paygate-mcp 2.7.0 → 2.9.0

package/README.md

@@ -57,6 +57,8 @@ Agent → PayGate (auth + billing) → Your MCP Server (stdio or HTTP)
 - **Webhook Retry Queue** — Exponential backoff retry (1s, 2s, 4s...) with dead letter queue for permanently failed deliveries, admin API for monitoring and clearing
 - **Health Check + Graceful Shutdown** — `GET /health` public endpoint with status, uptime, version, in-flight requests, Redis & webhook stats; `gracefulStop()` drains in-flight requests before teardown
 - **Config Validation + Dry Run** — `paygate-mcp validate --config paygate.json` catches misconfigurations before starting; `--dry-run` discovers tools, prints pricing table, then exits
+- **Batch Tool Calls** — `tools/call_batch` method for calling multiple tools in one request with all-or-nothing billing, aggregate credit checks, and parallel execution
+- **Multi-Tenant Namespaces** — Isolate API keys and usage data by tenant with namespace-filtered admin endpoints, analytics, and usage export
 - **Refund on Failure** — Automatically refund credits when downstream tool calls fail
 - **Webhook Events** — POST batched usage events to any URL for external billing/alerting
 - **Config File Mode** — Load all settings from a JSON file (`--config`)
@@ -303,6 +305,7 @@ A real-time admin UI for managing keys, viewing usage, and monitoring tool calls
 | `/teams/assign` | POST | `X-Admin-Key` | Assign an API key to a team |
 | `/teams/remove` | POST | `X-Admin-Key` | Remove an API key from a team |
 | `/teams/usage` | GET | `X-Admin-Key` | Team usage summary with member breakdown |
+| `/namespaces` | GET | `X-Admin-Key` | List all namespaces with key/credit/spending stats |
 | `/audit` | GET | `X-Admin-Key` | Query audit log (filter by type, actor, time) |
 | `/audit/export` | GET | `X-Admin-Key` | Export full audit log (JSON or CSV) |
 | `/audit/stats` | GET | `X-Admin-Key` | Audit log statistics |
@@ -314,6 +317,8 @@ A real-time admin UI for managing keys, viewing usage, and monitoring tool calls
 These MCP methods pass through without auth or billing:
 `initialize`, `initialized`, `ping`, `tools/list`, `resources/list`, `prompts/list`
 
+**Gated methods:** `tools/call` (single), `tools/call_batch` (batch — all-or-nothing billing, parallel execution). See [Batch Tool Calls](#batch-tool-calls).
+
 ## CLI Options
 
 ```
@@ -1038,6 +1043,131 @@ if (diags.some(d => d.level === 'error')) {
 }
 ```
 
+### Batch Tool Calls
+
+Call multiple tools in a single request with all-or-nothing billing:
+
+```json
+{
+  "jsonrpc": "2.0",
+  "id": 1,
+  "method": "tools/call_batch",
+  "params": {
+    "calls": [
+      { "name": "search", "arguments": { "q": "MCP servers" } },
+      { "name": "translate", "arguments": { "text": "hello", "to": "es" } },
+      { "name": "summarize", "arguments": { "url": "https://example.com" } }
+    ]
+  }
+}
+```
+
+**Response:**
+```json
+{
+  "jsonrpc": "2.0",
+  "id": 1,
+  "result": {
+    "results": [
+      { "tool": "search", "result": { "content": [...] }, "creditsCharged": 5 },
+      { "tool": "translate", "result": { "content": [...] }, "creditsCharged": 3 },
+      { "tool": "summarize", "result": { "content": [...] }, "creditsCharged": 2 }
+    ],
+    "totalCreditsCharged": 10,
+    "remainingCredits": 90
+  }
+}
+```
+
+**Key features:**
+- **All-or-nothing** — All calls are pre-validated (auth, ACL, rate limits, credits, quotas) before any execute. If any call would be denied, the entire batch is rejected and zero credits are charged.
+- **Aggregate pricing** — Total credits are checked and deducted atomically. A batch of 3 calls needing 5+3+2=10 credits requires 10 credits available.
+- **Parallel execution** — After gate approval, all tool calls execute concurrently for minimum latency.
+- **Refund on failure** — With `refundOnFailure` enabled, individual tools that error downstream get their credits refunded.
