agentpay-mcp 4.1.10 → 4.1.16

package/dist/utils/x402-dynamic-paid-mcp-manifest-drift.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"x402-dynamic-paid-mcp-manifest-drift.js","sourceRoot":"","sources":["../../src/utils/x402-dynamic-paid-mcp-manifest-drift.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;AAsGH,wFAwFC;AAQD,wFAsCC;AAED,4FAUC;AArKD,MAAM,8BAA8B,GAAG,EAAE,CAAC;AAE1C,SAAS,UAAU,CAAC,KAAyB;IAC3C,IAAI,CAAC,KAAK;QAAE,OAAO,KAAK,CAAC;IACzB,IAAI,CAAC;QACH,OAAO,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC;IAC9C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,YAAY,CAAC,KAAW,EAAE,OAAa;IAC9C,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;AAC/E,CAAC;AAED,SAAS,WAAW,CAAC,QAAwB,EAAE,QAAuB,EAAE,KAAa,EAAE,OAAe;IACpG,QAAQ,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;AAC9C,CAAC;AAED,SAAgB,sCAAsC,CACpD,QAAwC,EACxC,UAAmD,EAAE;IAErD,MAAM,QAAQ,GAAmB,EAAE,CAAC;IACpC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,IAAI,IAAI,IAAI,EAAE,CAAC;IACtC,MAAM,mBAAmB,GAAG,OAAO,CAAC,mBAAmB,IAAI,8BAA8B,CAAC;IAC1F,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IACjD,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,iBAAiB,CAAC;IAClH,MAAM,KAAK,GAAG,QAAQ,GAAG,mBAAmB,CAAC;IAE7C,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,EAAE;QAAE,WAAW,CAAC,QAAQ,EAAE,UAAU,EAAE,YAAY,EAAE,wBAAwB,CAAC,CAAC;IAC3G,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC;QAAE,WAAW,CAAC,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,gCAAgC,CAAC,CAAC;IACtH,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;QAAE,WAAW,CAAC,QAAQ,EAAE,UAAU,EAAE,YAAY,EAAE,qCAAqC,CAAC,CAAC;IACnI,IAAI,KAAK;QAAE,WAAW,CAAC,QAAQ,EAAE,SAAS,EAAE,YAAY,EAAE,0BAA0B,mBAAmB,sCAAsC,CAAC,CAAC;IAC/I,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,EAAE;QAAE,WAAW,CAAC,QAAQ,EAAE,UAAU,EAAE,cAAc,EAAE,0BAA0B,CAAC,CAAC;IACjH,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,IAAI,EAAE;QAAE,WAAW,CAAC,QAAQ,EAAE,UAAU,EAAE,gBAAgB,EAAE,4BAA4B,CAAC,CAAC;IAEvH,MAAM,oBAAoB,GAAG,QAAQ,CAAC,iBAAiB,CAAC,MAAM,GAAG,CAAC,CAAC;IACnE,IAAI,CAAC,oBAAoB;QAAE,WAAW,CAAC,QAAQ,EAAE,UAAU,EAAE,mBAAmB,EAAE,uDAAuD,CAAC,CAAC;IAC3I,KAAK,MAAM,CAAC,KAAK,EAAE,OAAO,CAAC,IAAI,QAAQ,CAAC,iBAAiB,CAAC,OAAO,EAAE,EAAE,CAAC;QACpE,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE;YAAE,WAAW,CAAC,QAAQ,EAAE,UAAU,EAAE,qBAAqB,KAAK,WAAW,EAAE,qBAAqB,CAAC,CAAC;QAC7H,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE;YAAE,WAAW,CAAC,QAAQ,EAAE,SAAS,EAAE,qBAAqB,KAAK,QAAQ,EAAE,iCAAiC,CAAC,CAAC;QAClI,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC;YAAE,WAAW,CAAC,QAAQ,EAAE,UAAU,EAAE,qBAAqB,KAAK,WAAW,EAAE,8BAA8B,CAAC,CAAC;IAC7I,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,WAAW;QAAE,WAAW,CAAC,QAAQ,EAAE,SAAS,EAAE,aAAa,EAAE,iCAAiC,CAAC,CAAC;IAC9G,IAAI,CAAC,QAAQ,CAAC,QAAQ;QAAE,WAAW,CAAC,QAAQ,EAAE,UAAU,EAAE,UAAU,EAAE,gDAAgD,CAAC,CAAC;IACxH,IAAI,QAAQ,CAAC,GAAG,CAAC,UAAU,IAAI,CAAC;QAAE,WAAW,CAAC,QAAQ,EAAE,UAAU,EAAE,gBAAgB,EAAE,sCAAsC,CAAC,CAAC;IAC9H,IAAI,QAAQ,CAAC,GAAG,CAAC,aAAa,KAAK,SAAS,IAAI,QAAQ,CAAC,GAAG,CAAC,aAAa,IAAI,CAAC,EAAE,CAAC;QAChF,WAAW,CAAC,QAAQ,EAAE,SAAS,EAAE,mBAAmB,EAAE,wDAAwD,CAAC,CAAC;IAClH,CAAC;IACD,IAAI,QAAQ,CAAC,OAAO,CAAC,aAAa,GAAG,CAAC,IAAI,QAAQ,CAAC,OAAO,CAAC,aAAa,KAAK,QAAQ,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC;QACrG,WAAW,CACT,QAAQ,EACR,MAAM,EACN,uBAAuB,EACvB,4FAA4F,CAC7F,CAAC;IACJ,CAAC;IAED,MAAM,iBAAiB,GACrB,QAAQ,CAAC,OAAO,CAAC,aAAa,GAAG,CAAC;QAClC,QAAQ,CAAC,OAAO,CAAC,kBAAkB,KAAK,QAAQ,CAAC,OAAO,CAAC,aAAa;QACtE,QAAQ,CAAC,OAAO,CAAC,wBAAwB,KAAK,QAAQ,CAAC,OAAO,CAAC,aAAa;QAC5E,QAAQ,CAAC,OAAO,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,CAAC;IAC7C,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvB,WAAW,CAAC,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,wEAAwE,CAAC,CAAC;IACzH,CAAC;IAED,MAAM,qBAAqB,GAAG,OAAO,QAAQ,CAAC,KAAK,CAAC,OAAO,KAAK,SAAS,IAAI,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC;IACxH,