gatepay-local-mcp 1.0.2 → 1.0.4

package/dist/src/index.js

@@ -13,8 +13,13 @@ import { normalizeX402RequestInput } from "./modes/input-normalizer.js";
 import { LocalPrivateKeyMode } from "./modes/local-private-key.js";
 import { PluginWalletMode } from "./modes/plugin-wallet.js";
 import { createSignModeRegistry, formatSignModeSelectionError, } from "./modes/registry.js";
-import { QuickWalletMode } from "./modes/quick-wallet.js";
-import { getMcpClientSync } from "./wallets/wallet-mcp-clients.js";
+import { getQuickWalletAddressPayload, QuickWalletMode, runQuickWalletDeviceAuthIfNeeded, } from "./modes/quick-wallet.js";
+import { getMcpClient, getMcpClientSync } from "./wallets/wallet-mcp-clients.js";
+import { X402ClientStandalone } from "./x402/client.js";
+import { ExactEvmScheme } from "./x402/exactEvmScheme.js";
+import { ExactSvmScheme } from "./x402/exactSvmScheme.js";
+import { decodePaymentRequiredHeader, encodePaymentSignatureHeader, getPaymentRequiredResponse } from "./x402/http.js";
+import { normalizePaymentRequirements } from "./x402/utils.js";
 const __dirname = dirname(fileURLToPath(import.meta.url));
 function findPackageRoot(startDir) {
     let dir = startDir;
@@ -31,6 +36,17 @@ const packageRoot = findPackageRoot(__dirname);
 config({ path: join(packageRoot, ".env") });
 const TOOL_NAME = "x402_request";
 const INSUFFICIENT_BALANCE_CODE = "800001001";
+const SUPPORTED_NETWORKS = [
+    "gatelayer_testnet",
+    "eth",
+    "base",
+    "Polygon",
+    "gatelayer",
+    "gatechain",
+    "Arbitrum One",
+];
+// 保留原有工具的schema定义（虽然不再对外暴露，但保留用于向后兼容）
+// eslint-disable-next-line @typescript-eslint/no-unused-vars
 const INPUT_SCHEMA = {
     type: "object",
     properties: {
@@ -48,7 +64,8 @@ const INPUT_SCHEMA = {
         },
         sign_mode: {
             type: "string",
-            description: "Optional preferred signing mode. Omit to auto-select the highest-priority ready mode.",
+            description: "Optional preferred signing mode. Omit to auto-select the highest-priority ready mode. " +
+                "If the initial payment fails, ask the user which payment method to use instead of automatically retrying.",
             enum: ["local_private_key", "quick_wallet", "plugin_wallet"],
         },
         wallet_login_provider: {
@@ -59,8 +76,145 @@ const INPUT_SCHEMA = {
     },
     required: ["url"],
 };
+// eslint-disable-next-line @typescript-eslint/no-unused-vars
 const TOOL_DESCRIPTION = "Execute a single HTTP request with automatic x402 payment on 402. Use ONLY for endpoints that require payment (402). " +
-    "Set sign_mode to choose a signing mode, or omit it to auto-select the highest-priority ready mode.";
+    "Set sign_mode to choose a signing mode, or omit it to auto-select the highest-priority ready mode. " +
+    "IMPORTANT: If a payment fails, do NOT automatically retry with a different sign_mode. Instead, ask the user which payment method they would like to try.";
+// New tool schemas
+const PLACE_ORDER_INPUT_SCHEMA = {
+    type: "object",
+    properties: {
+        url: {
+            type: "string",
+            description: "Full URL of the endpoint. Must be a complete http/https URL.",
+        },
+        method: {
+            type: "string",
+            description: "HTTP method: GET, POST, PUT, or PATCH. Default POST.",
+            enum: ["GET", "POST", "PUT", "PATCH"],
+        },
+        body: {
+            type: "string",
+            description: "JSON string request body for POST/PUT/PATCH. Omit for GET.",
+        },
+    },
+    required: ["url"],
+};
+const PLACE_ORDER_DESCRIPTION = "Send an HTTP request and return complete response information including headers, body, and the original request details. " +
+    "Returns status code, all response headers (including PAYMENT-REQUIRED if present), response body, and the original request parameters. " +
+    "Use this for any HTTP request where you need full response details.";
+const SIGN_PAYMENT_INPUT_SCHEMA = {
+    type: "object",
+    properties: {
+        url: {
+            type: "string",
