x402-proxy 0.6.0 → 0.7.1

package/dist/openclaw/plugin.js

@@ -0,0 +1,1120 @@
+import os, { homedir } from "node:os";
+import path, { dirname, join } from "node:path";
+import { address, appendTransactionMessageInstructions, createKeyPairSignerFromBytes, createSolanaRpc, createTransactionMessage, getAddressEncoder, getBase64EncodedWireTransaction, getProgramDerivedAddress, partiallySignTransactionMessageWithSigners, pipe, setTransactionMessageFeePayer, setTransactionMessageLifetimeUsingBlockhash } from "@solana/kit";
+import { decodePaymentResponseHeader, wrapFetchWithPayment, x402Client } from "@x402/fetch";
+import { ExactSvmScheme } from "@x402/svm/exact/client";
+import fs, { appendFileSync, existsSync, mkdirSync, readFileSync, statSync, writeFileSync } from "node:fs";
+import "yaml";
+import { ed25519 } from "@noble/curves/ed25519.js";
+import { base58 } from "@scure/base";
+import "@x402/evm";
+import "@x402/evm/exact/client";
+import "viem";
+import { privateKeyToAccount } from "viem/accounts";
+import "viem/chains";
+import { secp256k1 } from "@noble/curves/secp256k1.js";
+import { hmac } from "@noble/hashes/hmac.js";
+import { sha512 } from "@noble/hashes/sha2.js";
+import { keccak_256 } from "@noble/hashes/sha3.js";
+import { HDKey } from "@scure/bip32";
+import { mnemonicToSeedSync } from "@scure/bip39";
+import "@scure/bip39/wordlists/english.js";
+import { Type } from "@sinclair/typebox";
+
+//#region src/handler.ts
+/**
+* Extract the on-chain transaction signature from an x402 payment response header.
+*/
+function extractTxSignature(response) {
+	const x402Header = response.headers.get("PAYMENT-RESPONSE") ?? response.headers.get("X-PAYMENT-RESPONSE");
+	if (x402Header) try {
+		return decodePaymentResponseHeader(x402Header).transaction ?? void 0;
+	} catch {}
+	const mppHeader = response.headers.get("Payment-Receipt");
+	if (mppHeader) try {
+		return JSON.parse(Buffer.from(mppHeader, "base64url").toString()).reference ?? void 0;
+	} catch {
+		return;
+	}
+}
+/**
+* Create an x402 proxy handler that wraps fetch with automatic payment.
+*/
+function createX402ProxyHandler(opts) {
+	const { client } = opts;
+	const paymentQueue = [];
+	client.onAfterPaymentCreation(async (hookCtx) => {
+		const raw = hookCtx.selectedRequirements.amount;
+		paymentQueue.push({
+			protocol: "x402",
+			network: hookCtx.selectedRequirements.network,
+			payTo: hookCtx.selectedRequirements.payTo,
+			amount: raw,
+			asset: hookCtx.selectedRequirements.asset
+		});
+	});
+	return {
+		x402Fetch: wrapFetchWithPayment(globalThis.fetch, client),
+		shiftPayment: () => paymentQueue.shift()
+	};
+}
+
+//#endregion
+//#region src/lib/config.ts
+const APP_NAME = "x402-proxy";
+function getConfigDir() {
+	const xdg = process.env.XDG_CONFIG_HOME || path.join(os.homedir(), ".config");
+	return path.join(xdg, APP_NAME);
+}
+function getWalletPath() {
+	return path.join(getConfigDir(), "wallet.json");
+}
+function getHistoryPath() {
+	return path.join(getConfigDir(), "history.jsonl");
+}
+function loadWalletFile() {
+	const p = getWalletPath();
+	if (!fs.existsSync(p)) return null;
+	try {
+		const data = JSON.parse(fs.readFileSync(p, "utf-8"));
+		if (data.version === 1 && typeof data.mnemonic === "string") return data;
+		return null;
+	} catch {
+		return null;
+	}
+}
+
+//#endregion
+//#region src/history.ts
+const HISTORY_MAX_LINES = 1e3;
+const HISTORY_KEEP_LINES = 500;
+function appendHistory(historyPath, record) {
+	try {
+		mkdirSync(dirname(historyPath), { recursive: true });
+		appendFileSync(historyPath, `${JSON.stringify(record)}\n`);
+		if (existsSync(historyPath)) {
+			if (statSync(historyPath).size > HISTORY_MAX_LINES * 200) {
+				const lines = readFileSync(historyPath, "utf-8").trimEnd().split("\n");
+				if (lines.length > HISTORY_MAX_LINES) writeFileSync(historyPath, `${lines.slice(-HISTORY_KEEP_LINES).join("\n")}\n`);
