mpp32-mcp-server 1.1.3 → 1.2.0

package/CHANGELOG.md

@@ -4,6 +4,77 @@ All notable changes to `mpp32-mcp-server` are documented here. The format
 follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/) and the
 project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.2.0] - 2026-05-11
+
+This release makes x402 payments actually work end-to-end. Prior versions
+shipped a non-spec-compliant signing path that the official x402.org
+facilitator rejected with HTTP 400 on every paid call, so no settlement ever
+occurred. The signing path has been rewritten from scratch against the
+[Coinbase x402 reference implementation](https://github.com/coinbase/x402).
+
+### Fixed (the headline)
+
+* **Real Solana x402 payments.** When a server returns a `Payment-Required`
+  challenge on a `solana:*` network, the MCP client now builds a real Solana
+  `VersionedTransaction` with the three instructions the `exact` SVM scheme
+  requires — `SetComputeUnitLimit`, `SetComputeUnitPrice`, and SPL-Token
+  `TransferChecked` between the payer's and recipient's Associated Token
+  Accounts. The transaction is partially signed by the payer (the fee-payer
+  slot is left empty for the facilitator to fill at `/settle` time, per spec)
+  and base64-encoded into the `payload.transaction` field. The official
+  `x402.org/facilitator` now accepts and settles these payments.
+
+* **Real EVM x402 payments on Base.** For challenges with `network: "base"`
+  or `network: "base-sepolia"` (and the `eip155:*` aliases), the client now
+  signs an EIP-3009 `transferWithAuthorization` typed-data message using
+  `viem` and the EVM private key in `MPP32_PRIVATE_KEY`. This unblocks the
+  ~85% of the federated catalog (~3,900 of 4,581 entries) that lives on
+  Base — Exa Search, Firecrawl, OpenAI's x402 gateway, Anthropic's,
+  Alchemy RPC, CoinGecko Pro, Nansen, Cloudflare Workers AI, and the rest.
+
+### Added
+
+* **`path` argument to `call_mpp32_endpoint`.** Many curated catalog
+  entries store only an upstream base URL (e.g. `https://api.exa.ai`). Pass
+  the upstream path (e.g. `/search`) via the new `path` parameter to hit a
+  real endpoint instead of `POST /` (which returned 404). The agent server
+  forwards the path and appends it safely to the catalog base URL.
+
+* **`MPP32_SOLANA_RPC_URL` env var.** Override the Solana RPC used to fetch
+  recent blockhashes when building x402 transactions. Defaults to
+  `https://api.mainnet-beta.solana.com`. Set this if you hit public-endpoint
+  rate limits.
+
+* **`@solana/kit`, `@solana-program/token`, `@solana-program/compute-budget`,
+  `viem` as real dependencies.** Tree-shakeable, no `rpc-websockets`
+  transitive dependency, and no ESM/CJS landmines on Node 20+. `viem` was
+  previously an optional peer; it is now required because the EVM x402
+  signer cannot work without it.
+
+### Migration
+
+* No config changes required if you only use the Solana intelligence oracle
+  (it still uses `MPP32_SOLANA_PRIVATE_KEY`). To pay for Base-network
+  services like Exa Search, set `MPP32_PRIVATE_KEY` to your EVM private key
+  and ensure that wallet holds USDC on Base.
+
+## [1.1.4] - 2026-05-11
+
+### Added
+
+* **`get_mpp32_diagnostics` MCP tool.** Reports server version, API URL,
+  and per-variable detection state for `MPP32_AGENT_KEY`,
+  `MPP32_SOLANA_PRIVATE_KEY`, and `MPP32_PRIVATE_KEY` — without ever
+  echoing the secret. The single most common payment failure has been
+  "I set the key but the MCP server doesn't see it" (wrong
+  `claude_desktop_config.json` file, `env` block at the wrong level in
+  the JSON, typo, or stale process from an incomplete restart). This
+  tool turns that into a one-call diagnosis.
+* **Per-variable startup banner lines.** The stderr banner now prints
+  one `[mpp32] MPP32_X: SET (fingerprint) / NOT SET` line per managed
+  env var, so users who can find their MCP log file can see the same
+  diagnosis without calling a tool.
+
 ## [1.1.3] - 2026-05-11
 
 ### Fixed

package/dist/index.js

@@ -2,7 +2,8 @@
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
 import { z } from "zod";
-const SERVER_VERSION = "1.1.3";
+import { signX402Payment } from "./x402-signers.js";
+const SERVER_VERSION = "1.2.0";
 // ── Env loading: trim and sanitize aggressively ─────────────────────────────
 // Copy-paste from Claude Desktop / Cursor / Windsurf JSON config UIs frequently
 // adds trailing \n, \r, NBSP, BOM, or wraps the value in literal quotes. Any
@@ -173,6 +174,63 @@ function isHttpCallable(svc) {
         return false;
     return /^https?:\/\//.test(url);
 }
+// ── Tool 0: get_mpp32_diagnostics ───────────────────────────────────────────
+// Lets the user (and Claude) see exactly what the MCP process detected at
+// startup. The single most common failure mode is "I set the env var but it
+// didn't reach the server" — wrong claude_desktop_config.json file edited,
+// `env` block at the wrong level, typo in the variable name, stale process
+// from an incomplete restart. This tool answers all of those without
+// asking the user to dig through MCP log files.