+- **Multi-server support** — Works with prefixed tools in multi-server mode (e.g., `fs:read`, `github:search`).
+
+**Programmatic API:**
+
+```typescript
+import { Gate, BatchToolCall } from 'paygate-mcp';
+
+const calls: BatchToolCall[] = [
+  { name: 'search', arguments: { q: 'test' } },
+  { name: 'translate', arguments: { text: 'hi' } },
+];
+
+const result = gate.evaluateBatch(apiKey, calls, clientIp);
+if (!result.allAllowed) {
+  console.log(`Denied at index ${result.failedIndex}: ${result.reason}`);
+} else {
+  console.log(`Charged ${result.totalCredits} credits for ${calls.length} calls`);
+}
+```
+
+### Multi-Tenant Namespaces
+
+Isolate API keys and usage data by tenant. Each key belongs to a `namespace` (default: `"default"`). All admin endpoints support namespace filtering for tenant-scoped views.
+
+**Create a key in a namespace:**
+
+```bash
+curl -X POST http://localhost:3402/keys \
+  -H "X-Admin-Key: YOUR_ADMIN_KEY" \
+  -H "Content-Type: application/json" \
+  -d '{"name": "acme-agent", "credits": 1000, "namespace": "acme-corp"}'
+```
+
+**List keys filtered by namespace:**
+
+```bash
+curl http://localhost:3402/keys?namespace=acme-corp \
+  -H "X-Admin-Key: YOUR_ADMIN_KEY"
+```
+
+**List all namespaces with stats:**
+
+```bash
+curl http://localhost:3402/namespaces \
+  -H "X-Admin-Key: YOUR_ADMIN_KEY"
+```
+
+Returns:
+
+```json
+{
+  "namespaces": [
+    { "namespace": "acme-corp", "keyCount": 3, "activeKeys": 2, "totalCredits": 2500, "totalSpent": 480 },
+    { "namespace": "beta-inc", "keyCount": 1, "activeKeys": 1, "totalCredits": 500, "totalSpent": 120 }
+  ],
+  "count": 2
+}
+```
+
+**Namespace-filtered status, usage, and analytics:**
+
+```bash
+# Status filtered to one namespace
+curl http://localhost:3402/status?namespace=acme-corp -H "X-Admin-Key: ..."
+
+# Usage events filtered by namespace
+curl http://localhost:3402/usage?namespace=acme-corp -H "X-Admin-Key: ..."
+
+# Analytics filtered by namespace
+curl "http://localhost:3402/analytics?namespace=acme-corp&from=2025-01-01" -H "X-Admin-Key: ..."
+
+# Search keys by tag within a namespace
+curl -X POST http://localhost:3402/keys/search \
+  -H "X-Admin-Key: ..." -H "Content-Type: application/json" \
+  -d '{"tags": {"env": "prod"}, "namespace": "acme-corp"}'
+```
+
+Namespace rules:
+- Alphanumeric + hyphens only, max 50 characters, case-insensitive (stored lowercase)
+- Defaults to `"default"` if omitted or invalid
+- Old keys automatically backfilled to `"default"` on state file load
+- Usage events carry the key's namespace for cross-cutting analytics
+- Namespaces are implicit — created automatically when a key is assigned to one
+
 ### Horizontal Scaling (Redis)
 
 Enable Redis-backed state for multi-process deployments. Multiple PayGate instances share API keys, credits, and usage data through Redis:
@@ -1279,6 +1409,8 @@ const result = await client.callTool('search', { query: 'hello' });
 - [x] Alert webhooks — Configurable threshold alerts (spending, credits, quota, expiry, rate limits)
 - [x] Team management — Group API keys with shared budgets, quotas, and usage tracking
 - [x] Horizontal scaling — Redis-backed state for multi-process deployments
+- [x] Batch tool calls — `tools/call_batch` with all-or-nothing billing and parallel execution
+- [x] Multi-tenant namespaces — Isolate API keys and usage data by tenant with namespace-filtered endpoints
 
 ## Requirements
 

package/dist/gate.d.ts

@@ -10,7 +10,7 @@
  * Fail-closed: any check failure => DENY.
  * Shadow mode: log but don't enforce (always ALLOW).