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAC3B,WAAW,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,yDAAyD,CAAC,CAAC;IACxG,CAAC;IACD,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,OAAO,IAAI,QAAQ,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,EAAE,CAAC;QAC3H,WAAW,CACT,QAAQ,EACR,SAAS,EACT,yBAAyB,EACzB,wJAAwJ,CACzJ,CAAC;IACJ,CAAC;IACD,IAAI,QAAQ,CAAC,KAAK,CAAC,OAAO,IAAI,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC;QACjF,WAAW,CAAC,QAAQ,EAAE,UAAU,EAAE,mBAAmB,EAAE,mDAAmD,CAAC,CAAC;IAC9G,CAAC;IAED,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;IACrE,MAAM,6BAA6B,GACjC,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC,aAAa,CAAC;QAC9C,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC,UAAU,CAAC;QAC3C,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC,OAAO,CAAC;QACxC,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC,aAAa,CAAC;QAC9C,aAAa,CAAC,MAAM,GAAG,CAAC;QACxB,aAAa,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;IAClC,IAAI,CAAC,6BAA6B,EAAE,CAAC;QACnC,WAAW,CAAC,QAAQ,EAAE,UAAU,EAAE,aAAa,EAAE,6FAA6F,CAAC,CAAC;IAClJ,CAAC;IAED,OAAO;QACL,UAAU,EAAE,QAAQ,CAAC,UAAU;QAC/B,QAAQ;QACR,KAAK;QACL,oBAAoB;QACpB,iBAAiB;QACjB,qBAAqB;QACrB,6BAA6B;QAC7B,QAAQ;KACT,CAAC;AACJ,CAAC;AAED,SAAS,OAAO,CAAI,KAAa,EAAE,MAAS,EAAE,KAAQ,EAAE,aAAuB;IAC7E,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;IACnE,IAAI,SAAS;QAAE,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACzC,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAgB,sCAAsC,CACpD,MAAsC,EACtC,KAAqC;IAErC,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,MAAM,QAAQ,GAAmB,EAAE,CAAC;IAEpC,IAAI,OAAO,CAAC,gBAAgB,EAAE,MAAM,CAAC,GAAG,CAAC,UAAU,EAAE,KAAK,CAAC,GAAG,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,CAAC;QAC1F,WAAW,CAAC,QAAQ,EAAE,SAAS,EAAE,gBAAgB,EAAE,2BAA2B,MAAM,CAAC,GAAG,CAAC,UAAU,OAAO,KAAK,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;IACpI,CAAC;IACD,IAAI,OAAO,CAAC,mBAAmB,EAAE,MAAM,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,GAAG,CAAC,aAAa,EAAE,aAAa,CAAC,EAAE,CAAC;QACnG,WAAW,CAAC,QAAQ,EAAE,SAAS,EAAE,mBAAmB,EAAE,8BAA8B,MAAM,CAAC,GAAG,CAAC,aAAa,IAAI,SAAS,OAAO,KAAK,CAAC,GAAG,CAAC,aAAa,IAAI,SAAS,EAAE,CAAC,CAAC;IAC1K,CAAC;IACD,IAAI,OAAO,CAAC,eAAe,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,OAAO,EAAE,aAAa,CAAC,EAAE,CAAC;QACvF,WAAW,CAAC,QAAQ,EAAE,UAAU,EAAE,eAAe,EAAE,6BAA6B,MAAM,CAAC,KAAK,CAAC,OAAO,OAAO,KAAK,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IACpI,CAAC;IACD,IAAI,OAAO,CAAC,mBAAmB,EAAE,MAAM,CAAC,KAAK,CAAC,WAAW,EAAE,KAAK,CAAC,KAAK,CAAC,WAAW,EAAE,aAAa,CAAC,EAAE,CAAC;QACnG,WAAW,CAAC,QAAQ,EAAE,SAAS,EAAE,mBAAmB,EAAE,2EAA2E,CAAC,CAAC;IACrI,CAAC;IACD,IAAI,OAAO,CAAC,wBAAwB,EAAE,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,KAAK,CAAC,OAAO,CAAC,cAAc,EAAE,aAAa,CAAC,EAAE,CAAC;QAClH,WAAW,CAAC,QAAQ,EAAE,SAAS,EAAE,wBAAwB,EAAE,kCAAkC,CAAC,CAAC;IACjG,CAAC;IACD,IAAI,OAAO,CAAC,mBAAmB,EAAE,MAAM,CAAC,iBAAiB,EAAE,KAAK,CAAC,iBAAiB,EAAE,aAAa,CAAC,EAAE,CAAC;QACnG,WAAW,CAAC,QAAQ,EAAE,SAAS,EAAE,mBAAmB,EAAE,uCAAuC,CAAC,CAAC;IACjG,CAAC;IACD,IAAI,OAAO,CAAC,aAAa,EAAE,MAAM,CAAC,WAAW,EAAE,KAAK,CAAC,WAAW,EAAE,aAAa,CAAC,EAAE,CAAC;QACjF,WAAW,CAAC,QAAQ,EAAE,SAAS,EAAE,aAAa,EAAE,8CAA8C,CAAC,CAAC;IAClG,CAAC;IACD,IAAI,OAAO,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,SAAS,EAAE,aAAa,CAAC,EAAE,CAAC;QAC3E,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,2DAA2D,CAAC,CAAC;IAC1G,CAAC;IAED,OAAO;QACL,cAAc,EAAE,MAAM,CAAC,UAAU;QACjC,YAAY,EAAE,KAAK,CAAC,UAAU;QAC9B,aAAa;QACb,QAAQ;KACT,CAAC;AACJ,CAAC;AAED,SAAgB,wCAAwC,CACtD,QAAwC,EACxC,MAAsC;IAEtC,MAAM,KAAK,GAAG,sCAAsC,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACvE,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;IAC3D,IAAI,qBAAqB,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,qBAAqB,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,qBAAqB,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;QAC1I,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}

