mcpError(
+            "Invalid sign-in-with-x extension: missing required fields",
+            {
+              missingFields,
+              receivedInfo: serverInfo
+            }
+          );
+        }
+        if (serverInfo.chainId.startsWith("solana:")) {
+          return mcpError("Solana authentication not supported", {
+            chainId: serverInfo.chainId,
+            hint: "This endpoint requires a Solana wallet. The MCP server currently only supports EVM wallets."
+          });
+        }
+        const payload = await createSIWxPayload(serverInfo, account);
+        const siwxHeader = encodeSIWxHeader(payload);
+        const authedResponse = await fetch(url, {
+          method,
+          headers: {
+            "Content-Type": "application/json",
+            "SIGN-IN-WITH-X": siwxHeader,
+            ...headers
+          },
+          body: body ? JSON.stringify(body) : void 0
+        });
+        const responseHeaders = Object.fromEntries(
+          authedResponse.headers.entries()
+        );
+        if (!authedResponse.ok) {
+          let errorBody;
+          try {
+            errorBody = await authedResponse.json();
+          } catch {
+            errorBody = await authedResponse.text();
+          }
+          return mcpError(
+            `HTTP ${authedResponse.status} after authentication`,
+            {
+              statusCode: authedResponse.status,
+              headers: responseHeaders,
+              body: errorBody,
+              authAddress: account.address
+            }
+          );
+        }
+        let data;
+        const contentType = authedResponse.headers.get("content-type");
+        if (contentType?.includes("application/json")) {
+          data = await authedResponse.json();
+        } else {
+          data = await authedResponse.text();
+        }
+        return mcpSuccess({
+          statusCode: authedResponse.status,
+          headers: responseHeaders,
+          data,
+          authentication: {
+            address: account.address,
+            domain: serverInfo.domain,
+            chainId: serverInfo.chainId
+          }
+        });
+      } catch (err) {
+        return mcpError(err, { tool: "authed_call", url });
+      }
+    }
+  );
+};
+
+// src/server/tools/wallet.ts
+var registerWalletTools = ({
+  server,
+  account: { address }
+}) => {
+  server.registerTool(
+    "check_balance",
+    {
+      description: "Check wallet address and USDC balance. Creates wallet if needed."
+    },
+    async () => {
+      const balance = await getUSDCBalance({
+        address
+      });
+      return mcpSuccess({
+        address,
+        network: DEFAULT_NETWORK,
+        networkName: getChainName(DEFAULT_NETWORK),
+        usdcBalance: balance,
+        balanceFormatted: balance.toString(),
+        isNewWallet: balance === 0
+      });
+    }
+  );
+  server.registerTool(
+    "get_wallet_address",
+    {
+      description: "Get the wallet address."
+    },
+    () => mcpSuccess({ address })
+  );
+};
+
+// src/server/tools/check-endpoint-schema.ts
+import { x402Client as x402Client3, x402HTTPClient as x402HTTPClient3 } from "@x402/core/client";
+
+// src/server/lib/x402/get-route-details.ts
+var getRouteDetails = (paymentRequired) => {
+  const { accepts, extensions, resource } = paymentRequired;
+  return {
+    ...resource,
+    schema: getSchema(extensions),
+    paymentMethods: accepts.map((accept) => ({
+      price: tokenStringToNumber(accept.amount),
+      network: accept.network,
+      asset: accept.asset
+    }))
+  };
+};
+var getSchema = (extensions) => {
+  const { bazaar } = extensions ?? {};
+  if (!bazaar) {
+    return void 0;
+  }
+  const { schema } = bazaar;
+  return schema.properties.input;
+};
+
+// src/server/tools/check-endpoint-schema.ts
+var registerCheckX402EndpointTool = ({ server }) => {
+  server.registerTool(
+    "check_x402_endpoint",
+    {
+      description: "Check if an endpoint is x402-protected and get pricing options, schema, and auth requirements (if applicable).",