+function describeEnvVarStatus(name, value) {
+    const raw = process.env[name];
+    if (raw === undefined)
+        return `${name}: NOT SET (variable absent from MCP process env)`;
+    if (raw.length === 0)
+        return `${name}: EMPTY (set but blank)`;
+    if (value === undefined) {
+        return `${name}: REJECTED (raw length ${raw.length}, but failed validation — check startup log for reason)`;
+    }
+    // Show a short, non-secret fingerprint so the user can confirm it's the
+    // right value without us exfiltrating the key.
+    const fingerprint = value.length <= 12
+        ? `${value.length} chars`
+        : `${value.slice(0, 6)}…${value.slice(-4)} (${value.length} chars)`;
+    return `${name}: SET (${fingerprint})`;
+}
+server.tool("get_mpp32_diagnostics", "Report what the mpp32-mcp-server detected at startup: version, API URL, and which env vars (MPP32_AGENT_KEY, MPP32_SOLANA_PRIVATE_KEY, MPP32_PRIVATE_KEY) were loaded into this process. Use this FIRST if payments fail with 'no key configured' even though you set one in claude_desktop_config.json — it confirms whether your env vars actually reached the MCP process or got dropped by a typo / wrong file / stale restart.", {}, async () => {
+    const lines = [
+        `**mpp32-mcp-server diagnostics**`,
+        ``,
+        `Version: ${SERVER_VERSION}`,
+        `API URL: ${API_URL}`,
+        `Timeout: ${TIMEOUT_MS}ms`,
+        `Node: ${process.version} on ${process.platform}/${process.arch}`,
+        ``,
+        `**Environment variable detection** (values are fingerprinted, never returned in full):`,
+        ``,
+        describeEnvVarStatus("MPP32_AGENT_KEY", AGENT_KEY),
+        describeEnvVarStatus("MPP32_SOLANA_PRIVATE_KEY", SOLANA_PRIVATE_KEY),
+        describeEnvVarStatus("MPP32_PRIVATE_KEY", PRIVATE_KEY),
+        ``,
+        `**Capabilities:**`,
+        `- Catalog browsing: yes (always available)`,
+        `- Federated service execution: ${AGENT_KEY ? "yes" : "no — set MPP32_AGENT_KEY"}`,
+        `- x402 (USDC on Solana) payment: ${SOLANA_PRIVATE_KEY ? "yes" : "no — set MPP32_SOLANA_PRIVATE_KEY"}`,
+        `- Tempo (pathUSD on Eth L2) payment: ${PRIVATE_KEY ? "yes" : "no — set MPP32_PRIVATE_KEY"}`,
+        ``,
+        `If a variable shows NOT SET but you put it in claude_desktop_config.json:`,
+        `1. Confirm the file path Claude Desktop actually reads from:`,
+        `   - macOS: ~/Library/Application Support/Claude/claude_desktop_config.json`,
+        `   - Windows: %APPDATA%\\Claude\\claude_desktop_config.json`,
+        `2. The 'env' block must sit INSIDE the server entry, alongside 'command' and 'args' — not at the top level.`,
+        `3. Fully quit Claude Desktop (Cmd+Q on Mac, right-click tray → Quit on Windows). Closing the window is not enough.`,
+        `4. Re-open Claude Desktop. The new MCP process inherits the env from the JSON.`,
+        `5. Call get_mpp32_diagnostics again — if it still shows NOT SET, the JSON did not load (check for a syntax error).`,
+    ];
+    return {
+        content: [{ type: "text", text: lines.join("\n") }],
+    };
+});
 // ── Tool 1: list_mpp32_services ─────────────────────────────────────────────
 server.tool("list_mpp32_services", "Browse the MPP32 federated catalog of 4,500+ machine-payable APIs and data services. Includes native MPP32 services (callable end-to-end through this MCP), the x402 Bazaar (USDC on Solana), curated free APIs (DexScreener, Jupiter, CoinGecko health, httpbin, etc.), and the public MCP Registry (npx-installable servers; listing-only). Each result indicates whether it is callable through `call_mpp32_endpoint` or listing-only. The catalog is large (~4,500 entries) — by default a single call returns up to 100 results and the response will tell you the true total and whether the page was truncated. Use `q` (free-text search), `category`, `source`, or `protocol` to narrow down, or raise `limit` (max 500) for broader pages.", {
     category: z
@@ -285,14 +343,18 @@ server.tool("list_mpp32_services", "Browse the MPP32 federated catalog of 4,500+
     }
 });
 // ── Tool 2: call_mpp32_endpoint ─────────────────────────────────────────────
-server.tool("call_mpp32_endpoint", "Call any HTTP-callable service in the MPP32 federated catalog. Free services return immediately. Paid services return a 402 challenge that this tool will sign and retry automatically when a payment key (MPP32_SOLANA_PRIVATE_KEY for x402/USDC, MPP32_PRIVATE_KEY for Tempo/pathUSD) is configured. Set MPP32_AGENT_KEY for dashboard tracking. Use `list_mpp32_services` first to find a slug. Listing-only entries (npx-installable MCP servers, x402 Bazaar non-mirrored items) cannot be called through this tool — install them directly per the catalog instructions.", {