+            description: "Target URL for the payment request",
+        },
+        method: {
+            type: "string",
+            description: "HTTP method for the request",
+            enum: ["GET", "POST", "PUT", "PATCH"],
+        },
+        body: {
+            type: "string",
+            description: "JSON string request body (optional)",
+        },
+        payment_required_header: {
+            type: "string",
+            description: "Base64-encoded PAYMENT-REQUIRED header value from a 402 response",
+        },
+        response_body: {
+            type: "string",
+            description: "Optional: Response body from 402 response, used for parsing payment requirements if PAYMENT-REQUIRED header is not available",
+        },
+        sign_mode: {
+            type: "string",
+            description: "Optional preferred signing mode. Omit to auto-select the highest-priority ready mode.",
+            enum: ["local_private_key", "quick_wallet", "plugin_wallet"],
+        },
+        wallet_login_provider: {
+            type: "string",
+            description: "When quick_wallet needs login: OAuth provider. google = Google account, gate = Gate account. Defaults to gate.",
+            enum: ["google", "gate"],
+        },
+    },
+    required: ["url"],
+};
+const SIGN_PAYMENT_DESCRIPTION = "Parse X402 payment requirements from PAYMENT-REQUIRED header or response body, create a signed payment authorization, " +
+    "and submit the payment to complete a 402-protected request. " +
+    "Supports three signing modes: local_private_key (local EVM wallet), quick_wallet (custodial MCP wallet), and plugin_wallet (browser extension wallet). " +
+    "Provide either payment_required_header or response_body containing X402 payment requirements.";
+const QUICK_WALLET_AUTH_INPUT_SCHEMA = {
+    type: "object",
+    properties: {
+        wallet_login_provider: {
+            type: "string",
+            description: "Device-flow OAuth provider when MCP token is missing or expired. google = Google account, gate = Gate account. Defaults to gate.",
+            enum: ["google", "gate"],
+        },
+    },
+    required: [],
+};
+const QUICK_WALLET_AUTH_DESCRIPTION = "When the user selects sign_mode quick_wallet, run this tool first to perform the same device-flow login/authorization as the quick_wallet signing path. " +
+    "If the in-process MCP token is already valid, returns ready status and wallet addresses; otherwise opens the browser flow (Gate by default, or Google if wallet_login_provider is google). " +
+    "After a fresh login succeeds, the user may need to confirm before continuing to payment. " +
+    "To switch authorization provider (e.g. Gate vs Google), restart the MCP server; the in-process wallet client keeps the current session until restart.";
+// New tool schemas for signature creation and payment submission
+const CREATE_SIGNATURE_INPUT_SCHEMA = {
+    type: "object",
+    properties: {
+        payment_required_header: {
+            type: "string",
+            description: "Base64-encoded PAYMENT-REQUIRED header value from a 402 response",
+        },
+        response_body: {
+            type: "string",
+            description: "Optional: Response body from 402 response, used if PAYMENT-REQUIRED header is not available",
+        },
+        sign_mode: {
+            type: "string",
+            description: "Optional preferred signing mode. Omit to auto-select the highest-priority ready mode.",
+            enum: ["local_private_key", "quick_wallet", "plugin_wallet"],
+        },
+        wallet_login_provider: {
+            type: "string",
+            description: "When quick_wallet needs login: OAuth provider (google or gate). Defaults to gate.",
+            enum: ["google", "gate"],
+        },
+    },
+    required: [],
+};
+const CREATE_SIGNATURE_DESCRIPTION = "Parse X402 payment requirements and create a signed payment authorization. " +
+    "Returns the complete payment payload including signature and the base64-encoded " +
+    "PAYMENT-SIGNATURE header value. Supports three signing modes: local_private_key, " +