package/dist/utils/x402-multi-ledger-receipt.d.ts

@@ -0,0 +1,64 @@
+/**
+ * Multi-ledger x402 receipt normalization helpers.
+ *
+ * x402 paid MCP servers are starting to advertise non-Base payment rails. Buyer
+ * agents need one normalized receipt envelope before signing, with explicit
+ * ledger, asset, settlement target, verification state, and custody boundary.
+ */
+export type X402LedgerNamespace = 'eip155' | 'xrpl' | 'tvm' | 'solana' | 'other';
+export type X402VerificationStatus = 'verified' | 'pending' | 'unsupported_refused' | 'failed' | 'unknown';
+export type X402CustodyBoundary = 'non-custodial' | 'facilitator' | 'managed' | 'unknown';
+export type X402MultiLedgerReceipt = {
+    schema: 'agentpay-x402-multi-ledger-receipt/v1';
+    observedAt: string;
+    source: {
+        name: string;
+        repo?: string;
+        evidenceUrl?: string;
+        pushedAt?: string;
+    };
+    payment: {
+        x402Version: string;
+        paymentHeader: 'Payment-Signature';
+        receiptHeader: 'payment-response';
+    };
+    ledger: {
+        label: string;
+        namespace: X402LedgerNamespace;
+        chainId?: string | number;
+    };
+    settlement: {
+        asset: string;
+        target: string;
+        reference?: string;
+    };
+    verification: {
+        status: X402VerificationStatus;
+        verifier?: string;
+        checkedAt: string;
+    };
+    boundary: {
+        custody: X402CustodyBoundary;
+        nonCustodial: boolean;
+        description: string;
+    };
+    unsupportedLedgerRefusal?: string;
+};
+export type X402MultiLedgerReceiptPolicy = {
+    supportedLedgerNamespaces: X402LedgerNamespace[];
+    allowedAssets: string[];
+    allowedSettlementTargets: string[];
+    requireNonCustodialBoundary: boolean;
+    requireVerifiedReceipt: boolean;
+    allowUnsupportedRefusalProof: boolean;
+};
+export type X402MultiLedgerReceiptDecision = {
+    ok: boolean;
+    decision: 'allow' | 'deny';
+    failures: string[];
+    warnings: string[];
+};
+export declare function evaluateX402MultiLedgerReceipt(receipt: X402MultiLedgerReceipt, policy: X402MultiLedgerReceiptPolicy, now?: Date): X402MultiLedgerReceiptDecision;
+export declare function buildAgentPayBaseReceiptExample(): X402MultiLedgerReceipt;
+export declare function buildXrplUnsupportedRefusalExample(): X402MultiLedgerReceipt;
+//# sourceMappingURL=x402-multi-ledger-receipt.d.ts.map

package/dist/utils/x402-multi-ledger-receipt.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"x402-multi-ledger-receipt.d.ts","sourceRoot":"","sources":["../../src/utils/x402-multi-ledger-receipt.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,MAAM,MAAM,mBAAmB,GAAG,QAAQ,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,OAAO,CAAC;AAEjF,MAAM,MAAM,sBAAsB,GAAG,UAAU,GAAG,SAAS,GAAG,qBAAqB,GAAG,QAAQ,GAAG,SAAS,CAAC;AAE3G,MAAM,MAAM,mBAAmB,GAAG,eAAe,GAAG,aAAa,GAAG,SAAS,GAAG,SAAS,CAAC;AAE1F,MAAM,MAAM,sBAAsB,GAAG;IACnC,MAAM,EAAE,uCAAuC,CAAC;IAChD,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE;QACN,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,CAAC;IACF,OAAO,EAAE;QACP,WAAW,EAAE,MAAM,CAAC;QACpB,aAAa,EAAE,mBAAmB,CAAC;QACnC,aAAa,EAAE,kBAAkB,CAAC;KACnC,CAAC;IACF,MAAM,EAAE;QACN,KAAK,EAAE,MAAM,CAAC;QACd,SAAS,EAAE,mBAAmB,CAAC;QAC/B,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;KAC3B,CAAC;IACF,UAAU,EAAE;QACV,KAAK,EAAE,MAAM,CAAC;QACd,MAAM,EAAE,MAAM,CAAC;QACf,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,CAAC;IACF,YAAY,EAAE;QACZ,MAAM,EAAE,sBAAsB,CAAC;QAC/B,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;IACF,QAAQ,EAAE;QACR,OAAO,EAAE,mBAAmB,CAAC;QAC7B,YAAY,EAAE,OAAO,CAAC;QACtB,WAAW,EAAE,MAAM,CAAC;KACrB,CAAC;IACF,wBAAwB,CAAC,EAAE,MAAM,CAAC;CACnC,CAAC;AAEF,MAAM,MAAM,4BAA4B,GAAG;IACzC,yBAAyB,EAAE,mBAAmB,EAAE,CAAC;IACjD,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,wBAAwB,EAAE,MAAM,EAAE,CAAC;IACnC,2BAA2B,EAAE,OAAO,CAAC;IACrC,sBAAsB,EAAE,OAAO,CAAC;IAChC,4BAA4B,EAAE,OAAO,CAAC;CACvC,CAAC;AAEF,MAAM,MAAM,8BAA8B,GAAG;IAC3C,EAAE,EAAE,OAAO,CAAC;IACZ,QAAQ,EAAE,OAAO,GAAG,MAAM,CAAC;IAC3B,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB,CAAC;AAeF,wBAAgB,8BAA8B,CAC5C,OAAO,EAAE,sBAAsB,EAC/B,MAAM,EAAE,4BAA4B,EACpC,GAAG,OAAa,GACf,8BAA8B,CAkDhC;AAED,wBAAgB,+BAA+B,IAAI,sBAAsB,CAmCxE;AAED,wBAAgB,kCAAkC,IAAI,sBAAsB,CAqC3E"}