+      inputSchema: requestSchema
+    },
+    async ({ url, method, body }) => {
+      try {
+        log.info("Querying endpoint", { url, method, body });
+        const response = await fetch(url, {
+          method,
+          body: body ? typeof body === "string" ? body : JSON.stringify(body) : void 0,
+          headers: {
+            "Content-Type": "application/json"
+          }
+        });
+        const bodyText = await response.text().catch(() => void 0);
+        if (response.status !== 402) {
+          return mcpSuccess({
+            data: bodyText,
+            statusCode: response.status,
+            requiresPayment: false
+          });
+        }
+        const paymentRequired = new x402HTTPClient3(
+          new x402Client3()
+        ).getPaymentRequiredResponse(
+          (name) => response.headers.get(name),
+          JSON.parse(bodyText ?? "{}")
+        );
+        const routeDetails = getRouteDetails(paymentRequired);
+        return mcpSuccess({
+          requiresPayment: true,
+          statusCode: response.status,
+          routeDetails
+        });
+      } catch (err) {
+        return mcpError(err, { tool: "query_endpoint", url });
+      }
+    }
+  );
+};
+
+// src/server/resources/origins.ts
+import { x402HTTPClient as x402HTTPClient4 } from "@x402/core/client";
+import { x402Client as x402Client4 } from "@x402/core/client";
+
+// src/server/resources/_lib.ts
+var getWebPageMetadata = async (url) => {
+  try {
+    const response = await fetch(url);
+    if (!response.ok) {
+      return null;
+    }
+    const html = await response.text();
+    const titleMatch = /<title[^>]*>([\s\S]*?)<\/title>/i.exec(html);
+    const title = titleMatch ? titleMatch[1].trim().replace(/\s+/g, " ") : null;
+    let descriptionMatch = /<meta\s+name=["']description["']\s+content=["']([^"']*)["']/i.exec(html);
+    descriptionMatch ??= /<meta\s+property=["']og:description["']\s+content=["']([^"']*)["']/i.exec(
+      html
+    );
+    descriptionMatch ??= /<meta\s+content=["']([^"']*)["']\s+name=["']description["']/i.exec(html);
+    descriptionMatch ??= /<meta\s+content=["']([^"']*)["']\s+property=["']og:description["']/i.exec(
+      html
+    );
+    const description = descriptionMatch ? descriptionMatch[1].trim().replace(/\s+/g, " ") : null;
+    return {
+      title,
+      description
+    };
+  } catch (error) {
+    throw new Error(
+      `Failed to fetch web page metadata: ${error instanceof Error ? error.message : String(error)}`
+    );
+  }
+};
+
+// src/server/resources/origins.ts
+var origins = ["enrichx402.com"];
+var registerOrigins = async ({ server }) => {
+  await Promise.all(
+    origins.map(async (origin) => {
+      const metadata = await getWebPageMetadata(`https://${origin}`);
+      server.registerResource(
+        origin,
+        `api://${origin}`,
+        {
+          title: metadata?.title ?? origin,
+          description: metadata?.description ?? "",
+          mimeType: "application/json"
+        },
+        async (uri) => {
+          const response = await fetch(
+            `${uri.toString().replace("api://", "https://")}/.well-known/x402`
+          ).then((response2) => response2.json());
+          const resources = await Promise.all(
+            response.resources.map(async (resource) => {
+              const resourceResponse = await getResourceResponse(
+                resource,
+                await fetch(resource, {
+                  method: "POST",
+                  headers: {
+                    "Content-Type": "application/json"
+                  }
+                })
+              );
+              if (resourceResponse) {
+                return resourceResponse;
+              }
+              const getResponse = await getResourceResponse(
+                resource,
+                await fetch(resource, {
+                  method: "GET"
+                })
+              );
+              if (getResponse) {
+                return getResponse;
+              }