+    "quick_wallet, and plugin_wallet. The output can be used with x402_submit_payment " +
+    "to complete the payment request.";
+const SUBMIT_PAYMENT_INPUT_SCHEMA = {
+    type: "object",
+    properties: {
+        url: {
+            type: "string",
+            description: "Target URL for the payment request",
+        },
+        method: {
+            type: "string",
+            description: "HTTP method for the request. Default POST.",
+            enum: ["GET", "POST", "PUT", "PATCH"],
+        },
+        body: {
+            type: "string",
+            description: "JSON string request body (optional)",
+        },
+        payment_signature: {
+            type: "string",
+            description: "Base64-encoded PAYMENT-SIGNATURE header value from x402_create_signature",
+        },
+    },
+    required: ["url", "payment_signature"],
+};
+const SUBMIT_PAYMENT_DESCRIPTION = "Submit a signed payment to complete a 402-protected request. Takes the " +
+    "payment_signature from x402_create_signature and sends it to the merchant " +
+    "along with the original request. Returns the final response from the merchant.";
 function parsePossiblyNestedJson(text) {
     try {
         const parsed = JSON.parse(text);
@@ -130,10 +284,363 @@ function buildRequestInit(method, body) {
     }
     throw new Error(`不支持的 method: ${method}`);
 }
+function createErrorResponse(message) {
+    return {
+        content: [{ type: "text", text: message }],
+        isError: true,
+    };
+}
+function createSuccessResponse(text) {
+    return {
+        content: [{ type: "text", text }],
+        isError: false,
+    };
+}
+async function validateToolRequest(name, args) {
+    if (name !== TOOL_NAME) {
+        return createErrorResponse(`未知工具: ${name}. 仅支持 ${TOOL_NAME}。`);
+    }
+    const normalized = normalizeX402RequestInput((args ?? {}));
+    if (!normalized.url || !normalized.url.startsWith("http")) {
+        return createErrorResponse("缺少或无效参数 url（需完整 http/https URL）。");
+    }
+    return null;
+}
+function isCallToolResult(result) {
+    return (typeof result === "object" &&
+        result !== null &&
+        "content" in result &&
+        Array.isArray(result.content));
+}
+async function selectSignModeAndGetPayFetch(registry, signMode, walletLoginProvider) {
+    try {
+        const selectedMode = await registry.selectMode(signMode);
+        const payFetch = await registry.getOrCreatePayFetch(selectedMode.mode, {
+            walletLoginProvider,
+        });
+        return { payFetch };
+    }
+    catch (error) {
+        return createErrorResponse(formatSignModeSelectionError(error));
+    }
+}
+function formatResponseText(responseText) {
+    try {
+        const json = JSON.parse(responseText);
+        return json.data != null
+            ? JSON.stringify(json.data, null, 2)
+            : JSON.stringify(json, null, 2);
+    }
+    catch {
+        return responseText;
+    }
+}
+async function handleResponseWithBalanceCheck(response, responseText) {
+    const text = formatResponseText(responseText);
+    const insufficientBalance = containsInsufficientBalanceSignal(responseText) ||
+        containsInsufficientBalanceSignal(text);
+    if (!response.ok && response.status !== 402) {
+        if (insufficientBalance) {
+            return createErrorResponse(await buildInsufficientBalanceReply(text));
+        }
+        return createErrorResponse(`HTTP ${response.status}: ${text}`);
+    }
+    if (insufficientBalance) {
+        return createErrorResponse(await buildInsufficientBalanceReply(text));
+    }
+    return createSuccessResponse(text);
+}
+async function executeX402Request(payFetch, normalized) {
+    try {
+        const init = buildRequestInit(normalized.method, normalized.body);
+        const response = await payFetch(normalized.url, init);
+        const responseText = await response.text();
+        return await handleResponseWithBalanceCheck(response, responseText);
+    }
+    catch (error) {
+        if (error instanceof Error && error.message.includes("不支持的 method")) {