  */
-import { PayGateConfig, GateDecision, UsageEvent, ToolCallParams, ApiKeyRecord } from './types';
+import { PayGateConfig, GateDecision, UsageEvent, ToolCallParams, ApiKeyRecord, BatchToolCall, BatchGateResult } from './types';
 import { KeyStore } from './store';
 import { RateLimiter } from './rate-limiter';
 import { UsageMeter } from './meter';
@@ -39,6 +39,18 @@ export declare class Gate {
      * Evaluate a tool call request.
      */
     evaluate(apiKey: string | null, toolCall: ToolCallParams, clientIp?: string): GateDecision;
+    /**
+     * Evaluate a batch of tool calls atomically (all-or-nothing).
+     *
+     * Pre-validates all calls (auth, ACL, rate limits, credits, quotas, spending limits)
+     * before executing any. If any call would be denied, the entire batch is rejected
+     * and no credits are deducted.
+     *
+     * On success, deducts credits for all calls at once.
+     */
+    evaluateBatch(apiKey: string | null, calls: BatchToolCall[], clientIp?: string): BatchGateResult;
+    /** Build a shadow-mode batch result (all allowed, zero charges). */
+    private shadowBatchResult;
     /**
      * Check if a tool call is allowed by the key's ACL.
      */
@@ -66,7 +78,15 @@ export declare class Gate {
     /**
      * Get full status for dashboard.
      */
-    getStatus(): {
+    getStatus(namespace?: string): {
+        config: {
+            defaultCreditsPerCall: number;
+            globalRateLimitPerMin: number;
+            toolPricing: Record<string, import("./types").ToolPricing>;
+            refundOnFailure: boolean;
+            webhookUrl: string | null;
+        };
+        filteredNamespace?: string | undefined;
         name: string;
         shadowMode: boolean;
         activeKeys: number;
@@ -76,13 +96,13 @@ export declare class Gate {
         })[];
         usage: import("./types").UsageSummary;
         eventCount: number;
-        config: {
-            defaultCreditsPerCall: number;
-            globalRateLimitPerMin: number;
-            toolPricing: Record<string, import("./types").ToolPricing>;
-            refundOnFailure: boolean;
-            webhookUrl: string | null;
-        };
+        namespaces: {
+            namespace: string;
+            keyCount: number;
+            activeKeys: number;
+            totalCredits: number;
+            totalSpent: number;
+        }[];
     };
     /**
      * Refund credits for a failed tool call.

package/dist/gate.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"gate.d.ts","sourceRoot":"","sources":["../src/gate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,UAAU,EAAE,cAAc,EAAE,YAAY,EAAe,MAAM,SAAS,CAAC;AAC7G,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACnC,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAEvC,qBAAa,IAAI;IACf,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC;IACzB,QAAQ,CAAC,WAAW,EAAE,WAAW,CAAC;IAClC,QAAQ,CAAC,KAAK,EAAE,UAAU,CAAC;IAC3B,QAAQ,CAAC,OAAO,EAAE,cAAc,GAAG,IAAI,CAAC;IACxC,QAAQ,CAAC,YAAY,EAAE,YAAY,CAAC;IACpC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAgB;IACvC,mEAAmE;IACnE,WAAW,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,KAAK;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IACzF,uDAAuD;IACvD,YAAY,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,KAAK,IAAI,CAAC;IACzD,iFAAiF;IACjF,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,IAAI,CAAC;IAC3C,wEAAwE;IACxE,iBAAiB,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,KAAK,IAAI,CAAC;gBAEjD,MAAM,EAAE,aAAa,EAAE,SAAS,CAAC,EAAE,MAAM;IAYrD;;OAEG;IACH,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,EAAE,QAAQ,EAAE,cAAc,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,YAAY;IAoJ1F;;OAEG;IACH,OAAO,CAAC,YAAY;IAgBpB;;;OAGG;IACH,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAAA;KAAE,CAAC,GAAG,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAAA;KAAE,CAAC,GAAG,IAAI;IAmBpJ;;OAEG;IACH,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAIrC;;;OAGG;IACH,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM;IAetE;;OAEG;IACH,SAAS;;;;;;;;;;;;;;;;;;IAkBT;;;OAGG;IACH,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,IAAI;IAa/D,2CAA2C;IAC3C,IAAI,eAAe,IAAI,OAAO,CAE7B;IAED,OAAO,IAAI,IAAI;IAKf,OAAO,CAAC,WAAW;CAiBpB"}