+server.tool("call_mpp32_endpoint", "Call any HTTP-callable service in the MPP32 federated catalog. Free services return immediately. Paid services return a 402 challenge that this tool will sign and retry automatically when a payment key (MPP32_SOLANA_PRIVATE_KEY for x402-on-Solana, MPP32_PRIVATE_KEY for x402-on-Base/Ethereum and Tempo pathUSD) is configured. Set MPP32_AGENT_KEY for dashboard tracking. Use `list_mpp32_services` first to find a slug. Many catalog entries store only the upstream BASE URL (e.g. `https://api.exa.ai`) — pass the upstream path (e.g. `/search`) via the `path` argument when calling those. Listing-only entries (npx-installable MCP servers, etc.) cannot be called through this tool.", {
     slug: z
         .string()
-        .describe("Service slug from `list_mpp32_services` (e.g. 'mpp32-intelligence')."),
+        .describe("Service slug from `list_mpp32_services` (e.g. 'curated:exa', 'mpp32-intelligence')."),
     method: z
         .enum(["GET", "POST", "PUT", "DELETE"])
         .default("POST")
         .describe("HTTP method."),
+    path: z
+        .string()
+        .optional()
+        .describe("Upstream path appended to the service's base URL (e.g. '/search' for Exa, '/v1/chat/completions' for OpenAI). Leave empty for catalog entries that already store a full path, or for native MPP32 services. Always begins with '/'."),
     body: z
         .union([z.string(), z.record(z.unknown())])
         .optional()
@@ -301,7 +363,7 @@ server.tool("call_mpp32_endpoint", "Call any HTTP-callable service in the MPP32
         .record(z.string())
         .optional()
         .describe("URL query parameters as key-value pairs."),
-}, async ({ slug, method, body, query }) => {
+}, async ({ slug, method, path, body, query }) => {
     // Normalize body to an object so it can be JSON.stringified by the upstream call
     let parsedBody = body;
     if (typeof body === "string") {
@@ -313,10 +375,10 @@ server.tool("call_mpp32_endpoint", "Call any HTTP-callable service in the MPP32
         }
     }
     if (AGENT_KEY) {
-        return await callViaAgentExecute(slug, method, parsedBody, query);
+        return await callViaAgentExecute(slug, method, parsedBody, query, path);
     }
     // Legacy path — only works for native services with payment keys
-    return await callViaLegacyProxy(slug, method, parsedBody, query);
+    return await callViaLegacyProxy(slug, method, parsedBody, query, path);
 });
 // ── Tool 3: get_solana_token_intelligence ───────────────────────────────────
 server.tool("get_solana_token_intelligence", "Get real-time Solana token intelligence from the MPP32 Intelligence Oracle. Returns alpha score (0-100), rug risk assessment, whale activity, smart money signals, 24h pump probability, projected ROI ranges, and aggregated DexScreener/Jupiter/CoinGecko market data. Costs $0.008 per query, paid automatically via x402 (USDC on Solana) or Tempo (pathUSD on Eth L2). M32 token holders receive up to 40% discount once their wallet is signature-verified. Set MPP32_AGENT_KEY in config to attribute calls to your dashboard.", {
@@ -336,7 +398,7 @@ server.tool("get_solana_token_intelligence", "Get real-time Solana token intelli
     return await legacyIntelligenceCall(token, walletAddress);
 });
 // ── Core: agent/execute path with 402 sign-and-retry ────────────────────────
-async function callViaAgentExecute(service, method, body, query) {
+async function callViaAgentExecute(service, method, body, query, path) {
     try {
         const execUrl = new URL("/api/agent/execute", API_URL).toString();
         const reqBody = JSON.stringify({
@@ -344,6 +406,7 @@ async function callViaAgentExecute(service, method, body, query) {
             method,
             ...(body !== undefined ? { body } : {}),
             ...(query ? { query } : {}),
+            ...(path ? { path } : {}),
         });
         // Round 1: no payment headers
         const firstRes = await fetchWithTimeout(execUrl, {
@@ -395,11 +458,18 @@ function detectPaymentRequired(resp) {
 async function signAndRetry(execUrl, reqBody, challenge) {
     const paymentHeaders = {};
     let usedProtocol = "";
-    // Prefer x402 if Solana key present and server offered Payment-Required
-    if (challenge.paymentRequired && SOLANA_PRIVATE_KEY) {
+    // Prefer x402 if a payment-required challenge is present AND we hold a key
+    // for *either* the SVM or EVM side. The signer module inspects the
+    // challenge's `network` field and routes to the right signer; we just need
+    // to pass it whichever keys we have.