+            return createErrorResponse(error.message);
+        }
+        throw error;
+    }
+}
+async function handleRequestError(err) {
+    const message = err instanceof Error ? err.message : String(err);
+    if (containsInsufficientBalanceSignal(message)) {
+        return createErrorResponse(await buildInsufficientBalanceReply(message));
+    }
+    const hint = message.toLowerCase().includes("fetch") || message.toLowerCase().includes("econnrefused")
+        ? " 请确认 url 可访问；402 支付需托管钱包已登录且有足够余额。"
+        : "";
+    return createErrorResponse(`请求失败: ${message}.${hint}`);
+}
+async function handlePlaceOrder(args) {
+    try {
+        const normalized = normalizeX402RequestInput(args);
+        if (!normalized.url || !normalized.url.startsWith("http")) {
+            return createErrorResponse("缺少或无效参数 url（需完整 http/https URL）。");
+        }
+        const init = buildRequestInit(normalized.method, normalized.body);
+        const response = await fetch(normalized.url, init);
+        const responseText = await response.text();
+        const headers = {};
+        response.headers.forEach((value, key) => {
+            headers[key] = value;
+        });
+        const result = {
+            request: {
+                url: normalized.url,
+                method: normalized.method,
+                body: normalized.body || null,
+            },
+            response: {
+                status: response.status,
+                statusText: response.statusText,
+                headers,
+                body: responseText,
+            },
+        };
+        return createSuccessResponse(JSON.stringify(result, null, 2));
+    }
+    catch (err) {
+        return await handleRequestError(err);
+    }
+}
+async function handleQuickWalletAuth(args, options) {
+    const walletLoginProvider = String(args.wallet_login_provider ?? "gate").toLowerCase() === "google"
+        ? "google"
+        : "gate";
+    try {
+        const mcp = await getMcpClient({
+            serverUrl: options.mcpWalletUrl,
+            apiKey: options.mcpApiKey,
+        });
+        const phase = await runQuickWalletDeviceAuthIfNeeded(mcp, options.mcpWalletUrl, { walletLoginProvider });
+        const addresses = await getQuickWalletAddressPayload(mcp);
+        if (phase === "login_succeeded") {
+            return createSuccessResponse([
+                "quick_wallet 登录成功。",
+                `钱包地址信息：${JSON.stringify(addresses, null, 2)}`
+            ].join("\n"));
+        }
+        return createSuccessResponse(JSON.stringify({
+            status: "ready",
+            summary: "quick_wallet 进程内已有有效 MCP 登录态。",
+            wallet_addresses: addresses,
+        }, null, 2));
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        return createErrorResponse(message);
+    }
+}
+async function handleSignPayment(args, signModeRegistry) {
+    try {
+        // 1. 解析参数
+        const url = String(args.url ?? "").trim();
+        const method = String(args.method ?? "POST").trim().toUpperCase();
+        const body = args.body != null ? String(args.body) : "";
+        const paymentRequiredHeader = args.payment_required_header != null ? String(args.payment_required_header).trim() : "";
+        const responseBody = args.response_body != null ? String(args.response_body).trim() : "";
+        const signMode = args.sign_mode != null ? String(args.sign_mode).trim() : undefined;
+        const walletLoginProvider = String(args.wallet_login_provider ?? "gate").toLowerCase() === "google" ? "google" : "gate";
+        if (!url || !url.startsWith("http")) {
+            return createErrorResponse("缺少或无效参数 url（需完整 http/https URL）。");
+        }
+        // 2. 解析 PAYMENT-REQUIRED
+        let paymentRequired;
+        try {
+            if (paymentRequiredHeader) {
+                paymentRequired = decodePaymentRequiredHeader(paymentRequiredHeader);
+            }
+            else if (responseBody) {
+                // 尝试从响应体解析
+                const getHeader = () => null;
+                let bodyObj;