+{"version":3,"file":"gate.d.ts","sourceRoot":"","sources":["../src/gate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,UAAU,EAAE,cAAc,EAAE,YAAY,EAAe,aAAa,EAAE,eAAe,EAAE,MAAM,SAAS,CAAC;AAC7I,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACnC,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAEvC,qBAAa,IAAI;IACf,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC;IACzB,QAAQ,CAAC,WAAW,EAAE,WAAW,CAAC;IAClC,QAAQ,CAAC,KAAK,EAAE,UAAU,CAAC;IAC3B,QAAQ,CAAC,OAAO,EAAE,cAAc,GAAG,IAAI,CAAC;IACxC,QAAQ,CAAC,YAAY,EAAE,YAAY,CAAC;IACpC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAgB;IACvC,mEAAmE;IACnE,WAAW,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,KAAK;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IACzF,uDAAuD;IACvD,YAAY,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,KAAK,IAAI,CAAC;IACzD,iFAAiF;IACjF,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,IAAI,CAAC;IAC3C,wEAAwE;IACxE,iBAAiB,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,KAAK,IAAI,CAAC;gBAEjD,MAAM,EAAE,aAAa,EAAE,SAAS,CAAC,EAAE,MAAM;IAYrD;;OAEG;IACH,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,EAAE,QAAQ,EAAE,cAAc,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,YAAY;IAoJ1F;;;;;;;;OAQG;IACH,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,EAAE,KAAK,EAAE,aAAa,EAAE,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,eAAe;IAkQhG,oEAAoE;IACpE,OAAO,CAAC,iBAAiB;IAUzB;;OAEG;IACH,OAAO,CAAC,YAAY;IAgBpB;;;OAGG;IACH,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAAA;KAAE,CAAC,GAAG,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAAA;KAAE,CAAC,GAAG,IAAI;IAmBpJ;;OAEG;IACH,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAIrC;;;OAGG;IACH,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM;IAetE;;OAEG;IACH,SAAS,CAAC,SAAS,CAAC,EAAE,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;IAoB5B;;;OAGG;IACH,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,IAAI;IAa/D,2CAA2C;IAC3C,IAAI,eAAe,IAAI,OAAO,CAE7B;IAED,OAAO,IAAI,IAAI;IAKf,OAAO,CAAC,WAAW;CAmBpB"}

package/dist/gate.js

@@ -74,7 +74,7 @@ class Gate {
         if (clientIp && keyRecord.ipAllowlist.length > 0) {
             if (!this.store.checkIp(apiKey, clientIp)) {
                 const reason = `ip_not_allowed: ${clientIp} not in allowlist`;
-                this.recordEvent(apiKey, keyRecord.name, toolName, 0, false, reason);
+                this.recordEvent(apiKey, keyRecord.name, toolName, 0, false, reason, keyRecord.namespace);
                 if (this.config.shadowMode) {
                     return { allowed: true, reason: `shadow:${reason}`, creditsCharged: 0, remainingCredits: keyRecord.credits };
                 }
@@ -84,7 +84,7 @@ class Gate {
         // Step 3: Tool ACL check
         const aclResult = this.checkToolAcl(keyRecord, toolName);
         if (!aclResult.allowed) {
-            this.recordEvent(apiKey, keyRecord.name, toolName, 0, false, aclResult.reason);
+            this.recordEvent(apiKey, keyRecord.name, toolName, 0, false, aclResult.reason, keyRecord.namespace);
             if (this.config.shadowMode) {
                 return { allowed: true, reason: `shadow:${aclResult.reason}`, creditsCharged: 0, remainingCredits: keyRecord.credits };
             }
@@ -93,7 +93,7 @@ class Gate {
         // Step 4: Global rate limit?