+              console.error(`Failed to get resource response for ${resource}`);
+              return null;
+            })
+          );
+          return {
+            contents: [
+              {
+                uri: origin,
+                text: JSON.stringify({
+                  server: origin,
+                  name: metadata?.title,
+                  description: metadata?.description,
+                  resources: resources.filter(Boolean).map((resource) => {
+                    if (!resource) return null;
+                    const schema = getSchema(
+                      resource.paymentRequired?.extensions
+                    );
+                    return {
+                      url: resource.resource,
+                      schema,
+                      mimeType: resource.paymentRequired.resource.mimeType
+                    };
+                  })
+                }),
+                mimeType: "application/json"
+              }
+            ]
+          };
+        }
+      );
+    })
+  );
+};
+var getResourceResponse = async (resource, response) => {
+  const client = new x402HTTPClient4(new x402Client4());
+  if (response.status === 402) {
+    const paymentRequired = client.getPaymentRequiredResponse(
+      (name) => response.headers.get(name),
+      JSON.parse(await response.text())
+    );
+    return {
+      paymentRequired,
+      resource
+    };
+  }
+  return null;
+};
+
+// src/server/tools/discover-resources.ts
+import { z } from "zod";
+import { x402Client as x402Client5, x402HTTPClient as x402HTTPClient5 } from "@x402/core/client";
+var DiscoveryDocumentSchema = z.object({
+  version: z.number().refine((v) => v === 1, { message: "version must be 1" }),
+  resources: z.array(z.url()),
+  ownershipProofs: z.array(z.string()).optional(),
+  instructions: z.string().optional()
+});
+async function lookupDnsTxtRecord(hostname) {
+  const dnsQuery = `_x402.${hostname}`;
+  log.debug(`Looking up DNS TXT record: ${dnsQuery}`);
+  try {
+    const response = await fetch(
+      `https://cloudflare-dns.com/dns-query?name=${encodeURIComponent(
+        dnsQuery
+      )}&type=TXT`,
+      {
+        headers: { Accept: "application/dns-json" }
+      }
+    );
+    if (!response.ok) {
+      log.debug(`DNS lookup failed: HTTP ${response.status}`);
+      return null;
+    }
+    const data = await response.json();
+    if (!data.Answer || data.Answer.length === 0) {
+      log.debug("No DNS TXT record found");
+      return null;
+    }
+    const txtValue = data.Answer[0].data.replace(/^"|"$/g, "");
+    log.debug(`Found DNS TXT record: ${txtValue}`);
+    try {
+      new URL(txtValue);
+      return txtValue;
+    } catch {
+      log.debug(`DNS TXT value is not a valid URL: ${txtValue}`);
+      return null;
+    }
+  } catch (err) {
+    log.debug(
+      `DNS lookup error: ${err instanceof Error ? err.message : String(err)}`
+    );
+    return null;
+  }
+}
+async function fetchLlmsTxt(origin) {
+  const llmsTxtUrl = `${origin}/llms.txt`;
+  log.debug(`Fetching llms.txt from: ${llmsTxtUrl}`);
+  try {
+    const response = await fetch(llmsTxtUrl, {
+      headers: { Accept: "text/plain" }
+    });
+    if (!response.ok) {
+      if (response.status === 404) {
+        return { found: false, error: "No llms.txt found" };
+      }
+      return { found: false, error: `HTTP ${response.status}` };
+    }
+    const content = await response.text();
+    if (!content || content.trim().length === 0) {
+      return { found: false, error: "llms.txt is empty" };
+    }
+    return { found: true, content };
+  } catch (err) {
+    return {
+      found: false,
+      error: `Network error: ${err instanceof Error ? err.message : String(err)}`
+    };
+  }
+}
+async function fetchDiscoveryFromUrl(url) {
+  log.debug(`Fetching discovery document from: ${url}`);
+  try {
+    const response = await fetch(url, {
+      headers: { Accept: "application/json" }
+    });
+    if (!response.ok) {
+      if (response.status === 404) {