+    if (challenge.paymentRequired && (SOLANA_PRIVATE_KEY || PRIVATE_KEY)) {
         try {
-            paymentHeaders["X-Payment"] = await completeX402Payment(challenge.paymentRequired, SOLANA_PRIVATE_KEY);
-            usedProtocol = "USDC (x402)";
+            const completed = await completeX402Payment(challenge.paymentRequired, {
+                solana: SOLANA_PRIVATE_KEY,
+                evm: PRIVATE_KEY,
+            });
+            paymentHeaders["X-Payment"] = completed.xPaymentHeader;
+            usedProtocol = completed.protocolUsed === "x402-evm" ? "USDC (x402, Base)" : "USDC (x402, Solana)";
         }
         catch (err) {
             // Fall through to Tempo if available
@@ -626,9 +696,12 @@ function paymentFailedMessage(challenge, proto, err) {
     };
 }
 // ── Legacy path (no MPP32_AGENT_KEY) ────────────────────────────────────────
-async function callViaLegacyProxy(slug, method, body, query) {
+async function callViaLegacyProxy(slug, method, body, query, path) {
     try {
         // Without an agent key, only native /api/proxy/<slug> is reachable.
+        // Native services do not need a `path` argument; if one is passed, we
+        // ignore it here. (The agent-execute path forwards it for external entries.)
+        void path;
         // We fetch /info first to detect that the slug exists as a native service.
         const infoUrl = new URL(`/api/proxy/${encodeURIComponent(slug)}/info`, API_URL).toString();
         const infoRes = await fetchWithTimeout(infoUrl);
@@ -703,10 +776,14 @@ async function callViaLegacyProxy(slug, method, body, query) {
         }
         const paymentHeaders = {};
         let usedProtocol = "";
-        if (paymentRequired && SOLANA_PRIVATE_KEY) {
+        if (paymentRequired && (SOLANA_PRIVATE_KEY || PRIVATE_KEY)) {
             try {
-                paymentHeaders["X-Payment"] = await completeX402Payment(paymentRequired, SOLANA_PRIVATE_KEY);
-                usedProtocol = "USDC (x402)";
+                const completed = await completeX402Payment(paymentRequired, {
+                    solana: SOLANA_PRIVATE_KEY,
+                    evm: PRIVATE_KEY,
+                });
+                paymentHeaders["X-Payment"] = completed.xPaymentHeader;
+                usedProtocol = completed.protocolUsed === "x402-evm" ? "USDC (x402, Base)" : "USDC (x402, Solana)";
             }
             catch (err) {
                 if (wwwAuth && PRIVATE_KEY) {
@@ -844,10 +921,14 @@ async function legacyIntelligenceCall(token, walletAddress) {
         const paymentRequired = res.headers.get("payment-required") ?? undefined;
         const paymentHeaders = {};
         let usedProtocol = "";
-        if (paymentRequired && SOLANA_PRIVATE_KEY) {
+        if (paymentRequired && (SOLANA_PRIVATE_KEY || PRIVATE_KEY)) {
             try {
-                paymentHeaders["X-Payment"] = await completeX402Payment(paymentRequired, SOLANA_PRIVATE_KEY);
-                usedProtocol = "USDC (x402)";
+                const completed = await completeX402Payment(paymentRequired, {
+                    solana: SOLANA_PRIVATE_KEY,
+                    evm: PRIVATE_KEY,
+                });
+                paymentHeaders["X-Payment"] = completed.xPaymentHeader;
+                usedProtocol = completed.protocolUsed === "x402-evm" ? "USDC (x402, Base)" : "USDC (x402, Solana)";
             }
             catch (x402Err) {
                 if (wwwAuth && PRIVATE_KEY) {
@@ -868,7 +949,7 @@ async function legacyIntelligenceCall(token, walletAddress) {
                 else {
                     return {
                         content: [
-                            { type: "text", text: `x402 payment failed: ${x402Err instanceof Error ? x402Err.message : String(x402Err)}. Check Solana wallet balance.` },
+                            { type: "text", text: `x402 payment failed: ${x402Err instanceof Error ? x402Err.message : String(x402Err)}. Check that the wallet for the challenge network has sufficient USDC balance.` },
                         ],
                     };
                 }
@@ -969,89 +1050,25 @@ async function completeTempoPayment(challengeParams, privateKey) {
         throw new Error(`Tempo payment failed: ${payErr instanceof Error ? payErr.message : String(payErr)}`);
     }
 }
-async function completeX402Payment(paymentRequiredHeader, solanaPrivateKey) {
-    let requirements;
-    try {
-        requirements = JSON.parse(Buffer.from(paymentRequiredHeader, "base64").toString("utf-8"));
-    }
-    catch {
-        throw new Error("Could not decode Payment-Required header");
-    }
-    // We sign x402 challenges with raw Ed25519 (Solana keys are Ed25519). No
-    // @solana/web3.js needed — it pulls in rpc-websockets which has a
-    // CJS/ESM uuid incompat on Node 20+ that breaks every paid call.