         const rateResult = this.rateLimiter.check(apiKey);
         if (!rateResult.allowed) {
-            this.recordEvent(apiKey, keyRecord.name, toolName, 0, false, rateResult.reason);
+            this.recordEvent(apiKey, keyRecord.name, toolName, 0, false, rateResult.reason, keyRecord.namespace);
             if (this.config.shadowMode) {
                 return { allowed: true, reason: `shadow:${rateResult.reason}`, creditsCharged: 0, remainingCredits: keyRecord.credits };
             }
@@ -106,7 +106,7 @@ class Gate {
             const toolRateResult = this.rateLimiter.checkCustom(compositeKey, toolPricing.rateLimitPerMin);
             if (!toolRateResult.allowed) {
                 const reason = `tool_rate_limited: ${toolName} limited to ${toolPricing.rateLimitPerMin} calls/min`;
-                this.recordEvent(apiKey, keyRecord.name, toolName, 0, false, reason);
+                this.recordEvent(apiKey, keyRecord.name, toolName, 0, false, reason, keyRecord.namespace);
                 if (this.config.shadowMode) {
                     return { allowed: true, reason: `shadow:${reason}`, creditsCharged: 0, remainingCredits: keyRecord.credits };
                 }
@@ -115,7 +115,7 @@ class Gate {
         }
         // Step 6: Sufficient credits?
         if (!this.store.hasCredits(apiKey, creditsRequired)) {
-            this.recordEvent(apiKey, keyRecord.name, toolName, 0, false, 'insufficient_credits');
+            this.recordEvent(apiKey, keyRecord.name, toolName, 0, false, 'insufficient_credits', keyRecord.namespace);
             if (this.config.shadowMode) {
                 return { allowed: true, reason: 'shadow:insufficient_credits', creditsCharged: 0, remainingCredits: keyRecord.credits };
             }
@@ -130,7 +130,7 @@ class Gate {
         if (keyRecord.spendingLimit > 0) {
             const wouldSpend = keyRecord.totalSpent + creditsRequired;
             if (wouldSpend > keyRecord.spendingLimit) {
-                this.recordEvent(apiKey, keyRecord.name, toolName, 0, false, 'spending_limit_exceeded');
+                this.recordEvent(apiKey, keyRecord.name, toolName, 0, false, 'spending_limit_exceeded', keyRecord.namespace);
                 if (this.config.shadowMode) {
                     return { allowed: true, reason: 'shadow:spending_limit_exceeded', creditsCharged: 0, remainingCredits: keyRecord.credits };
                 }
@@ -145,7 +145,7 @@ class Gate {
         // Step 8: Usage quota check (daily/monthly limits)
         const quotaResult = this.quotaTracker.check(keyRecord, creditsRequired, this.config.globalQuota);
         if (!quotaResult.allowed) {
-            this.recordEvent(apiKey, keyRecord.name, toolName, 0, false, quotaResult.reason);
+            this.recordEvent(apiKey, keyRecord.name, toolName, 0, false, quotaResult.reason, keyRecord.namespace);
             if (this.config.shadowMode) {
                 return { allowed: true, reason: `shadow:${quotaResult.reason}`, creditsCharged: 0, remainingCredits: keyRecord.credits };
             }
@@ -155,7 +155,7 @@ class Gate {
         if (this.teamChecker) {
             const teamResult = this.teamChecker(apiKey, creditsRequired);
             if (!teamResult.allowed) {
-                this.recordEvent(apiKey, keyRecord.name, toolName, 0, false, teamResult.reason);
+                this.recordEvent(apiKey, keyRecord.name, toolName, 0, false, teamResult.reason, keyRecord.namespace);
                 if (this.config.shadowMode) {
                     return { allowed: true, reason: `shadow:${teamResult.reason}`, creditsCharged: 0, remainingCredits: keyRecord.credits };
                 }
@@ -178,9 +178,267 @@ class Gate {
         }
         this.store.save();
         const remaining = this.store.getKey(apiKey)?.credits ?? 0;
-        this.recordEvent(apiKey, keyRecord.name, toolName, creditsRequired, true);
+        this.recordEvent(apiKey, keyRecord.name, toolName, creditsRequired, true, undefined, keyRecord.namespace);
         return { allowed: true, creditsCharged: creditsRequired, remainingCredits: remaining };
     }
+    /**
+     * Evaluate a batch of tool calls atomically (all-or-nothing).
+     *
+     * Pre-validates all calls (auth, ACL, rate limits, credits, quotas, spending limits)
+     * before executing any. If any call would be denied, the entire batch is rejected
+     * and no credits are deducted.