+        return { found: false, error: `Not found at ${url}` };
+      }
+      return {
+        found: false,
+        error: `HTTP ${response.status}: ${await response.text()}`
+      };
+    }
+    let rawData;
+    try {
+      rawData = await response.json();
+    } catch {
+      return {
+        found: false,
+        error: "Failed to parse discovery document as JSON"
+      };
+    }
+    const parsed = DiscoveryDocumentSchema.safeParse(rawData);
+    if (!parsed.success) {
+      return {
+        found: false,
+        error: `Invalid discovery document: ${parsed.error.issues.map((e) => e.message).join(", ")}`,
+        rawResponse: rawData
+      };
+    }
+    return { found: true, document: parsed.data };
+  } catch (err) {
+    return {
+      found: false,
+      error: `Network error: ${err instanceof Error ? err.message : String(err)}`
+    };
+  }
+}
+async function fetchDiscoveryDocument(origin) {
+  const attemptedSources = [];
+  const hostname = getHostname(origin);
+  const wellKnownUrl = `${origin}/.well-known/x402`;
+  attemptedSources.push(wellKnownUrl);
+  const wellKnownResult = await fetchDiscoveryFromUrl(wellKnownUrl);
+  if (wellKnownResult.found && wellKnownResult.document) {
+    return {
+      found: true,
+      source: "well-known",
+      document: wellKnownResult.document,
+      attemptedSources
+    };
+  }
+  attemptedSources.push(`DNS TXT _x402.${hostname}`);
+  const dnsUrl = await lookupDnsTxtRecord(hostname);
+  if (dnsUrl) {
+    attemptedSources.push(dnsUrl);
+    const dnsResult = await fetchDiscoveryFromUrl(dnsUrl);
+    if (dnsResult.found && dnsResult.document) {
+      return {
+        found: true,
+        source: "dns-txt",
+        document: dnsResult.document,
+        attemptedSources
+      };
+    }
+  }
+  attemptedSources.push(`${origin}/llms.txt`);
+  const llmsResult = await fetchLlmsTxt(origin);
+  if (llmsResult.found && llmsResult.content) {
+    return {
+      found: true,
+      source: "llms-txt",
+      llmsTxtContent: llmsResult.content,
+      attemptedSources
+    };
+  }
+  return {
+    found: false,
+    error: "No discovery document found. Tried: .well-known/x402, DNS TXT record, llms.txt",
+    attemptedSources
+  };
+}
+async function queryResource(url) {
+  log.debug(`Querying resource: ${url}`);
+  try {
+    const result = await fetch(url, { method: "GET" });
+    if (!result.ok) {
+      return {
+        url,
+        isX402Endpoint: false,
+        error: result.statusText ?? "Failed to query endpoint"
+      };
+    }
+    if (result.status !== 402) {
+      return {
+        url,
+        isX402Endpoint: false
+      };
+    }
+    const pr = new x402HTTPClient5(new x402Client5()).getPaymentRequiredResponse(
+      (name) => result.headers.get(name),
+      JSON.parse(await result.text())
+    );
+    const firstReq = pr.accepts[0];
+    const resource = {
+      url,
+      isX402Endpoint: true,
+      x402Version: pr.x402Version,
+      price: tokenStringToNumber(firstReq.amount),
+      priceRaw: firstReq.amount,
+      network: firstReq.network,
+      networkName: getChainName(firstReq.network)
+    };
+    if (pr.extensions?.bazaar) {
+      const bazaar = pr.extensions.bazaar;
+      resource.bazaar = { info: bazaar.info, schema: bazaar.schema };
+      const info = bazaar.info;
+      if (info?.description) {
+        resource.description = info.description;
+      }
+    }
+    if (pr.extensions?.["sign-in-with-x"]) {
+      const siwx = pr.extensions["sign-in-with-x"];
+      resource.signInWithX = { required: true, info: siwx.info };
+    }
+    return resource;
+  } catch (err) {
+    return {
+      url,
+      isX402Endpoint: false,
+      error: err instanceof Error ? err.message : String(err)
+    };
+  }
+}
+function registerDiscoveryTools(server) {
+  server.registerTool(
+    "discover_resources",
+    {
+      description: `Discover x402-protected resources from an origin. Fetches the /.well-known/x402 discovery document and optionally tests each resource to get pricing and requirements. 