package/dist/utils/x402-multi-ledger-receipt.js

@@ -0,0 +1,150 @@
+"use strict";
+/**
+ * Multi-ledger x402 receipt normalization helpers.
+ *
+ * x402 paid MCP servers are starting to advertise non-Base payment rails. Buyer
+ * agents need one normalized receipt envelope before signing, with explicit
+ * ledger, asset, settlement target, verification state, and custody boundary.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.evaluateX402MultiLedgerReceipt = evaluateX402MultiLedgerReceipt;
+exports.buildAgentPayBaseReceiptExample = buildAgentPayBaseReceiptExample;
+exports.buildXrplUnsupportedRefusalExample = buildXrplUnsupportedRefusalExample;
+function parseTime(value) {
+    const parsed = Date.parse(value);
+    return Number.isNaN(parsed) ? Number.NaN : parsed;
+}
+function includesCaseInsensitive(values, value) {
+    return values.map((entry) => entry.toLowerCase()).includes(value.toLowerCase());
+}
+function isNonEmpty(value) {
+    return typeof value === 'string' && value.trim().length > 0;
+}
+function evaluateX402MultiLedgerReceipt(receipt, policy, now = new Date()) {
+    const failures = [];
+    const warnings = [];
+    if (receipt.schema !== 'agentpay-x402-multi-ledger-receipt/v1')
+        failures.push('schema must be agentpay-x402-multi-ledger-receipt/v1.');
+    if (!isNonEmpty(receipt.source.name))
+        failures.push('source.name is required.');
+    if (receipt.payment.paymentHeader !== 'Payment-Signature')
+        failures.push('payment.paymentHeader must be Payment-Signature.');
+    if (receipt.payment.receiptHeader !== 'payment-response')
+        failures.push('payment.receiptHeader must be payment-response.');
+    if (!isNonEmpty(receipt.ledger.label))
+        failures.push('ledger.label is required.');
+    if (!isNonEmpty(receipt.settlement.asset))
+        failures.push('settlement.asset is required.');
+    if (!isNonEmpty(receipt.settlement.target))
+        failures.push('settlement.target is required.');
+    if (!isNonEmpty(receipt.verification.checkedAt) || Number.isNaN(parseTime(receipt.verification.checkedAt)))
+        failures.push('verification.checkedAt must be an ISO timestamp.');
+    if (!isNonEmpty(receipt.observedAt) || Number.isNaN(parseTime(receipt.observedAt)))
+        failures.push('observedAt must be an ISO timestamp.');
+    if (parseTime(receipt.observedAt) > now.getTime())
+        warnings.push('observedAt is in the future relative to evaluator clock.');
+    if (!policy.supportedLedgerNamespaces.includes(receipt.ledger.namespace)) {
+        failures.push(`ledger namespace ${receipt.ledger.namespace} is not supported by buyer policy.`);
+    }
+    if (!includesCaseInsensitive(policy.allowedAssets, receipt.settlement.asset)) {
+        failures.push(`settlement asset ${receipt.settlement.asset} is not allowed.`);
+    }
+    if (!includesCaseInsensitive(policy.allowedSettlementTargets, receipt.settlement.target)) {
+        failures.push(`settlement target ${receipt.settlement.target} is not allowlisted.`);
+    }
+    if (policy.requireNonCustodialBoundary && (!receipt.boundary.nonCustodial || receipt.boundary.custody !== 'non-custodial')) {
+        failures.push('non-custodial boundary is required before signing.');
+    }
+    if (policy.requireVerifiedReceipt && receipt.verification.status !== 'verified') {
+        if (receipt.verification.status === 'unsupported_refused' && policy.allowUnsupportedRefusalProof && isNonEmpty(receipt.unsupportedLedgerRefusal)) {
+            warnings.push('Receipt is an unsupported-ledger refusal proof, not a spend authorization.');
+        }
+        else {
+            failures.push(`verification status ${receipt.verification.status} is not verified.`);
+        }
+    }
+    if (receipt.verification.status === 'unsupported_refused' && !isNonEmpty(receipt.unsupportedLedgerRefusal)) {
+        failures.push('unsupportedLedgerRefusal copy is required for unsupported ledger refusal proofs.');
+    }
+    const ok = failures.length === 0 && receipt.verification.status === 'verified';
+    return {
+        ok,
+        decision: ok ? 'allow' : 'deny',
+        failures,
+        warnings,
+    };
+}
+function buildAgentPayBaseReceiptExample() {
+    return {
+        schema: 'agentpay-x402-multi-ledger-receipt/v1',
+        observedAt: '2026-05-05T01:10:00.000Z',
+        source: {
+            name: 'AgentPay MCP',
+            repo: 'up2itnow0822/agentpay-mcp',
+            evidenceUrl: 'https://www.npmjs.com/package/agentpay-mcp',
+        },
+        payment: {
+            x402Version: '2.x',
+            paymentHeader: 'Payment-Signature',
+            receiptHeader: 'payment-response',
+        },
+        ledger: {
+            label: 'Base mainnet',
+            namespace: 'eip155',
+            chainId: 8453,
+        },
+        settlement: {
+            asset: 'USDC',
+            target: '0x1111111111111111111111111111111111111111',
+            reference: 'x402-receipt:base-mainnet-example',
+        },
+        verification: {
+            status: 'verified',
+            verifier: 'AgentPay local policy engine',
+            checkedAt: '2026-05-05T01:10:00.000Z',
+        },
+        boundary: {
+            custody: 'non-custodial',
+            nonCustodial: true,
+            description: 'Private keys remain local and AgentPay signs only after policy approval.',
+        },
+    };
+}
+function buildXrplUnsupportedRefusalExample() {
+    return {
+        schema: 'agentpay-x402-multi-ledger-receipt/v1',
+        observedAt: '2026-05-05T01:10:00.000Z',
+        source: {
+            name: 'XRPL-Utilities MCP market signal',
+            repo: 'XRPL-Utilities/xrpl-utilities-mcp',
+            evidenceUrl: 'https://github.com/XRPL-Utilities/xrpl-utilities-mcp',
+            pushedAt: '2026-05-05T01:02:00.000Z',
+        },
+        payment: {
+            x402Version: '2.x',
+            paymentHeader: 'Payment-Signature',
+            receiptHeader: 'payment-response',
+        },
+        ledger: {
+            label: 'XRPL extension point',
+            namespace: 'xrpl',
+            chainId: 'xrpl-mainnet',
+        },
+        settlement: {
+            asset: 'RLUSD or XRP, provider-declared',
+            target: 'unsupported-until-allowlisted',
+        },
+        verification: {
+            status: 'unsupported_refused',
+            verifier: 'AgentPay buyer policy',
+            checkedAt: '2026-05-05T01:10:00.000Z',
+        },
+        boundary: {
+            custody: 'unknown',
+            nonCustodial: false,
+            description: 'AgentPay does not sign XRPL settlement until signer, asset, target, facilitator, and receipt semantics are explicitly implemented.',
+        },
+        unsupportedLedgerRefusal: 'Refused before signing: XRPL x402 rail is visible but not allowlisted. Add ledger namespace, asset parser, settlement target allowlist, verifier, receipt mapping, and non-custodial signer support before retrying.',
+    };
+}
+//# sourceMappingURL=x402-multi-ledger-receipt.js.map