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    let tweetnacl;
-    try {
-        const pkg = "tweetnacl";
-        tweetnacl = await import(pkg);
-    }
-    catch (err) {
-        throw new Error(`x402 signing requires tweetnacl, which ships with mpp32-mcp-server. ` +
-            `If you're seeing this on a clean npx install, upgrade to mpp32-mcp-server@latest. ` +
-            `Underlying error: ${err instanceof Error ? err.message : String(err)}`);
-    }
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    let bs58;
-    try {
-        const pkg = "bs58";
-        bs58 = await import(pkg);
-    }
-    catch (err) {
-        throw new Error(`x402 signing requires bs58, which ships with mpp32-mcp-server. ` +
-            `Upgrade to mpp32-mcp-server@latest. ` +
-            `Underlying error: ${err instanceof Error ? err.message : String(err)}`);
-    }
-    const bs58Decode = bs58.default?.decode ?? bs58.decode;
-    const bs58Encode = bs58.default?.encode ?? bs58.encode;
-    const naclSign = tweetnacl.default?.sign ?? tweetnacl.sign;
-    let rawKey;
-    try {
-        if (solanaPrivateKey.startsWith("[")) {
-            rawKey = new Uint8Array(JSON.parse(solanaPrivateKey));
-        }
-        else if (/^[0-9a-fA-F]+$/.test(solanaPrivateKey) && solanaPrivateKey.length % 2 === 0) {
-            rawKey = new Uint8Array(Buffer.from(solanaPrivateKey, "hex"));
-        }
-        else {
-            rawKey = bs58Decode(solanaPrivateKey);
-        }
-    }
-    catch (err) {
-        throw new Error(`Could not decode Solana private key: ${err instanceof Error ? err.message : String(err)}`);
-    }
-    let secretKey;
-    let publicKey;
-    if (rawKey.length === 64) {
-        secretKey = rawKey;
-        publicKey = rawKey.slice(32);
-    }
-    else if (rawKey.length === 32) {
-        const kp = naclSign.keyPair.fromSeed(rawKey);
-        secretKey = kp.secretKey;
-        publicKey = kp.publicKey;
-    }
-    else {
-        throw new Error(`Solana private key must be a 32-byte seed or 64-byte expanded key; got ${rawKey.length} bytes.`);
-    }
-    const payload = {
-        x402Version: 1,
-        scheme: requirements.scheme ?? "exact",
-        network: requirements.network ?? "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp",
-        payload: {
-            signature: "",
-            from: bs58Encode(publicKey),
-            amount: requirements.maxAmountRequired,
-            asset: requirements.asset,
-            payTo: requirements.payTo,
-            nonce: Date.now().toString(),
-        },
+// Build a real, x402-spec-compliant payment payload from the server's
+// Payment-Required challenge. For Solana-family networks, this produces a
+// base64 partially-signed VersionedTransaction (3 instructions, fee-payer
+// slot reserved for the facilitator). For Base/Base-Sepolia/Ethereum, it
+// produces an EIP-3009 transferWithAuthorization signature. Returns the
+// envelope ready to drop into the `X-Payment` HTTP header.
+async function completeX402Payment(paymentRequiredHeader, keys) {
+    const solanaRpcUrl = readEnv("MPP32_SOLANA_RPC_URL");
+    const result = await signX402Payment({
+        paymentRequiredHeader,
+        solanaKey: keys.solana,
+        evmKey: keys.evm,
+        solanaRpcUrl,
+    });
+    return {
+        xPaymentHeader: result.xPaymentHeader,
+        network: result.network,
+        protocolUsed: result.protocolUsed,
     };
-    const message = JSON.stringify(payload.payload);
-    const messageBytes = new TextEncoder().encode(message);
-    const signed = naclSign.detached(messageBytes, secretKey);
-    payload.payload.signature = Buffer.from(signed).toString("base64");
-    return Buffer.from(JSON.stringify(payload)).toString("base64");
 }
 // ── Start ───────────────────────────────────────────────────────────────────
 async function main() {
@@ -1065,6 +1082,13 @@ async function main() {
         .filter(Boolean)
         .join(", ") || "no keys (catalog-only legacy mode)";
     console.error(`[mpp32] MCP server v${SERVER_VERSION} on stdio. API ${API_URL}. Configured: ${features}. Timeout ${TIMEOUT_MS}ms.`);
+    // Per-variable status so a user staring at this log can immediately see
+    // whether their env vars made it through. Values are fingerprinted.
+    const fp = (v) => !v ? "NOT SET" : v.length <= 12 ? `SET (${v.length}c)` : `SET (${v.slice(0, 6)}…${v.slice(-4)}, ${v.length}c)`;
+    console.error(`[mpp32]   MPP32_AGENT_KEY: ${fp(AGENT_KEY)}`);
+    console.error(`[mpp32]   MPP32_SOLANA_PRIVATE_KEY: ${fp(SOLANA_PRIVATE_KEY)}`);
+    console.error(`[mpp32]   MPP32_PRIVATE_KEY: ${fp(PRIVATE_KEY)}`);
+    console.error(`[mpp32] If a key shows NOT SET but you set it in claude_desktop_config.json, call the get_mpp32_diagnostics tool for help, or fully quit Claude Desktop and reopen.`);
 }
 main().catch((err) => {
     console.error("Fatal:", err);

package/dist/x402-signers.d.ts

@@ -0,0 +1,42 @@
+export interface X402PaymentRequirements {
+    scheme: string;
+    network: string;
+    maxAmountRequired: string;
+    resource: string;
+    description?: string;
+    mimeType?: string;
+    payTo: string;
+    maxTimeoutSeconds?: number;
+    asset: string;
+    outputSchema?: unknown;
+    extra?: {
+        feePayer?: string;
+        name?: string;
+        version?: string;
+        decimals?: number;
+        [k: string]: unknown;
+    };
+}
+export interface X402PaymentEnvelope {
+    x402Version: number;
+    scheme: string;
+    network: string;
+    payload: unknown;
+}
+export declare function isSvmNetwork(network: string): boolean;
+export declare function isEvmNetwork(network: string): boolean;
+export declare function signX402PaymentSvm(requirements: X402PaymentRequirements, rawKey: string, rpcUrlOverride?: string): Promise<string>;
+export declare function signX402PaymentEvm(requirements: X402PaymentRequirements, rawKey: string): Promise<string>;
+export interface SignX402Args {
+    paymentRequiredHeader: string;
+    solanaKey?: string;
+    evmKey?: string;
+    solanaRpcUrl?: string;
+}
+export interface SignX402Result {
+    xPaymentHeader: string;
+    network: string;
+    scheme: string;
+    protocolUsed: "x402-svm" | "x402-evm";
+}
+export declare function signX402Payment(args: SignX402Args): Promise<SignX402Result>;

package/dist/x402-signers.js

@@ -0,0 +1,267 @@
+// x402 protocol-compliant payment signers.