+                try {
+                    bodyObj = JSON.parse(responseBody);
+                }
+                catch {
+                    return createErrorResponse("无法解析响应体为JSON，且未提供payment_required_header参数。");
+                }
+                paymentRequired = getPaymentRequiredResponse(getHeader, bodyObj);
+            }
+            else {
+                return createErrorResponse("缺少payment_required_header或response_body参数，无法解析支付要求。");
+            }
+            paymentRequired = {
+                ...paymentRequired,
+                accepts: normalizePaymentRequirements(paymentRequired.accepts),
+            };
+        }
+        catch (error) {
+            return createErrorResponse(`解析PAYMENT-REQUIRED失败: ${error instanceof Error ? error.message : String(error)}`);
+        }
+        // 3. 获取签名器
+        const signModeResult = await selectSignModeAndGetPayFetch(signModeRegistry, signMode, walletLoginProvider);
+        if (isCallToolResult(signModeResult)) {
+            return signModeResult;
+        }
+        // 4. 创建支付payload
+        const selectedMode = await signModeRegistry.selectMode(signMode);
+        const signerSession = await selectedMode.mode.resolveSigner({ walletLoginProvider });
+        const client = new X402ClientStandalone();
+        // Register EVM networks
+        if (signerSession.signer) {
+            const evmScheme = new ExactEvmScheme(signerSession.signer);
+            for (const network of SUPPORTED_NETWORKS) {
+                client.register(network, evmScheme);
+            }
+        }
+        // Register Solana networks if solanaSigner is available
+        if (signerSession.solanaSigner) {
+            const solanaNetworks = [
+                { name: "solana", rpcUrl: "https://api.mainnet-beta.solana.com" },
+                { name: "solana-devnet", rpcUrl: "https://api.devnet.solana.com" },
+            ];
+            for (const network of solanaNetworks) {
+                const svmScheme = new ExactSvmScheme(signerSession.solanaSigner, {
+                    rpcUrl: network.rpcUrl,
+                });
+                client.register(network.name, svmScheme);
+            }
+        }
+        let paymentPayload;
+        try {
+            paymentPayload = await client.createPaymentPayload(paymentRequired);
+        }
+        catch (error) {
+            return createErrorResponse(`创建支付payload失败: ${error instanceof Error ? error.message : String(error)}`);
+        }
+        // 5. 携带签名重新请求
+        const init = buildRequestInit(method, body);
+        const encoded = encodePaymentSignatureHeader(paymentPayload);
+        const request = new Request(url, init);
+        request.headers.set("PAYMENT-SIGNATURE", encoded);
+        request.headers.set("Access-Control-Expose-Headers", "PAYMENT-RESPONSE,X-PAYMENT-RESPONSE");
+        const finalResponse = await fetch(request);
+        const finalResponseText = await finalResponse.text();
+        return await handleResponseWithBalanceCheck(finalResponse, finalResponseText);
+    }
+    catch (err) {
+        return await handleRequestError(err);
+    }
+}
+async function handleCreateSignature(args, signModeRegistry) {
+    try {
+        const paymentRequiredHeader = args.payment_required_header != null ? String(args.payment_required_header).trim() : "";
+        const responseBody = args.response_body != null ? String(args.response_body).trim() : "";
+        const signMode = args.sign_mode != null ? String(args.sign_mode).trim() : undefined;
+        const walletLoginProvider = String(args.wallet_login_provider ?? "gate").toLowerCase() === "google" ? "google" : "gate";
+        // 1. 解析 PAYMENT-REQUIRED
+        let paymentRequired;
+        try {
+            if (paymentRequiredHeader) {
+                paymentRequired = decodePaymentRequiredHeader(paymentRequiredHeader);
+            }
+            else if (responseBody) {
+                const getHeader = () => null;
+                let bodyObj;
+                try {
+                    bodyObj = JSON.parse(responseBody);
+                }
