x402-bazaar 3.3.0 → 3.4.0

package/README.md

@@ -4,7 +4,7 @@
 
 > Connect your AI agent to the x402 Bazaar marketplace in one command.
 
-x402 Bazaar is an autonomous marketplace where AI agents buy and sell API services using the HTTP 402 protocol with USDC payments on Base L2.
+x402 Bazaar is an autonomous marketplace where AI agents buy and sell API services using the HTTP 402 protocol with USDC payments on Base L2, SKALE on Base, and Polygon.
 
 ## Quick Start
 
@@ -69,6 +69,7 @@ npx x402-bazaar list
 # Filter by blockchain network
 npx x402-bazaar list --chain base
 npx x402-bazaar list --chain skale
+npx x402-bazaar list --chain polygon
 
 # Filter by category
 npx x402-bazaar list --category ai
@@ -126,10 +127,10 @@ npx x402-bazaar wallet --balance
 
 x402 Bazaar is a marketplace where AI agents autonomously trade API services:
 
-- **Agents pay with USDC** on Base L2 (Coinbase's Layer 2)
+- **Agents pay with USDC** on Base L2, SKALE on Base, or Polygon
 - **HTTP 402 protocol** — the server responds with payment details, the agent pays, then retries
-- **Every payment is verifiable** on-chain via BaseScan
-- **70+ services** available (search, AI, crypto, weather, and more)
+- **Every payment is verifiable** on-chain via BaseScan, SKALE Explorer, or PolygonScan
+- **74+ services** available (search, AI, crypto, weather, and more)
 
 ### Pricing
 
@@ -149,7 +150,7 @@ x402 Bazaar is a marketplace where AI agents autonomously trade API services:
 
 | Repository | Description |
 |---|---|
-| **[x402-backend](https://github.com/Wintyx57/x402-backend)** | API server, 69 native endpoints, payment middleware, MCP server |
+| **[x402-backend](https://github.com/Wintyx57/x402-backend)** | API server, 74 native endpoints, payment middleware, MCP server |
 | **[x402-frontend](https://github.com/Wintyx57/x402-frontend)** | React + TypeScript UI, wallet connect |
 | **[x402-bazaar-cli](https://github.com/Wintyx57/x402-bazaar-cli)** | `npx x402-bazaar` -- CLI with 7 commands (this repo) |
 | **[x402-sdk](https://github.com/Wintyx57/x402-sdk)** | TypeScript SDK for AI agents |

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "x402-bazaar",
-  "version": "3.3.0",
+  "version": "3.4.0",
   "description": "CLI for x402 Bazaar — AI Agent Marketplace. Browse, call, and auto-pay APIs with USDC on Base. One command to connect your agent.",
   "type": "module",
   "main": "bin/cli.js",

package/src/commands/call.js

@@ -104,10 +104,19 @@ export async function callCommand(endpoint, options) {
       const serverSplit = paymentInfo.payment_details?.split || null;
       const isSplitMode = !!(providerWallet);
 
+      // Facilitator mode (Polygon Phase 2): payment_mode === 'fee_splitter'
+      const paymentMode = paymentInfo.payment_details?.payment_mode || null;
+      const facilitatorUrl = paymentInfo.payment_details?.facilitator || paymentInfo.facilitator || null;
+      const isFacilitatorMode = paymentMode === 'fee_splitter' && !!facilitatorUrl;
+
       if (price) {
         log.info(`Price: ${chalk.cyan.bold(`${price} USDC`)}`);
       }
-      if (isSplitMode) {
+      if (isFacilitatorMode) {
+        log.dim(`  Mode: fee_splitter via Polygon facilitator (gas-free)`);
+        log.dim(`  Facilitator: ${facilitatorUrl}`);
+        log.dim(`  Recipient: ${payTo}`);
+      } else if (isSplitMode) {
         log.dim(`  Mode: split native (95% provider / 5% platform)`);
         log.dim(`  Provider wallet: ${providerWallet}`);
         log.dim(`  Platform wallet: ${payTo}`);
@@ -118,7 +127,11 @@ export async function callCommand(endpoint, options) {
 
       // Auto-pay if key is available
       if (autoPay && price && payTo) {
-        if (isSplitMode) {
+        if (isFacilitatorMode) {
+          await handleFacilitatorPayment(
+            privateKey, price, facilitatorUrl, paymentInfo.payment_details, finalUrl, fetchOptions
+          );
+        } else if (isSplitMode) {
           await handleSplitAutoPayment(
             privateKey, price, providerWallet, payTo, serverSplit, finalUrl, fetchOptions
           );
@@ -230,6 +243,85 @@ function normalizeKey(key) {
   return key;
 }
 