+//
+// Two schemes are implemented end-to-end here. Both follow the official
+// `exact` scheme from https://x402.org and the reference implementation at
+// https://github.com/coinbase/x402.
+//
+//   • SVM (Solana): build a 3-instruction Solana VersionedTransaction
+//       (SetComputeUnitLimit, SetComputeUnitPrice, SPL-Token TransferChecked
+//       between Associated Token Accounts), set the facilitator-advertised
+//       fee payer, partially sign with the payer's Ed25519 keypair, and
+//       base64-encode the wire transaction. The fee-payer signature slot is
+//       left empty — the facilitator fills it during /settle.
+//   • EVM (Base / Base-Sepolia): sign an EIP-3009 `transferWithAuthorization`
+//       typed data message with the payer's secp256k1 key using viem. The
+//       resulting signature plus authorization parameters form the payload.
+//
+// In both cases the outer envelope is
+//   { x402Version: 1, scheme: "exact", network, payload: <scheme payload> }
+// base64-encoded into the `X-Payment` HTTP header.
+import { address, createKeyPairSignerFromBytes, createSolanaRpc, createTransactionMessage, setTransactionMessageFeePayer, setTransactionMessageLifetimeUsingBlockhash, appendTransactionMessageInstructions, partiallySignTransactionMessageWithSigners, getBase64EncodedWireTransaction, pipe, } from "@solana/kit";
+import { getTransferCheckedInstruction, findAssociatedTokenPda, TOKEN_PROGRAM_ADDRESS, } from "@solana-program/token";
+import { getSetComputeUnitLimitInstruction, getSetComputeUnitPriceInstruction, } from "@solana-program/compute-budget";
+import { privateKeyToAccount } from "viem/accounts";
+import bs58 from "bs58";
+import nacl from "tweetnacl";
+// ── Network classification ──────────────────────────────────────────────────
+const SOLANA_MAINNET = "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp";
+const SOLANA_DEVNET = "solana:EtWTRABZaYq6iMfeYKouRu166VU2xqa1";
+export function isSvmNetwork(network) {
+    return network.startsWith("solana") || network === "solana-mainnet" || network === "solana-devnet";
+}
+export function isEvmNetwork(network) {
+    if (network.startsWith("eip155:"))
+        return true;
+    return ["base", "base-sepolia", "ethereum", "ethereum-sepolia"].includes(network);
+}
+function chainSpecFor(network) {
+    if (network === "base" || network === "eip155:8453") {
+        return { chainId: 8453, name: "Base", rpcUrl: "https://mainnet.base.org" };
+    }
+    if (network === "base-sepolia" || network === "eip155:84532") {
+        return { chainId: 84532, name: "Base Sepolia", rpcUrl: "https://sepolia.base.org" };
+    }
+    if (network === "ethereum" || network === "eip155:1") {
+        return { chainId: 1, name: "Ethereum", rpcUrl: "https://eth.llamarpc.com" };
+    }
+    throw new Error(`Unsupported EVM network "${network}". x402 EVM payments currently support: base, base-sepolia, ethereum.`);
+}
+// ── Key decoding ────────────────────────────────────────────────────────────
+function decodeSolanaSecret(raw) {
+    if (raw.startsWith("[")) {
+        const arr = JSON.parse(raw);
+        if (!Array.isArray(arr))
+            throw new Error("Solana secret JSON array malformed");
+        return new Uint8Array(arr);
+    }
+    if (/^[0-9a-fA-F]+$/.test(raw) && raw.length % 2 === 0) {
+        return new Uint8Array(Buffer.from(raw, "hex"));
+    }
+    return bs58.decode(raw);
+}
+async function buildSolanaSigner(rawKey) {
+    let bytes = decodeSolanaSecret(rawKey);
+    if (bytes.length === 32) {
+        // 32-byte seed — kit's createKeyPairSignerFromBytes wants the 64-byte
+        // expanded key. Derive via tweetnacl.