package/dist/utils/x402-multi-ledger-receipt.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"x402-multi-ledger-receipt.js","sourceRoot":"","sources":["../../src/utils/x402-multi-ledger-receipt.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;AA0EH,wEAsDC;AAED,0EAmCC;AAED,gFAqCC;AA/ID,SAAS,SAAS,CAAC,KAAa;IAC9B,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IACjC,OAAO,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC;AACpD,CAAC;AAED,SAAS,uBAAuB,CAAC,MAAgB,EAAE,KAAa;IAC9D,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC;AAClF,CAAC;AAED,SAAS,UAAU,CAAC,KAAc;IAChC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC;AAC9D,CAAC;AAED,SAAgB,8BAA8B,CAC5C,OAA+B,EAC/B,MAAoC,EACpC,GAAG,GAAG,IAAI,IAAI,EAAE;IAEhB,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,IAAI,OAAO,CAAC,MAAM,KAAK,uCAAuC;QAAE,QAAQ,CAAC,IAAI,CAAC,uDAAuD,CAAC,CAAC;IACvI,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IAChF,IAAI,OAAO,CAAC,OAAO,CAAC,aAAa,KAAK,mBAAmB;QAAE,QAAQ,CAAC,IAAI,CAAC,kDAAkD,CAAC,CAAC;IAC7H,IAAI,OAAO,CAAC,OAAO,CAAC,aAAa,KAAK,kBAAkB;QAAE,QAAQ,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;IAC3H,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;IAClF,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;IAC1F,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;IAC5F,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,YAAY,CAAC,SAAS,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,kDAAkD,CAAC,CAAC;IAC9K,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;IAC1I,IAAI,SAAS,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,GAAG,CAAC,OAAO,EAAE;QAAE,QAAQ,CAAC,IAAI,CAAC,0DAA0D,CAAC,CAAC;IAE7H,IAAI,CAAC,MAAM,CAAC,yBAAyB,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC;QACzE,QAAQ,CAAC,IAAI,CAAC,oBAAoB,OAAO,CAAC,MAAM,CAAC,SAAS,oCAAoC,CAAC,CAAC;IAClG,CAAC;IAED,IAAI,CAAC,uBAAuB,CAAC,MAAM,CAAC,aAAa,EAAE,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;QAC7E,QAAQ,CAAC,IAAI,CAAC,oBAAoB,OAAO,CAAC,UAAU,CAAC,KAAK,kBAAkB,CAAC,CAAC;IAChF,CAAC;IAED,IAAI,CAAC,uBAAuB,CAAC,MAAM,CAAC,wBAAwB,EAAE,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QACzF,QAAQ,CAAC,IAAI,CAAC,qBAAqB,OAAO,CAAC,UAAU,CAAC,MAAM,sBAAsB,CAAC,CAAC;IACtF,CAAC;IAED,IAAI,MAAM,CAAC,2BAA2B,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,YAAY,IAAI,OAAO,CAAC,QAAQ,CAAC,OAAO,KAAK,eAAe,CAAC,EAAE,CAAC;QAC3H,QAAQ,CAAC,IAAI,CAAC,oDAAoD,CAAC,CAAC;IACtE,CAAC;IAED,IAAI,MAAM,CAAC,sBAAsB,IAAI,OAAO,CAAC,YAAY,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;QAChF,IAAI,OAAO,CAAC,YAAY,CAAC,MAAM,KAAK,qBAAqB,IAAI,MAAM,CAAC,4BAA4B,IAAI,UAAU,CAAC,OAAO,CAAC,wBAAwB,CAAC,EAAE,CAAC;YACjJ,QAAQ,CAAC,IAAI,CAAC,4EAA4E,CAAC,CAAC;QAC9F,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,IAAI,CAAC,uBAAuB,OAAO,CAAC,YAAY,CAAC,MAAM,mBAAmB,CAAC,CAAC;QACvF,CAAC;IACH,CAAC;IAED,IAAI,OAAO,CAAC,YAAY,CAAC,MAAM,KAAK,qBAAqB,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,wBAAwB,CAAC,EAAE,CAAC;QAC3G,QAAQ,CAAC,IAAI,CAAC,kFAAkF,CAAC,CAAC;IACpG,CAAC;IAED,MAAM,EAAE,GAAG,QAAQ,CAAC,MAAM,KAAK,CAAC,IAAI,OAAO,CAAC,YAAY,CAAC,MAAM,KAAK,UAAU,CAAC;IAC/E,OAAO;QACL,EAAE;QACF,QAAQ,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM;QAC/B,QAAQ;QACR,QAAQ;KACT,CAAC;AACJ,CAAC;AAED,SAAgB,+BAA+B;IAC7C,OAAO;QACL,MAAM,EAAE,uCAAuC;QAC/C,UAAU,EAAE,0BAA0B;QACtC,MAAM,EAAE;YACN,IAAI,EAAE,cAAc;YACpB,IAAI,EAAE,2BAA2B;YACjC,WAAW,EAAE,4CAA4C;SAC1D;QACD,OAAO,EAAE;YACP,WAAW,EAAE,KAAK;YAClB,aAAa,EAAE,mBAAmB;YAClC,aAAa,EAAE,kBAAkB;SAClC;QACD,MAAM,EAAE;YACN,KAAK,EAAE,cAAc;YACrB,SAAS,EAAE,QAAQ;YACnB,OAAO,EAAE,IAAI;SACd;QACD,UAAU,EAAE;YACV,KAAK,EAAE,MAAM;YACb,MAAM,EAAE,4CAA4C;YACpD,SAAS,EAAE,mCAAmC;SAC/C;QACD,YAAY,EAAE;YACZ,MAAM,EAAE,UAAU;YAClB,QAAQ,EAAE,8BAA8B;YACxC,SAAS,EAAE,0BAA0B;SACtC;QACD,QAAQ,EAAE;YACR,OAAO,EAAE,eAAe;YACxB,YAAY,EAAE,IAAI;YAClB,WAAW,EAAE,0EAA0E;SACxF;KACF,CAAC;AACJ,CAAC;AAED,SAAgB,kCAAkC;IAChD,OAAO;QACL,MAAM,EAAE,uCAAuC;QAC/C,UAAU,EAAE,0BAA0B;QACtC,MAAM,EAAE;YACN,IAAI,EAAE,kCAAkC;YACxC,IAAI,EAAE,mCAAmC;YACzC,WAAW,EAAE,sDAAsD;YACnE,QAAQ,EAAE,0BAA0B;SACrC;QACD,OAAO,EAAE;YACP,WAAW,EAAE,KAAK;YAClB,aAAa,EAAE,mBAAmB;YAClC,aAAa,EAAE,kBAAkB;SAClC;QACD,MAAM,EAAE;YACN,KAAK,EAAE,sBAAsB;YAC7B,SAAS,EAAE,MAAM;YACjB,OAAO,EAAE,cAAc;SACxB;QACD,UAAU,EAAE;YACV,KAAK,EAAE,iCAAiC;YACxC,MAAM,EAAE,+BAA+B;SACxC;QACD,YAAY,EAAE;YACZ,MAAM,EAAE,qBAAqB;YAC7B,QAAQ,EAAE,uBAAuB;YACjC,SAAS,EAAE,0BAA0B;SACtC;QACD,QAAQ,EAAE;YACR,OAAO,EAAE,SAAS;YAClB,YAAY,EAAE,KAAK;YACnB,WAAW,EAAE,oIAAoI;SAClJ;QACD,wBAAwB,EACtB,sNAAsN;KACzN,CAAC;AACJ,CAAC"}