+/**
+ * Handle Polygon facilitator payment (EIP-3009 gas-free, fee_splitter mode) and retry.
+ *
+ * Flow:
+ *   1. Sign EIP-3009 TransferWithAuthorization off-chain ($0 gas for user)
+ *   2. POST to facilitator /settle — facilitator executes on-chain
+ *   3. Retry the API call with the txHash as proof (X-Payment-TxHash header)
+ *
+ * Falls back to standard sendUsdcPayment on the same recipient if the facilitator fails.
+ *
+ * @param {string} privateKey      - Agent private key (hex, with 0x)
+ * @param {number} price           - Full price in USDC
+ * @param {string} facilitatorUrl  - Facilitator base URL
+ * @param {object} details         - payment_details from the 402 response
+ * @param {string} url             - API endpoint URL
+ * @param {object} fetchOptions    - Fetch options for the retry request
+ */
+async function handleFacilitatorPayment(
+  privateKey, price, facilitatorUrl, details, url, fetchOptions
+) {
+  const spinner = ora(
+    `Signing EIP-3009 permit and settling via Polygon facilitator (gas-free)...`
+  ).start();
+
+  let txHash;
+
+  try {
+    const { sendViaFacilitator } = await import('../lib/payment.js');
+    txHash = await sendViaFacilitator(privateKey, facilitatorUrl, details, url);
+
+    spinner.succeed(
+      `Facilitator settlement confirmed: ${chalk.hex('#34D399').bold(`${price} USDC`)} ` +
+      `(gas-free via Polygon facilitator)`
+    );
+    log.dim(`  Tx: https://polygonscan.com/tx/${txHash}`);
+    console.log('');
+  } catch (facilitatorErr) {
+    spinner.warn(`Facilitator payment failed — falling back to direct transfer`);
+    log.dim(`  Reason: ${facilitatorErr.message}`);
+    console.log('');
+
+    // Fallback: direct USDC transfer on Polygon (standard sendUsdcPayment on Base
+    // is intentionally NOT used here; we log a clear message and exit so the user
+    // knows they need MATIC gas or can retry manually)
+    log.error('Fallback direct transfer not available for Polygon in facilitator mode.');
+    log.dim('  Ensure POLYGON_FACILITATOR_URL is reachable or retry later.');
+    log.dim('  You can also send USDC manually and provide --key with sufficient MATIC for gas.');
+    console.log('');
+    process.exit(1);
+  }
+
+  // Retry with facilitator payment proof
+  const retrySpinner = ora('Retrying with facilitator payment proof...').start();
+
+  const retryRes = await fetch(url, {
+    ...fetchOptions,
+    headers: {
+      ...fetchOptions.headers,
+      'X-Payment-TxHash': txHash,
+      'X-Payment-Chain':  'polygon',
+    },
+  });
+
+  retrySpinner.stop();
+
+  if (!retryRes.ok) {
+    console.log('');
+    log.error(`HTTP ${retryRes.status}: ${retryRes.statusText}`);
+    try {
+      const body = await retryRes.text();
+      if (body) console.log(chalk.red(body));
+    } catch { /* ignore */ }
+    console.log('');
+    process.exit(1);
+  }
+
+  await displayResponse(retryRes);
+}
+
 /**
  * Handle split native payment (95% to provider, 5% to platform) and retry.
  *

package/src/commands/init.js

@@ -146,7 +146,7 @@ export async function initCommand(options) {
     if (!existsSync(pkgJsonPath)) {
       writeFileSync(pkgJsonPath, JSON.stringify({
         name: 'x402-bazaar-mcp',
-        version: '2.0.0',
+        version: '2.5.0',
         type: 'module',
         private: true,
         dependencies: {

package/src/lib/payment.js

@@ -1,6 +1,7 @@
 import { createWalletClient, createPublicClient, http, parseUnits, encodeFunctionData } from 'viem';
-import { base } from 'viem/chains';
+import { base, polygon } from 'viem/chains';
 import { privateKeyToAccount } from 'viem/accounts';
+import { randomBytes } from 'crypto';
 
 const USDC_CONTRACT = '0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913';
 const USDC_ABI = [
@@ -25,6 +26,9 @@ const USDC_ABI = [
 /** Minimum amount in micro-USDC (6 decimals) to allow a split payment. */
 const MIN_SPLIT_AMOUNT_RAW = 100n; // 0.0001 USDC
 
+/** USDC contract on Polygon mainnet (Circle native, 6 decimals). */
+const POLYGON_USDC_CONTRACT = '0x3c499c542cEF5E3811e1192ce70d8cC03d5c3359';
+
 /**
  * Build viem wallet + public clients for Base mainnet.
  * @param {string} privateKey
@@ -38,6 +42,161 @@ function buildClients(privateKey) {
   return { walletClient, publicClient, account };
 }
 