+        const kp = nacl.sign.keyPair.fromSeed(bytes);
+        bytes = kp.secretKey;
+    }
+    else if (bytes.length !== 64) {
+        throw new Error(`Solana private key must be a 32-byte seed or a 64-byte expanded key; got ${bytes.length} bytes.`);
+    }
+    return await createKeyPairSignerFromBytes(bytes);
+}
+// ── SVM signer ──────────────────────────────────────────────────────────────
+const DEFAULT_SOLANA_RPC = "https://api.mainnet-beta.solana.com";
+export async function signX402PaymentSvm(requirements, rawKey, rpcUrlOverride) {
+    if (requirements.scheme !== "exact") {
+        throw new Error(`SVM x402 scheme "${requirements.scheme}" not implemented; only "exact" is supported.`);
+    }
+    if (!requirements.extra?.feePayer) {
+        throw new Error(`SVM x402 challenge is missing extra.feePayer. The facilitator must advertise a fee-payer address per the x402 spec. ` +
+            `If you are calling MPP32 itself, upgrade the backend; if a third-party service, ask them to fix their challenge.`);
+    }
+    const decimals = requirements.extra?.decimals ?? 6;
+    const amount = BigInt(requirements.maxAmountRequired);
+    if (amount <= 0n)
+        throw new Error(`Invalid maxAmountRequired: ${requirements.maxAmountRequired}`);
+    const signer = await buildSolanaSigner(rawKey);
+    const payerAddress = signer.address;
+    const mintAddress = address(requirements.asset);
+    const recipientAddress = address(requirements.payTo);
+    const feePayerAddress = address(requirements.extra.feePayer);
+    // Derive both sides' associated token accounts (classic SPL Token program).
+    const [sourceAtaTuple, destinationAtaTuple] = await Promise.all([
+        findAssociatedTokenPda({
+            owner: payerAddress,
+            mint: mintAddress,
+            tokenProgram: TOKEN_PROGRAM_ADDRESS,
+        }),
+        findAssociatedTokenPda({
+            owner: recipientAddress,
+            mint: mintAddress,
+            tokenProgram: TOKEN_PROGRAM_ADDRESS,
+        }),
+    ]);
+    const sourceAta = sourceAtaTuple[0];
+    const destinationAta = destinationAtaTuple[0];
+    const rpcUrl = rpcUrlOverride && rpcUrlOverride.length > 0 ? rpcUrlOverride : DEFAULT_SOLANA_RPC;
+    const rpc = createSolanaRpc(rpcUrl);
+    const { value: latestBlockhash } = await rpc.getLatestBlockhash({ commitment: "confirmed" }).send();
+    const instructions = [
+        getSetComputeUnitLimitInstruction({ units: 150_000 }),
+        getSetComputeUnitPriceInstruction({ microLamports: 1000n }),
+        getTransferCheckedInstruction({
+            source: sourceAta,
+            mint: mintAddress,
+            destination: destinationAta,
+            authority: signer,
+            amount,
+            decimals,
+        }),
+    ];
+    const message = pipe(createTransactionMessage({ version: 0 }), (m) => setTransactionMessageFeePayer(feePayerAddress, m), (m) => setTransactionMessageLifetimeUsingBlockhash(latestBlockhash, m), (m) => appendTransactionMessageInstructions(instructions, m));
+    // Partially sign — fills the payer's signature slot, leaves the fee payer's
+    // slot empty for the facilitator to fill in at /settle time.
+    const partiallySigned = await partiallySignTransactionMessageWithSigners(message);
+    const base64Tx = getBase64EncodedWireTransaction(partiallySigned);
+    const envelope = {
+        x402Version: 1,
+        scheme: "exact",
+        network: requirements.network,
+        payload: { transaction: base64Tx },
+    };
+    return Buffer.from(JSON.stringify(envelope)).toString("base64");
+}
+// ── EVM signer (EIP-3009 transferWithAuthorization) ─────────────────────────
+function randomHex32() {
+    const buf = Buffer.alloc(32);
+    for (let i = 0; i < 32; i++)
+        buf[i] = Math.floor(Math.random() * 256);
+    return ("0x" + buf.toString("hex"));
+}
+export async function signX402PaymentEvm(requirements, rawKey) {
+    if (requirements.scheme !== "exact") {
+        throw new Error(`EVM x402 scheme "${requirements.scheme}" not implemented; only "exact" is supported.`);
+    }
+    const chain = chainSpecFor(requirements.network);
+    const tokenName = requirements.extra?.name ?? "USD Coin";
+    const tokenVersion = requirements.extra?.version ?? "2";
+    const assetAddr = requirements.asset;
+    if (!/^0x[0-9a-fA-F]{40}$/.test(assetAddr)) {
+        throw new Error(`EVM x402 challenge asset is not a valid 0x address: ${requirements.asset}`);
+    }
+    const recipientAddr = requirements.payTo;
+    if (!/^0x[0-9a-fA-F]{40}$/.test(recipientAddr)) {
+        throw new Error(`EVM x402 challenge payTo is not a valid 0x address: ${requirements.payTo}`);
+    }
+    const value = BigInt(requirements.maxAmountRequired);
+    if (value <= 0n)
+        throw new Error(`Invalid maxAmountRequired: ${requirements.maxAmountRequired}`);
+    const keyHex = rawKey.startsWith("0x") ? rawKey : `0x${rawKey}`;
+    if (!/^0x[0-9a-fA-F]{64}$/.test(keyHex)) {
+        throw new Error("MPP32_PRIVATE_KEY must be a 64-character hex EVM private key (0x-prefixed or bare).");