package/docs/agentpay-escrow-reputation-boundary.md

@@ -0,0 +1,64 @@
+# AgentPay escrow and reputation boundary proof
+
+Execution Market packages x402 payment claims with escrow, ERC-8004 identity, A2A task execution, World ID proof, worker evidence, and reputation. That is a useful market signal: buyers will compare payment tools by trust outcomes, not only by payment headers.
+
+This proof separates the layers so buyers do not treat payment authorization as proof that work was completed.
+
+## Market signal
+
+Source: `UltravioletaDAO/execution-market` README, fetched during the May 4 market-intel cycle.
+
+Observed claims:
+
+- Task bounties can lock USDC in on-chain escrow.
+- The product exposes MCP, REST, WebSocket, and A2A paths.
+- Identity references include ERC-8004 and World ID.
+- Worker submissions, evidence, approval, cancellation, refund, and escrow-state checks sit around payment.
+- x402 is part of a broader task market, not the whole trust system.
+
+## Boundary table
+
+| Layer | What the buyer needs | AgentPay role | Boundary |
+|---|---|---|---|
+| Payment authorization | Decide whether an agent may spend a given amount to a given recipient | Enforce approval gates, hard spend caps, allowlists, x402 metadata checks, and receipt logging | Payment authorization does not prove the seller did the task. |
+| x402 settlement | Produce and verify the payment proof for a paid endpoint | Sign and retry x402 calls only after policy passes | x402 receipt is payment evidence, not work evidence. |
+| Escrow | Lock funds until task terms, evidence, and approval rules are satisfied | AgentPay has a separate `create_escrow` tool for mutual-stake escrow when a factory is configured | Escrow must be explicit. It must not be hidden inside `x402_pay`. |
+| Identity | Bind buyers, workers, agents, and policies to identities | AgentPay exposes wallet and identity/reputation utilities from the wallet stack | Identity signals can inform policy, but they are not spend approval by themselves. |
+| Reputation | Score prior behavior and outcomes | AgentPay can read reputation signals and log payment outcomes | Reputation should be an input to policy, not the only policy. |
+| Work proof | Validate evidence, fulfillment, dispute state, and release conditions | Integration boundary with task-market or verifier systems | Work proof belongs above payment execution. |
+
+## Safe buyer architecture
+
+Use AgentPay as the x402 control layer in front of any task marketplace or paid worker flow:
+
+1. Discover the task or endpoint.
+2. Read identity, reputation, escrow, and work-proof requirements.
+3. Run AgentPay policy checks for spend cap, `payTo`, asset, network, price, manifest freshness, provider health, and approval mode.
+4. If the task requires escrow, call an escrow-specific flow such as `create_escrow`; do not treat a normal x402 receipt as escrow.
+5. Release or dispute funds only through the task-market or escrow contract state machine.
+6. Persist x402 receipts, escrow transaction hashes, worker evidence IDs, and approval logs as separate audit fields.
+
+## AgentPay guarantees today
+
+AgentPay can guarantee these payment-control properties when configured correctly:
+
+- Non-custodial local signing.
+- Human approval for high-risk or high-value payments.
+- Per-transaction and daily spend caps.
+- Network, asset, recipient, and manifest checks.
+- x402 `Payment-Signature` and `payment-response` receipt handling.
+- Separate escrow creation through `create_escrow` when the wallet SDK factory is configured.
+- Fail-closed behavior for unsupported ledgers or incomplete payment metadata.
+
+AgentPay should not claim these as automatic x402 guarantees:
+
+- Worker identity verification.
+- World ID proof.
+- Task outcome verification.
+- Dispute resolution.
+- Reputation scoring accuracy.
+- Escrow release correctness.
+
+## Integration rule
+
+A task platform can integrate AgentPay safely by treating it as the buyer-side payment policy layer. The platform should keep escrow, worker evidence, reputation, identity, and dispute state in its own task protocol or contracts, then pass only verified payment intents to AgentPay for approval and signing.

package/docs/agentpay-five-tool-parity-proof.json

@@ -0,0 +1,56 @@
+{
+  "proof": "agentpay-five-tool-x402-parity",
+  "market_signal": "OpenDexter documents x402_search, x402_check, x402_fetch, x402_wallet, and x402_pay across hosted session wallets and a local signer package.",
+  "agentpay_position": "Buyer-flow parity with local signing, explicit policy checks, and fail-closed unsupported-ledger handling.",
+  "grammar": [
+    {
+      "canonical_tool": "x402_search",
+      "agentpay_equivalent": [
+        "docs/agentpay-machine-payment-directory-listing.json",
+        "docs/mcp-registry-listing-proof.md",
+        "docs/directory-introspection-readiness.md"
+      ],
+      "safety_rule": "Search metadata cannot authorize payment."
+    },
+    {
+      "canonical_tool": "x402_check",
+      "agentpay_equivalent": [
+        "check_budget",
+        "check_spend_limit",
+        "docs/x402-dynamic-paid-mcp-manifest-drift.md",
+        "docs/paid-provider-health-proof.md",
+        "docs/paid-tool-quality-thresholds.md"
+      ],
+      "safety_rule": "Fail closed when network, asset, payTo, price, manifest freshness, or quality proof is missing."
+    },
+    {
+      "canonical_tool": "x402_fetch",
+      "agentpay_equivalent": [
+        "x402_pay",
+        "x402_session_start",
+        "x402_session_fetch"
+      ],
+      "safety_rule": "No automatic payment before policy, approval, cap, receipt, and session checks pass."
+    },
+    {
+      "canonical_tool": "x402_wallet",
+      "agentpay_equivalent": [
+        "get_wallet_info",
+        "set_spend_policy",
+        "deploy_wallet",
+        "x402_session_status"
+      ],
+      "safety_rule": "Private keys remain local and are never stored in directory or proxy metadata."
+    },
+    {
+      "canonical_tool": "x402_pay",
+      "agentpay_equivalent": [
+        "x402_pay",
+        "docs/x402-multi-ledger-receipt-normalization.md",
+        "docs/wallet-action-preflight-profile.md"
+      ],
+      "safety_rule": "Sign only after network, asset, amount, recipient, policy, and approval checks."
+    }
+  ],
+  "unsupported_ledger_policy": "Non-EVM rails remain fail-closed extension points until signer, asset, receipt, refund, and settlement semantics are implemented."
+}