+     *
+     * On success, deducts credits for all calls at once.
+     */
+    evaluateBatch(apiKey, calls, clientIp) {
+        if (calls.length === 0) {
+            return { allAllowed: true, totalCredits: 0, decisions: [], remainingCredits: 0, failedIndex: -1 };
+        }
+        // Step 1: API key present?
+        if (!apiKey) {
+            if (this.config.shadowMode) {
+                return this.shadowBatchResult(calls, 'shadow:missing_api_key');
+            }
+            return {
+                allAllowed: false,
+                totalCredits: 0,
+                decisions: calls.map(() => ({ allowed: false, reason: 'missing_api_key', creditsCharged: 0, remainingCredits: 0 })),
+                remainingCredits: 0,
+                reason: 'missing_api_key',
+                failedIndex: 0,
+            };
+        }
+        // Step 2: Valid key?
+        const keyRecord = this.store.getKey(apiKey);
+        if (!keyRecord) {
+            const isExpired = this.store.isExpired(apiKey);
+            const reason = isExpired ? 'api_key_expired' : 'invalid_api_key';
+            if (this.config.shadowMode) {
+                return this.shadowBatchResult(calls, `shadow:${reason}`);
+            }
+            return {
+                allAllowed: false,
+                totalCredits: 0,
+                decisions: calls.map(() => ({ allowed: false, reason, creditsCharged: 0, remainingCredits: 0 })),
+                remainingCredits: 0,
+                reason,
+                failedIndex: 0,
+            };
+        }
+        // Step 3: IP allowlist check
+        if (clientIp && keyRecord.ipAllowlist.length > 0) {
+            if (!this.store.checkIp(apiKey, clientIp)) {
+                const reason = `ip_not_allowed: ${clientIp} not in allowlist`;
+                if (this.config.shadowMode) {
+                    return this.shadowBatchResult(calls, `shadow:${reason}`);
+                }
+                return {
+                    allAllowed: false,
+                    totalCredits: 0,
+                    decisions: calls.map(() => ({ allowed: false, reason, creditsCharged: 0, remainingCredits: keyRecord.credits })),
+                    remainingCredits: keyRecord.credits,
+                    reason,
+                    failedIndex: 0,
+                };
+            }
+        }
+        // Step 4: Per-call pre-validation (ACL, per-tool rate limits) + aggregate credits
+        let totalCreditsNeeded = 0;
+        const perCallCredits = [];
+        // Track per-tool occurrence counts within the batch for rate limit checking
+        const batchToolCounts = new Map();
+        for (let i = 0; i < calls.length; i++) {
+            const call = calls[i];
+            // ACL check
+            const aclResult = this.checkToolAcl(keyRecord, call.name);
+            if (!aclResult.allowed) {
+                if (this.config.shadowMode) {
+                    perCallCredits.push(this.getToolPrice(call.name, call.arguments));
+                    continue;
+                }
+                return {
+                    allAllowed: false,
+                    totalCredits: 0,
+                    decisions: calls.map((_, j) => ({
+                        allowed: false,
+                        reason: j === i ? aclResult.reason : 'batch_rejected',
+                        creditsCharged: 0,
+                        remainingCredits: keyRecord.credits,
+                    })),
+                    remainingCredits: keyRecord.credits,
+                    reason: aclResult.reason,
+                    failedIndex: i,
+                };
+            }
+            // Per-tool rate limit check (batch-aware: count occurrences in batch)
+            const toolPricing = this.config.toolPricing[call.name];
+            if (toolPricing?.rateLimitPerMin && toolPricing.rateLimitPerMin > 0) {
+                const compositeKey = `${apiKey}:tool:${call.name}`;
+                const batchCount = (batchToolCounts.get(call.name) || 0) + 1;
+                batchToolCounts.set(call.name, batchCount);
+                // Check existing window usage + batch occurrences
+                const existingCount = this.rateLimiter.getCurrentCount(compositeKey);
+                if (existingCount + batchCount > toolPricing.rateLimitPerMin) {
+                    const reason = `tool_rate_limited: ${call.name} limited to ${toolPricing.rateLimitPerMin} calls/min`;
+                    if (this.config.shadowMode) {