+        
+        Known default origins with resource packs. Discover if more needed:
+        - https://enrichx402.com -> People + Org search, Google Maps (places + locations), grok twitter search, exa web search, clado linkedin data, firecrawl web scrape
+        - https://stablestudio.io -> generate images / videos
+        `,
+      inputSchema: {
+        url: z.url().describe(
+          "The origin URL or any URL on the origin to discover resources from"
+        ),
+        testResources: z.boolean().default(false).describe(
+          "Whether to query each discovered resource for full pricing/schema info (default: false - just return URLs from discovery doc)"
+        ),
+        concurrency: z.number().int().min(1).max(10).default(5).describe(
+          "Max concurrent requests when querying resources (default: 5)"
+        )
+      }
+    },
+    async ({ url, testResources, concurrency }) => {
+      try {
+        const origin = getOrigin(url);
+        log.info(`Discovering resources for origin: ${origin}`);
+        const discoveryResult = await fetchDiscoveryDocument(origin);
+        if (discoveryResult.found && discoveryResult.source === "llms-txt") {
+          return mcpSuccess({
+            found: true,
+            origin,
+            source: "llms-txt",
+            usage: "Found llms.txt but no structured x402 discovery document. The content below may contain information about x402 resources. Parse it to find relevant endpoints.",
+            llmsTxtContent: discoveryResult.llmsTxtContent,
+            attemptedSources: discoveryResult.attemptedSources,
+            resources: []
+          });
+        }
+        if (!discoveryResult.found || !discoveryResult.document) {
+          return mcpSuccess({
+            found: false,
+            origin,
+            error: discoveryResult.error,
+            attemptedSources: discoveryResult.attemptedSources,
+            rawResponse: discoveryResult.rawResponse
+          });
+        }
+        const doc = discoveryResult.document;
+        const result = {
+          found: true,
+          origin,
+          source: discoveryResult.source,
+          instructions: doc.instructions,
+          usage: "Use query_endpoint to get full pricing/requirements for a resource. Use execute_call (for payment) or authed_call (for SIWX auth) to call it.",
+          resources: []
+        };
+        if (!testResources) {
+          result.resources = doc.resources.map((resourceUrl) => ({
+            url: resourceUrl
+          }));
+          return mcpSuccess(result);
+        }
+        const resourceUrls = doc.resources;
+        const allResources = [];
+        for (let i = 0; i < resourceUrls.length; i += concurrency) {
+          const batch = resourceUrls.slice(i, i + concurrency);
+          const batchResults = await Promise.all(
+            batch.map((resourceUrl) => queryResource(resourceUrl))
+          );
+          allResources.push(...batchResults);
+        }
+        result.resources = allResources;
+        return mcpSuccess(result);
+      } catch (err) {
+        return mcpError(err, { tool: "discover_resources", url });
+      }
+    }
+  );
+}
+function getOrigin(urlString) {
+  try {
+    return new URL(urlString).origin;
+  } catch {
+    return urlString;
+  }
+}
+function getHostname(origin) {
+  try {
+    return new URL(origin).hostname;
+  } catch {
+    return origin;
+  }
+}
+
+// src/server/index.ts
+var startServer = async (flags) => {
+  log.info("Starting x402scan-mcp...");
+  const { account } = await getWallet();
+  const server = new McpServer(
+    {
+      name: "@x402scan/mcp",
+      version: "0.0.1",
+      websiteUrl: "https://x402scan.com/mcp",
+      icons: [{ src: "https://x402scan.com/logo.svg" }]
+    },
+    {
+      capabilities: {
+        resources: {
+          subscribe: true,
+          listChanged: true
+        }
+      }
+    }
+  );
+  const props = {
+    server,
+    account,
+    flags
+  };
+  registerFetchX402ResourceTool(props);
+  registerAuthTools(props);
+  registerWalletTools(props);
+  registerCheckX402EndpointTool(props);
+  registerDiscoveryTools(server);
+  await registerOrigins({ server, flags });
+  const transport = new StdioServerTransport();
+  await server.connect(transport);
+  const shutdown = async () => {
+    log.info("Shutting down...");
+    await server.close();
+    process.exit(0);
+  };
+  process.on("SIGINT", () => void shutdown());
+  process.on("SIGTERM", () => void shutdown());
+};
+export {
+  startServer
+};