+                catch {
+                    return createErrorResponse("无法解析响应体为JSON，且未提供payment_required_header参数。");
+                }
+                paymentRequired = getPaymentRequiredResponse(getHeader, bodyObj);
+            }
+            else {
+                return createErrorResponse("缺少payment_required_header或response_body参数。");
+            }
+            paymentRequired = {
+                ...paymentRequired,
+                accepts: normalizePaymentRequirements(paymentRequired.accepts),
+            };
+        }
+        catch (error) {
+            return createErrorResponse(`解析PAYMENT-REQUIRED失败: ${error instanceof Error ? error.message : String(error)}`);
+        }
+        // 2. 获取签名器并创建签名
+        const signModeResult = await selectSignModeAndGetPayFetch(signModeRegistry, signMode, walletLoginProvider);
+        if (isCallToolResult(signModeResult)) {
+            return signModeResult;
+        }
+        const selectedMode = await signModeRegistry.selectMode(signMode);
+        const signerSession = await selectedMode.mode.resolveSigner({ walletLoginProvider });
+        const client = new X402ClientStandalone();
+        // Register EVM networks
+        if (signerSession.signer) {
+            const evmScheme = new ExactEvmScheme(signerSession.signer);
+            for (const network of SUPPORTED_NETWORKS) {
+                client.register(network, evmScheme);
+            }
+        }
+        // Register Solana networks if solanaSigner is available
+        if (signerSession.solanaSigner) {
+            const solanaNetworks = [
+                { name: "solana", rpcUrl: "https://api.mainnet-beta.solana.com" },
+                { name: "solana-devnet", rpcUrl: "https://api.devnet.solana.com" },
+            ];
+            for (const network of solanaNetworks) {
+                const svmScheme = new ExactSvmScheme(signerSession.solanaSigner, {
+                    rpcUrl: network.rpcUrl,
+                });
+                client.register(network.name, svmScheme);
+            }
+        }
+        let paymentPayload;
+        try {
+            paymentPayload = await client.createPaymentPayload(paymentRequired);
+        }
+        catch (error) {
+            return createErrorResponse(`创建支付payload失败: ${error instanceof Error ? error.message : String(error)}`);
+        }
+        // 3. 返回完整的payload和编码后的签名
+        const encoded = encodePaymentSignatureHeader(paymentPayload);
+        const result = {
+            paymentPayload,
+            encodedSignature: encoded,
+        };
+        return createSuccessResponse(JSON.stringify(result, null, 2));
+    }
+    catch (err) {
+        return await handleRequestError(err);
+    }
+}
+async function handleSubmitPayment(args) {
+    try {
+        const url = String(args.url ?? "").trim();
+        const method = String(args.method ?? "POST").trim().toUpperCase();
+        const body = args.body != null ? String(args.body) : "";
+        const paymentSignature = String(args.payment_signature ?? "").trim();
+        if (!url || !url.startsWith("http")) {
+            return createErrorResponse("缺少或无效参数 url（需完整 http/https URL）。");
+        }
+        if (!paymentSignature) {
+            return createErrorResponse("缺少 payment_signature 参数。");
+        }
+        // 构建请求并添加签名头
+        const init = buildRequestInit(method, body);
+        const request = new Request(url, init);
+        request.headers.set("PAYMENT-SIGNATURE", paymentSignature);
+        request.headers.set("Access-Control-Expose-Headers", "PAYMENT-RESPONSE,X-PAYMENT-RESPONSE");
+        // 发送支付请求
+        const finalResponse = await fetch(request);
+        const finalResponseText = await finalResponse.text();
+        return await handleResponseWithBalanceCheck(finalResponse, finalResponseText);
+    }
+    catch (err) {
+        return await handleRequestError(err);
+    }
+}
 async function main() {
-    const quickWalletMcpUrl = process.env.MCP_WALLET_URL ?? "https://api.gatemcp.ai/mcp/dex";
-    const quickWalletApiKey = process.env.MCP_WALLET_API_KEY;