+                        perCallCredits.push(this.getToolPrice(call.name, call.arguments));
+                        continue;
+                    }
+                    return {
+                        allAllowed: false,
+                        totalCredits: 0,
+                        decisions: calls.map((_, j) => ({
+                            allowed: false,
+                            reason: j === i ? reason : 'batch_rejected',
+                            creditsCharged: 0,
+                            remainingCredits: keyRecord.credits,
+                        })),
+                        remainingCredits: keyRecord.credits,
+                        reason,
+                        failedIndex: i,
+                    };
+                }
+            }
+            const price = this.getToolPrice(call.name, call.arguments);
+            perCallCredits.push(price);
+            totalCreditsNeeded += price;
+        }
+        // Step 5: Global rate limit — check once for the batch
+        const rateResult = this.rateLimiter.check(apiKey);
+        if (!rateResult.allowed) {
+            if (!this.config.shadowMode) {
+                return {
+                    allAllowed: false,
+                    totalCredits: 0,
+                    decisions: calls.map(() => ({ allowed: false, reason: rateResult.reason, creditsCharged: 0, remainingCredits: keyRecord.credits })),
+                    remainingCredits: keyRecord.credits,
+                    reason: rateResult.reason,
+                    failedIndex: 0,
+                };
+            }
+        }
+        // Step 6: Aggregate credit check
+        if (!this.store.hasCredits(apiKey, totalCreditsNeeded)) {
+            if (!this.config.shadowMode) {
+                return {
+                    allAllowed: false,
+                    totalCredits: 0,
+                    decisions: calls.map(() => ({
+                        allowed: false,
+                        reason: `insufficient_credits: need ${totalCreditsNeeded}, have ${keyRecord.credits}`,
+                        creditsCharged: 0,
+                        remainingCredits: keyRecord.credits,
+                    })),
+                    remainingCredits: keyRecord.credits,
+                    reason: `insufficient_credits: need ${totalCreditsNeeded}, have ${keyRecord.credits}`,
+                    failedIndex: 0,
+                };
+            }
+        }
+        // Step 7: Spending limit check (aggregate)
+        if (keyRecord.spendingLimit > 0) {
+            const wouldSpend = keyRecord.totalSpent + totalCreditsNeeded;
+            if (wouldSpend > keyRecord.spendingLimit) {
+                if (!this.config.shadowMode) {
+                    return {
+                        allAllowed: false,
+                        totalCredits: 0,
+                        decisions: calls.map(() => ({
+                            allowed: false,
+                            reason: `spending_limit_exceeded: limit ${keyRecord.spendingLimit}, spent ${keyRecord.totalSpent}, need ${totalCreditsNeeded}`,
+                            creditsCharged: 0,
+                            remainingCredits: keyRecord.credits,
+                        })),
+                        remainingCredits: keyRecord.credits,
+                        reason: `spending_limit_exceeded: limit ${keyRecord.spendingLimit}, spent ${keyRecord.totalSpent}, need ${totalCreditsNeeded}`,
+                        failedIndex: 0,
+                    };
+                }
+            }
+        }
+        // Step 8: Quota check (aggregate, batch-aware)
+        const quotaResult = this.quotaTracker.checkBatch(keyRecord, calls.length, totalCreditsNeeded, this.config.globalQuota);
+        if (!quotaResult.allowed) {
+            if (!this.config.shadowMode) {
+                return {
+                    allAllowed: false,
+                    totalCredits: 0,
+                    decisions: calls.map(() => ({
+                        allowed: false,
+                        reason: quotaResult.reason,
+                        creditsCharged: 0,
+                        remainingCredits: keyRecord.credits,
+                    })),
+                    remainingCredits: keyRecord.credits,
+                    reason: quotaResult.reason,
+                    failedIndex: 0,
+                };
+            }
+        }
+        // Step 9: Team budget check (aggregate)
+        if (this.teamChecker) {
+            const teamResult = this.teamChecker(apiKey, totalCreditsNeeded);
+            if (!teamResult.allowed) {