+/**
+ * Build viem wallet + public clients for Polygon mainnet.
+ * @param {string} privateKey
+ * @returns {{ walletClient, publicClient, account }}
+ */
+function buildPolygonClients(privateKey) {
+  const account = privateKeyToAccount(privateKey);
+  const transport = http('https://polygon-bor-rpc.publicnode.com');
+  const walletClient = createWalletClient({ account, chain: polygon, transport });
+  const publicClient = createPublicClient({ chain: polygon, transport });
+  return { walletClient, publicClient, account };
+}
+
+/**
+ * Sign an EIP-3009 TransferWithAuthorization off-chain (zero gas).
+ * Used for Polygon facilitator payments.
+ *
+ * @param {object} walletClient - viem wallet client (Polygon chain)
+ * @param {object} account - viem account
+ * @param {string} amountRaw - amount as string (integer, 6 decimals)
+ * @param {string} to - recipient address
+ * @param {number} validAfter - unix timestamp (usually 0)
+ * @param {number} validBefore - unix timestamp (5 min from now)
+ * @returns {{ signature: string, authorization: object }}
+ */
+async function signEIP3009Auth(walletClient, account, amountRaw, to, validAfter, validBefore) {
+  // Random bytes32 nonce (EIP-3009 uses random nonces, not sequential)
+  const nonce = '0x' + randomBytes(32).toString('hex');
+
+  const domain = {
+    name: 'USD Coin',
+    version: '2',
+    chainId: 137,
+    verifyingContract: POLYGON_USDC_CONTRACT,
+  };
+
+  const types = {
+    TransferWithAuthorization: [
+      { name: 'from',        type: 'address' },
+      { name: 'to',          type: 'address' },
+      { name: 'value',       type: 'uint256' },
+      { name: 'validAfter',  type: 'uint256' },
+      { name: 'validBefore', type: 'uint256' },
+      { name: 'nonce',       type: 'bytes32' },
+    ],
+  };
+
+  const message = {
+    from:        account.address,
+    to,
+    value:       BigInt(amountRaw),
+    validAfter:  BigInt(validAfter),
+    validBefore: BigInt(validBefore),
+    nonce,
+  };
+
+  const signature = await walletClient.signTypedData({
+    domain,
+    types,
+    primaryType: 'TransferWithAuthorization',
+    message,
+  });
+
+  return {
+    signature,
+    authorization: {
+      from:        account.address,
+      to,
+      value:       amountRaw.toString(),
+      validAfter:  validAfter.toString(),
+      validBefore: validBefore.toString(),
+      nonce,
+    },
+  };
+}
+
+/**
+ * Pay via Polygon facilitator (EIP-3009, gas-free for the user).
+ *
+ * Flow:
+ *   1. Sign EIP-3009 TransferWithAuthorization off-chain ($0 gas)
+ *   2. POST to facilitator /settle — facilitator executes on-chain
+ *   3. Return the txHash from the facilitator
+ *
+ * @param {string}  privateKey     - Hex private key (with 0x prefix)
+ * @param {string}  facilitatorUrl - Base URL of the facilitator (e.g. https://x402.polygon.technology)
+ * @param {object}  details        - Payment details from the 402 response body
+ * @param {string}  details.amount    - Amount in USDC (e.g. "0.01")
+ * @param {string}  details.recipient - Recipient address (FeeSplitter contract or platform wallet)
+ * @param {string}  apiUrl         - Original API URL (used as resource in paymentRequirements)
+ * @returns {string} txHash
+ * @throws {Error} if the facilitator rejects the settlement
+ */
+export async function sendViaFacilitator(privateKey, facilitatorUrl, details, apiUrl) {
+  const { walletClient, account } = buildPolygonClients(privateKey);
+
+  const cost = parseFloat(details.amount);
+  const amountRaw = BigInt(Math.round(cost * 1e6));
+
+  const validAfter = 0;
+  const validBefore = Math.floor(Date.now() / 1000) + 300; // 5 minutes
+
+  const recipient = details.recipient;
+
+  // Step 1: Sign EIP-3009 TransferWithAuthorization off-chain (zero gas)
+  const { signature, authorization } = await signEIP3009Auth(
+    walletClient,
+    account,
+    amountRaw.toString(),
+    recipient,
+    validAfter,
+    validBefore,
+  );
+
+  // Step 2: Build x402 paymentPayload (Version 1, exact scheme, EVM)
+  const paymentPayload = {
+    x402Version: 1,
+    scheme:      'exact',
+    network:     'polygon',
+    payload:     { signature, authorization },
+  };
+
+  const paymentRequirements = {
+    scheme:            'exact',
+    network:           'polygon',
+    maxAmountRequired: amountRaw.toString(),
+    resource:          apiUrl,
+    description:       'x402 Bazaar API payment',
+    mimeType:          'application/json',
+    payTo:             recipient,
+    asset:             POLYGON_USDC_CONTRACT,
+    maxTimeoutSeconds: 60,
+  };
+
+  // Step 3: POST to facilitator /settle
+  const settleUrl = `${facilitatorUrl}/settle`;
+  const settleRes = await fetch(settleUrl, {
+    method:  'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body:    JSON.stringify({ x402Version: 1, paymentPayload, paymentRequirements }),
+    signal:  AbortSignal.timeout(30000),
+  });
+
+  const settleData = await settleRes.json();
+
+  if (!settleData.success) {
+    throw new Error(
+      `Facilitator settlement failed: ${settleData.errorReason || 'unknown'} — ` +
+      `${settleData.errorMessage || JSON.stringify(settleData)}`
+    );
+  }
+
+  return settleData.transaction;
+}
+
 /**
  * Send a single USDC transfer on Base mainnet and wait for confirmation.
  * Caller is responsible for balance checks.