-    const pluginWalletServerUrl = process.env.PLUGIN_WALLET_SERVER_URL ?? "https://walletmcp-test.gateweb3.cc/mcp";
+    const quickWalletMcpUrl = process.env.QUICK_WALLET_SERVER_URL ?? "https://api.gatemcp.ai/mcp/dex";
+    const quickWalletApiKey = process.env.QUICK_WALLET_API_KEY;
+    const pluginWalletBaseUrl = process.env.PLUGIN_WALLET_SERVER_URL ?? "https://walletmcp.gate.com/mcp";
+    const pluginWalletToken = process.env.PLUGIN_WALLET_TOKEN;
+    const pluginWalletServerUrl = pluginWalletToken
+        ? `${pluginWalletBaseUrl}?token=${encodeURIComponent(pluginWalletToken)}`
+        : undefined;
     const signModeRegistry = createSignModeRegistry([
         new LocalPrivateKeyMode(),
         new QuickWalletMode({ mcpWalletUrl: quickWalletMcpUrl, mcpApiKey: quickWalletApiKey }),
@@ -146,119 +653,81 @@ async function main() {
     server.registerCapabilities({ tools: { listChanged: false } });
     server.setRequestHandler(ListToolsRequestSchema, () => ({
         tools: [
+            // 原有 x402_request 工具保留代码但不再对外暴露
+            // {
+            //   name: TOOL_NAME,
+            //   description: TOOL_DESCRIPTION,
+            //   inputSchema: INPUT_SCHEMA,
+            // },
             {
-                name: TOOL_NAME,
-                description: TOOL_DESCRIPTION,
-                inputSchema: INPUT_SCHEMA,
+                name: "x402_place_order",
+                description: PLACE_ORDER_DESCRIPTION,
+                inputSchema: PLACE_ORDER_INPUT_SCHEMA,
+            },
+            {
+                name: "x402_sign_payment",
+                description: SIGN_PAYMENT_DESCRIPTION,
+                inputSchema: SIGN_PAYMENT_INPUT_SCHEMA,
+            },
+            {
+                name: "x402_create_signature",
+                description: CREATE_SIGNATURE_DESCRIPTION,
+                inputSchema: CREATE_SIGNATURE_INPUT_SCHEMA,
+            },
+            {
+                name: "x402_submit_payment",
+                description: SUBMIT_PAYMENT_DESCRIPTION,
+                inputSchema: SUBMIT_PAYMENT_INPUT_SCHEMA,
+            },
+            {
+                name: "x402_quick_wallet_auth",
+                description: QUICK_WALLET_AUTH_DESCRIPTION,
+                inputSchema: QUICK_WALLET_AUTH_INPUT_SCHEMA,
             },
         ],
     }));
     server.setRequestHandler(CallToolRequestSchema, async (request) => {
         const { name, arguments: args } = request.params;
-        if (name !== TOOL_NAME) {
-            return {
-                content: [{ type: "text", text: `未知工具: ${name}. 仅支持 ${TOOL_NAME}。` }],
-                isError: true,
-            };
+        // 处理新工具
+        if (name === "x402_place_order") {
+            return await handlePlaceOrder(args ?? {});
         }
-        const normalized = normalizeX402RequestInput((args ?? {}));
-        if (!normalized.url || !normalized.url.startsWith("http")) {
-            return {
-                content: [{ type: "text", text: "缺少或无效参数 url（需完整 http/https URL）。" }],
-                isError: true,
-            };
+        if (name === "x402_sign_payment") {
+            return await handleSignPayment(args ?? {}, signModeRegistry);
         }
-        let payFetch;
-        try {
-            const selectedMode = await signModeRegistry.selectMode(normalized.signMode);
-            payFetch = await signModeRegistry.getOrCreatePayFetch(selectedMode.mode, {
-                walletLoginProvider: normalized.walletLoginProvider,
-            });
+        if (name === "x402_create_signature") {
+            return await handleCreateSignature(args ?? {}, signModeRegistry);
         }
-        catch (error) {
-            return {
-                content: [{ type: "text", text: formatSignModeSelectionError(error) }],
-                isError: true,
-            };
+        if (name === "x402_submit_payment") {
+            return await handleSubmitPayment(args ?? {});
         }
-        try {
-            let init;
-            try {
-                init = buildRequestInit(normalized.method, normalized.body);
+        if (name === "x402_quick_wallet_auth") {