+                if (!this.config.shadowMode) {
+                    return {
+                        allAllowed: false,
+                        totalCredits: 0,
+                        decisions: calls.map(() => ({
+                            allowed: false,
+                            reason: teamResult.reason,
+                            creditsCharged: 0,
+                            remainingCredits: keyRecord.credits,
+                        })),
+                        remainingCredits: keyRecord.credits,
+                        reason: teamResult.reason,
+                        failedIndex: 0,
+                    };
+                }
+            }
+        }
+        // Step 10: ALL ALLOWED — deduct credits atomically
+        this.store.deductCredits(apiKey, totalCreditsNeeded);
+        this.onCreditsDeducted?.(apiKey, totalCreditsNeeded);
+        // Record rate limits and quota for each call
+        this.rateLimiter.record(apiKey);
+        for (const call of calls) {
+            const toolPricing = this.config.toolPricing[call.name];
+            if (toolPricing?.rateLimitPerMin && toolPricing.rateLimitPerMin > 0) {
+                this.rateLimiter.recordCustom(`${apiKey}:tool:${call.name}`);
+            }
+        }
+        this.quotaTracker.recordBatch(keyRecord, calls.length, totalCreditsNeeded);
+        if (this.teamRecorder) {
+            this.teamRecorder(apiKey, totalCreditsNeeded);
+        }
+        this.store.save();
+        const remaining = this.store.getKey(apiKey)?.credits ?? 0;
+        // Record usage events for each call
+        for (let i = 0; i < calls.length; i++) {
+            this.recordEvent(apiKey, keyRecord.name, calls[i].name, perCallCredits[i], true, undefined, keyRecord.namespace);
+        }
+        return {
+            allAllowed: true,
+            totalCredits: totalCreditsNeeded,
+            decisions: calls.map((_, i) => ({
+                allowed: true,
+                creditsCharged: perCallCredits[i],
+                remainingCredits: remaining,
+            })),
+            remainingCredits: remaining,
+            failedIndex: -1,
+        };
+    }
+    /** Build a shadow-mode batch result (all allowed, zero charges). */
+    shadowBatchResult(calls, reason) {
+        return {
+            allAllowed: true,
+            totalCredits: 0,
+            decisions: calls.map(() => ({ allowed: true, reason, creditsCharged: 0, remainingCredits: 0 })),
+            remainingCredits: 0,
+            failedIndex: -1,
+        };
+    }
     /**
      * Check if a tool call is allowed by the key's ACL.
      */
@@ -248,14 +506,16 @@ class Gate {
     /**
      * Get full status for dashboard.
      */
-    getStatus() {
+    getStatus(namespace) {
         return {
             name: this.config.name,
             shadowMode: this.config.shadowMode,
             activeKeys: this.store.activeKeyCount,
-            keys: this.store.listKeys(),
-            usage: this.meter.getSummary(),
+            keys: this.store.listKeys(namespace),
+            usage: this.meter.getSummary(undefined, namespace),
             eventCount: this.meter.eventCount,
+            namespaces: this.store.listNamespaces(),
+            ...(namespace ? { filteredNamespace: namespace } : {}),
             config: {
                 defaultCreditsPerCall: this.config.defaultCreditsPerCall,
                 globalRateLimitPerMin: this.config.globalRateLimitPerMin,
@@ -279,7 +539,7 @@ class Gate {
             this.quotaTracker.unrecord(keyRecord, credits);
             this.store.save();
         }
-        this.recordEvent(apiKey, keyRecord?.name || 'unknown', toolName, -credits, true, 'refund');
+        this.recordEvent(apiKey, keyRecord?.name || 'unknown', toolName, -credits, true, 'refund', keyRecord?.namespace);
     }
     /** Whether refund-on-failure is enabled */
     get refundOnFailure() {
@@ -289,7 +549,7 @@ class Gate {
         this.rateLimiter.destroy();
         this.webhook?.destroy();
     }
-    recordEvent(apiKey, keyName, tool, creditsCharged, allowed, denyReason) {
+    recordEvent(apiKey, keyName, tool, creditsCharged, allowed, denyReason, namespace) {
         const event = {
             timestamp: new Date().toISOString(),
             apiKey: apiKey.slice(0, 10),
@@ -298,6 +558,7 @@ class Gate {
             creditsCharged,
             allowed,
             denyReason,
+            namespace,
         };
         this.meter.record(event);
         this.webhook?.emit(event);