+    }
+    const account = privateKeyToAccount(keyHex);
+    const now = Math.floor(Date.now() / 1000);
+    const validAfter = BigInt(0);
+    const validBefore = BigInt(now + (requirements.maxTimeoutSeconds ?? 600));
+    const nonce = randomHex32();
+    const domain = {
+        name: tokenName,
+        version: tokenVersion,
+        chainId: chain.chainId,
+        verifyingContract: assetAddr,
+    };
+    const types = {
+        TransferWithAuthorization: [
+            { name: "from", type: "address" },
+            { name: "to", type: "address" },
+            { name: "value", type: "uint256" },
+            { name: "validAfter", type: "uint256" },
+            { name: "validBefore", type: "uint256" },
+            { name: "nonce", type: "bytes32" },
+        ],
+    };
+    const messageObj = {
+        from: account.address,
+        to: recipientAddr,
+        value,
+        validAfter,
+        validBefore,
+        nonce,
+    };
+    const signature = await account.signTypedData({
+        domain,
+        types,
+        primaryType: "TransferWithAuthorization",
+        message: messageObj,
+    });
+    const envelope = {
+        x402Version: 1,
+        scheme: "exact",
+        network: requirements.network,
+        payload: {
+            signature,
+            authorization: {
+                from: messageObj.from,
+                to: messageObj.to,
+                value: messageObj.value.toString(),
+                validAfter: messageObj.validAfter.toString(),
+                validBefore: messageObj.validBefore.toString(),
+                nonce: messageObj.nonce,
+            },
+        },
+    };
+    return Buffer.from(JSON.stringify(envelope)).toString("base64");
+}
+export async function signX402Payment(args) {
+    let requirements;
+    try {
+        const json = Buffer.from(args.paymentRequiredHeader, "base64").toString("utf-8");
+        requirements = JSON.parse(json);
+    }
+    catch (err) {
+        throw new Error(`Could not decode Payment-Required header as base64 JSON: ${err instanceof Error ? err.message : String(err)}`);
+    }
+    if (!requirements.network)
+        throw new Error("x402 payment requirements missing 'network'");
+    if (!requirements.asset)
+        throw new Error("x402 payment requirements missing 'asset'");
+    if (!requirements.payTo)
+        throw new Error("x402 payment requirements missing 'payTo'");
+    if (!requirements.maxAmountRequired)
+        throw new Error("x402 payment requirements missing 'maxAmountRequired'");
+    if (isSvmNetwork(requirements.network)) {
+        if (!args.solanaKey) {
+            throw new Error(`Provider requires SVM payment on ${requirements.network}, but MPP32_SOLANA_PRIVATE_KEY is not configured. ` +
+                `Set it in your MCP config to enable USDC-on-Solana payments.`);
+        }
+        const header = await signX402PaymentSvm(requirements, args.solanaKey, args.solanaRpcUrl);
+        return {
+            xPaymentHeader: header,
+            network: requirements.network,
+            scheme: requirements.scheme,
+            protocolUsed: "x402-svm",
+        };
+    }
+    if (isEvmNetwork(requirements.network)) {
+        if (!args.evmKey) {
+            throw new Error(`Provider requires EVM payment on ${requirements.network}, but MPP32_PRIVATE_KEY is not configured. ` +
+                `Set it in your MCP config to enable USDC-on-Base payments.`);
+        }
+        const header = await signX402PaymentEvm(requirements, args.evmKey);
+        return {
+            xPaymentHeader: header,
+            network: requirements.network,
+            scheme: requirements.scheme,
+            protocolUsed: "x402-evm",
+        };
+    }
+    if (requirements.network === "" || requirements.network === undefined) {
+        throw new Error(`Provider's x402 challenge does not specify a network. We cannot pay it. Ask the provider to fix their challenge.`);
+    }
+    throw new Error(`Unsupported x402 network "${requirements.network}". Supported: solana:*, base, base-sepolia, ethereum (and their eip155:* aliases). ` +
+        `If this network is real and we should support it, file an issue.`);
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mpp32-mcp-server",
-  "version": "1.1.3",
+  "version": "1.2.0",
   "mcpName": "io.github.MPP32/mpp32-mcp-server",
   "description": "Payment layer for AI agents. One MCP, five protocols, thousands of paid APIs your agent can call.",
   "type": "module",
@@ -69,20 +69,20 @@
   },
   "dependencies": {
     "@modelcontextprotocol/sdk": "^1.12.0",
+    "@solana-program/compute-budget": "^0.15.0",
+    "@solana-program/token": "^0.13.0",
+    "@solana/kit": "^6.9.0",
     "bs58": "^6.0.0",
     "tweetnacl": "^1.0.3",
+    "viem": "^2.48.11",
     "zod": "^3.23.0"
   },
   "peerDependencies": {
-    "mppx": ">=0.4.0",
-    "viem": ">=2.0.0"
+    "mppx": ">=0.4.0"
   },
   "peerDependenciesMeta": {
     "mppx": {
       "optional": true
-    },
-    "viem": {
-      "optional": true
     }
   },
   "devDependencies": {