package/docs/agentpay-five-tool-parity-proof.md

@@ -0,0 +1,64 @@
+# AgentPay five-tool x402 parity proof
+
+OpenDexter documents a compact paid-MCP grammar: `x402_search`, `x402_check`, `x402_fetch`, `x402_wallet`, and `x402_pay`. That grammar is useful because it gives buyer agents one mental model for discovery, policy checks, fetching, wallet state, and final payment.
+
+AgentPay does not need to copy hosted session custody to be compatible with that buyer flow. The safer parity target is a mapping that lets agents run the same sequence while keeping signing local, policy explicit, and unsupported chains fail closed.
+
+## Market signal
+
+Source: `Dexter-DAO/dexter-mcp` README, fetched during the May 4 market-intel cycle.
+
+Observed claims:
+
+- Hosted sessions create one Solana address and one EVM address for the user.
+- `x402_fetch` checks balances across chains and picks the best-funded chain accepted by the endpoint.
+- Sessions persist for 30 days in PostgreSQL.
+- The local signer package exposes the same five-tool story and stores a local wallet file.
+- The local signing path is currently optimized around Solana.
+
+## AgentPay parity map
+
+| OpenDexter grammar | AgentPay equivalent | Proof surface | Buyer safety rule |
+|---|---|---|---|
+| `x402_search` | Directory/listing metadata, registry proof, and discovery docs | `docs/agentpay-machine-payment-directory-listing.json`, `docs/mcp-registry-listing-proof.md`, `docs/directory-introspection-readiness.md` | Search results are metadata only. They cannot authorize payment. |
+| `x402_check` | Budget, spend-limit, manifest, provider-health, quality, and chain checks | `check_budget`, `check_spend_limit`, `docs/x402-dynamic-paid-mcp-manifest-drift.md`, `docs/paid-provider-health-proof.md`, `docs/paid-tool-quality-thresholds.md` | Checks must fail closed when network, asset, `payTo`, price, manifest freshness, or quality proof is missing. |
+| `x402_fetch` | `x402_pay` for paid fetches, or `x402_session_fetch` for reusable paid sessions | `x402_pay`, `x402_session_start`, `x402_session_fetch`, `docs/x402-v211-paid-mcp-compatibility.md` | Fetch must not auto-pay unless policy, approval, cap, receipt, and session state pass first. |
+| `x402_wallet` | Local wallet info, policy, deployment, and session status | `get_wallet_info`, `set_spend_policy`, `deploy_wallet`, `x402_session_status` | Wallet state stays local. Directories and hosted proxies do not receive private keys. |
+| `x402_pay` | Approval-gated x402 payment execution | `x402_pay`, `docs/x402-multi-ledger-receipt-normalization.md`, `docs/wallet-action-preflight-profile.md` | Payment signs only after explicit network, asset, amount, recipient, policy, and approval checks. |
+
+## Hosted session wallet boundary
+
+Hosted session wallets can reduce onboarding friction, but they move two risks into the provider surface:
+
+1. The provider or database becomes part of the wallet trust boundary.
+2. Chain auto-selection can hide which ledger, asset, and settlement target the buyer is about to use.
+
+AgentPay's default posture is different:
+
+- Signing stays local to the buyer runtime.
+- Policy approval happens before payment, not after a provider selects a chain.
+- The buyer sees `payTo`, network, asset, amount, session, receipt, and unsupported-ledger refusal copy before signing.
+- Directory and proxy metadata can help the buyer discover endpoints, but metadata alone never grants spend authority.
+
+## Multi-chain selection guardrails
+
+If a paid MCP endpoint supports more than one network, AgentPay should preserve these guardrails before any future auto-selection flow:
+
+- Require an allowlist for network and asset.
+- Require non-zero and verified `payTo`.
+- Prefer a deterministic buyer policy over provider-selected best balance.
+- Log why a chain was selected.
+- Refuse Solana, XRPL, TRON, TVM, or other non-EVM payments until signer, asset, receipt, refund, and settlement semantics are implemented for that rail.
+- Show the final chain and asset in approval copy.
+
+## Acceptance proof
+
+A buyer agent can follow the five-step grammar today without handing custody to AgentPay or a hosted directory:
+
+1. Search: read AgentPay listing metadata and proof docs.
+2. Check: validate price, manifest, chain, provider health, quality, budget, and approval policy.
+3. Fetch: use `x402_pay` or `x402_session_fetch` only after checks pass.
+4. Wallet: inspect local wallet and active sessions without exposing private keys.
+5. Pay: sign a capped x402 payment and persist the receipt/audit trail.
+
+This is five-tool parity at the buyer-flow layer, with local signer safety instead of hidden hosted-session custody.