+            return await handleQuickWalletAuth(args ?? {}, {
+                mcpWalletUrl: quickWalletMcpUrl,
+                mcpApiKey: quickWalletApiKey,
+            });
+        }
+        // 保留原有 x402_request 工具的处理逻辑（虽然不再对外暴露）
+        if (name === TOOL_NAME) {
+            const validationError = await validateToolRequest(name, args);
+            if (validationError) {
+                return validationError;
             }
-            catch (error) {
-                return {
-                    content: [{ type: "text", text: error instanceof Error ? error.message : String(error) }],
-                    isError: true,
-                };
+            const normalized = normalizeX402RequestInput((args ?? {}));
+            const signModeResult = await selectSignModeAndGetPayFetch(signModeRegistry, normalized.signMode, normalized.walletLoginProvider);
+            if (isCallToolResult(signModeResult)) {
+                return signModeResult;
             }
-            const response = await payFetch(normalized.url, init);
-            const responseText = await response.text();
-            let text;
+            const payFetch = signModeResult.payFetch;
             try {
-                const json = JSON.parse(responseText);
-                text =
-                    json.data != null
-                        ? JSON.stringify(json.data, null, 2)
-                        : JSON.stringify(json, null, 2);
-            }
-            catch {
-                text = responseText;
-            }
-            const insufficientBalance = containsInsufficientBalanceSignal(responseText) ||
-                containsInsufficientBalanceSignal(text);
-            if (!response.ok && response.status !== 402) {
-                if (insufficientBalance) {
-                    return {
-                        content: [
-                            {
-                                type: "text",
-                                text: await buildInsufficientBalanceReply(text),
-                            },
-                        ],
-                        isError: true,
-                    };
-                }
-                return {
-                    content: [{ type: "text", text: `HTTP ${response.status}: ${text}` }],
-                    isError: true,
-                };
+                const result = await executeX402Request(payFetch, normalized);
+                return result;
             }
-            // 上游常以 HTTP 200 + 业务 JSON（message 含 insufficient balance）表示余额不足，需同样拉取钱包余额
-            if (insufficientBalance) {
-                return {
-                    content: [
-                        {
-                            type: "text",
-                            text: await buildInsufficientBalanceReply(text),
-                        },
-                    ],
-                    isError: true,
-                };
+            catch (err) {
+                return await handleRequestError(err);
             }
-            return { content: [{ type: "text", text }], isError: false };
-        }
-        catch (err) {
-            const message = err instanceof Error ? err.message : String(err);
-            if (containsInsufficientBalanceSignal(message)) {
-                return {
-                    content: [
-                        {
-                            type: "text",
-                            text: await buildInsufficientBalanceReply(message),
-                        },
-                    ],
-                    isError: true,
-                };
-            }
-            const hint = message.toLowerCase().includes("fetch") || message.toLowerCase().includes("econnrefused")
-                ? " 请确认 url 可访问；402 支付需托管钱包已登录且有足够余额。"
-                : "";
-            return {
-                content: [{ type: "text", text: `请求失败: ${message}.${hint}` }],
-                isError: true,
-            };
         }
+        return createErrorResponse(`未知工具: ${name}`);
     });
     const stdio = new StdioServerTransport();
     await server.connect(stdio);