package/docs/agentpay-machine-payment-directory-listing-pack.md

@@ -0,0 +1,101 @@
+# AgentPay machine-payment directory listing pack
+
+Machine-payment directories are starting to shape buyer discovery. If AgentPay is not described clearly in those directories, buyers will compare us against managed payment stacks using incomplete metadata.
+
+This pack gives directory maintainers a concise AgentPay listing with x402-only settlement wording, proof links, install instructions, and safety controls.
+
+## Listing title
+
+AgentPay MCP - non-custodial x402 payment controls for AI agents
+
+## Short description
+
+AgentPay MCP is an MCP server that lets AI agents pay x402-enabled APIs and tools with human approval, hard spend caps, non-custodial signing, and receipt/audit logging.
+
+## x402-only settlement wording
+
+AgentPay MCP is not a managed wallet, hosted custodian, or payment processor. It is a buyer-side x402 payment-control layer. Current production signing is Base/USDC-oriented, and non-EVM rails are treated as fail-closed extension points until signer, asset, settlement, receipt, and refund semantics are implemented.
+
+## Install snippet
+
+```bash
+npm install agentpay-mcp
+```
+
+MCP config:
+
+```json
+{
+  "mcpServers": {
+    "agentpay": {
+      "command": "npx",
+      "args": ["agentpay-mcp"],
+      "env": {
+        "AGENT_PRIVATE_KEY": "0x...",
+        "AGENT_WALLET_ADDRESS": "0x..."
+      }
+    }
+  }
+}
+```
+
+## Safety controls to list
+
+- Human approval for high-risk or high-value payments
+- Per-transaction and daily spend caps
+- Non-custodial private-key boundary
+- x402 `Payment-Signature` and `payment-response` receipt handling
+- Paid MCP manifest drift checks
+- Provider-health and quality-threshold gates
+- Chain-neutral gateway profile checks
+- Multi-ledger receipt normalization
+- Wallet-action simulate-first preflight profile
+
+## Proof links
+
+- npm: https://www.npmjs.com/package/agentpay-mcp
+- GitHub: https://github.com/up2itnow0822/agentpay-mcp
+- Chain-neutral x402 gateway profile: `docs/x402-chain-neutral-gateway-profile.md`
+- Multi-ledger receipt normalization: `docs/x402-multi-ledger-receipt-normalization.md`
+- Wallet-action preflight profile: `docs/wallet-action-preflight-profile.md`
+- Dynamic paid MCP manifest drift: `docs/x402-dynamic-paid-mcp-manifest-drift.md`
+- Smithery paid MCP installation: `docs/smithery-paid-mcp-installation.md`
+- Machine-readable listing JSON: `docs/agentpay-machine-payment-directory-listing.json`
+
+## Directory category suggestions
+
+- MCP servers
+- x402 tools
+- Agent payments
+- Stablecoin payment controls
+- Non-custodial agent wallets
+- Machine-payment buyer safety
+
+## Suggested PR body
+
+Add AgentPay MCP to the machine-payment directory as a non-custodial x402 payment-control layer for AI agents.
+
+Market signal: paid MCP and MPP directories are becoming a buyer discovery surface. AgentPay is not a managed custodian or generic wallet provider. It controls buyer-side x402 payments with approval gates, spend caps, receipt logging, and fail-closed handling for unsupported ledgers.
+
+Scope:
+
+- Add `agentpay-mcp` under MCP servers, x402 tools, or agent payment controls.
+- Use the x402-only settlement wording above.
+- Link npm, GitHub, and proof docs.
+- Do not claim broad live XRPL/TRON/Solana signing. Current non-EVM wording is fail-closed extension support.
+
+## Suggested issue body
+
+Could this directory add AgentPay MCP as a non-custodial x402 payment-control layer for AI agents?
+
+AgentPay MCP lets AI agents pay x402-enabled APIs and tools while enforcing human approval, hard spend caps, non-custodial signing, and receipt/audit logging. It fits the machine-payment directory category because it covers buyer-side payment governance for paid MCP tools, not hosted custody or managed settlement.
+
+Proof links:
+
+- npm: https://www.npmjs.com/package/agentpay-mcp
+- GitHub: https://github.com/up2itnow0822/agentpay-mcp
+- Listing JSON: `docs/agentpay-machine-payment-directory-listing.json`
+- Multi-ledger receipt normalization: `docs/x402-multi-ledger-receipt-normalization.md`
+- Wallet-action preflight profile: `docs/wallet-action-preflight-profile.md`
+
+Important wording: AgentPay MCP is a buyer-side x402 control layer. Current production signing is Base/USDC-oriented; non-EVM rails are fail-closed extension points until signer, asset, settlement, receipt, and refund semantics are implemented.

package/docs/agentpay-machine-payment-directory-listing.json

@@ -0,0 +1,41 @@
+{
+  "name": "agentpay-mcp",
+  "title": "AgentPay MCP",
+  "description": "Non-custodial x402 payment controls for AI agents using MCP.",
+  "category": [
+    "mcp-server",
+    "x402",
+    "agent-payments",
+    "non-custodial",
+    "buyer-safety"
+  ],
+  "package": {
+    "manager": "npm",
+    "name": "agentpay-mcp",
+    "install": "npm install agentpay-mcp",
+    "url": "https://www.npmjs.com/package/agentpay-mcp"
+  },
+  "repository": "https://github.com/up2itnow0822/agentpay-mcp",
+  "settlement_wording": "Buyer-side x402 payment-control layer. Current production signing is Base/USDC-oriented; non-EVM rails are fail-closed extension points until signer, asset, settlement, receipt, and refund semantics are implemented.",
+  "supported_claims": {
+    "x402": true,
+    "mcp": true,
+    "non_custodial": true,
+    "human_approval": true,
+    "spend_caps": true,
+    "receipt_logging": true,
+    "managed_custody": false
+  },
+  "proofs": [
+    "docs/x402-chain-neutral-gateway-profile.md",
+    "docs/x402-multi-ledger-receipt-normalization.md",
+    "docs/wallet-action-preflight-profile.md",
+    "docs/x402-dynamic-paid-mcp-manifest-drift.md",
+    "docs/smithery-paid-mcp-installation.md"
+  ],
+  "mcp_config": {
+    "command": "npx",
+    "args": ["agentpay-mcp"],
+    "required_env": ["AGENT_PRIVATE_KEY", "AGENT_WALLET_ADDRESS"]
+  }
+}

package/docs/agentpay-paid-proxy-discovery-listing.json

@@ -0,0 +1,42 @@
+{
+  "name": "agentpay-mcp",
+  "title": "AgentPay MCP",
+  "role": "buyer-side x402 payment-control layer for paid MCP tools",
+  "package": "agentpay-mcp",
+  "mcp_name": "io.github.up2itnow0822/agentpay",
+  "repository": "https://github.com/up2itnow0822/agentpay-mcp",
+  "npm": "https://www.npmjs.com/package/agentpay-mcp",
+  "install": {
+    "command": "npx",
+    "args": ["agentpay-mcp"],
+    "required_env": ["AGENT_PRIVATE_KEY", "AGENT_WALLET_ADDRESS", "CHAIN_ID", "RPC_URL"]
+  },
+  "supports": [
+    "MCP",
+    "x402 payment execution",
+    "human approval",
+    "per-transaction spend caps",
+    "daily spend caps",
+    "receipt logging",
+    "manifest freshness checks",
+    "provider-health checks",
+    "quality-threshold checks"
+  ],
+  "does_not_provide": [
+    "managed custody",
+    "pooled SaaS token custody",
+    "automatic non-EVM signing",
+    "task outcome verification",
+    "reputation scoring as payment approval"
+  ],
+  "proofs": [
+    "docs/agentpay-five-tool-parity-proof.md",
+    "docs/agentpay-escrow-reputation-boundary.md",
+    "docs/paid-mcp-proxy-discovery-readiness.md",
+    "docs/agentpay-machine-payment-directory-listing.json",
+    "docs/x402-dynamic-paid-mcp-manifest-drift.md",
+    "docs/paid-provider-health-proof.md",
+    "docs/paid-tool-quality-thresholds.md"
+  ],
+  "settlement_wording": "Buyer-side x402 payment controls with local non-custodial signing. Base/USDC-oriented production signing; unsupported non-EVM rails fail closed until signer, asset, receipt, refund, and settlement semantics are implemented."
+}