+			}
+		}
+	} catch {}
+}
+function readHistory(historyPath) {
+	try {
+		if (!existsSync(historyPath)) return [];
+		const content = readFileSync(historyPath, "utf-8").trimEnd();
+		if (!content) return [];
+		return content.split("\n").flatMap((line) => {
+			try {
+				const parsed = JSON.parse(line);
+				if (typeof parsed.t !== "number" || typeof parsed.kind !== "string") return [];
+				return [parsed];
+			} catch {
+				return [];
+			}
+		});
+	} catch {
+		return [];
+	}
+}
+function calcSpend(records) {
+	const todayStart = /* @__PURE__ */ new Date();
+	todayStart.setUTCHours(0, 0, 0, 0);
+	const todayMs = todayStart.getTime();
+	let today = 0;
+	let total = 0;
+	let count = 0;
+	for (const r of records) {
+		if (!r.ok || r.amount == null) continue;
+		if (r.token !== "USDC") continue;
+		total += r.amount;
+		count++;
+		if (r.t >= todayMs) today += r.amount;
+	}
+	return {
+		today,
+		total,
+		count
+	};
+}
+function formatAmount(amount, token) {
+	if (token === "USDC") {
+		if (amount >= .01) return `${amount.toFixed(2)} USDC`;
+		if (amount >= .001) return `${amount.toFixed(3)} USDC`;
+		if (amount >= 1e-4) return `${amount.toFixed(4)} USDC`;
+		return `${amount.toFixed(6)} USDC`;
+	}
+	if (token === "SOL") return `${amount} SOL`;
+	return `${amount} ${token}`;
+}
+const KIND_LABELS = {
+	x402_inference: "inference",
+	x402_payment: "payment",
+	mpp_payment: "mpp payment",
+	transfer: "transfer",
+	buy: "buy",
+	sell: "sell",
+	mint: "mint",
+	swap: "swap"
+};
+function explorerUrl(net, tx) {
+	if (net.startsWith("eip155:")) {
+		const chainId = net.split(":")[1];
+		if (chainId === "4217") return `https://explore.mainnet.tempo.xyz/tx/${tx}`;
+		if (chainId === "8453") return `https://basescan.org/tx/${tx}`;
+		return `https://basescan.org/tx/${tx}`;
+	}
+	return `https://solscan.io/tx/${tx}`;
+}
+/** Strip provider prefix and OpenRouter date suffixes from model IDs.
+*  e.g. "minimax/minimax-m2.5-20260211" -> "minimax-m2.5"
+*       "moonshotai/kimi-k2.5-0127" -> "kimi-k2.5" */
+function shortModel(model) {
+	const parts = model.split("/");
+	return parts[parts.length - 1].replace(/-\d{6,8}$/, "").replace(/-\d{4}$/, "");
+}
+function shortNetwork(net) {
+	if (net === "eip155:8453") return "base";
+	if (net === "eip155:4217") return "tempo";
+	if (net.startsWith("eip155:")) return `evm:${net.split(":")[1]}`;
+	if (net.startsWith("solana:")) return "sol";
+	return net;
+}
+function formatTxLine(r, opts) {
+	const time = new Date(r.t).toLocaleTimeString("en-US", {
+		hour: "2-digit",
+		minute: "2-digit",
+		hour12: false,
+		timeZone: "UTC"
+	});
+	const timeStr = r.tx ? `[${time}](${explorerUrl(r.net, r.tx)})` : time;
+	const parts = [r.kind === "x402_inference" && r.model ? shortModel(r.model) : KIND_LABELS[r.kind] ?? r.kind];
+	if (r.label) parts.push(r.label);
+	if (r.ok && r.amount != null && r.token) parts.push(formatAmount(r.amount, r.token));
+	else if (r.ok && r.kind === "sell" && r.meta?.pct != null) parts.push(`${r.meta.pct}%`);
+	parts.push(shortNetwork(r.net));
+	if (opts?.verbose && r.tx) {
+		const short = r.tx.length > 20 ? `${r.tx.slice(0, 10)}...${r.tx.slice(-6)}` : r.tx;
+		parts.push(short);
+	}
+	return `  ${timeStr} ${r.ok ? "" : "✗ "}${parts.join(" · ")}`;
+}
+
+//#endregion
+//#region src/lib/derive.ts
+/**
+* Wallet derivation from BIP-39 mnemonic.
+*
+* A single 24-word mnemonic is the root secret. Both Solana and EVM keypairs
+* are deterministically derived from it.
+*
+* Solana: SLIP-10 Ed25519 at m/44'/501'/0'/0'
+* EVM:    BIP-32 secp256k1  at m/44'/60'/0'/0/0
+*
+* Ported from agentbox/packages/openclaw-x402/src/wallet.ts
+*/
+/**
+* SLIP-10 Ed25519 derivation at m/44'/501'/0'/0' (Phantom/Backpack compatible).
+*/
+const enc = new TextEncoder();
+function deriveSolanaKeypair(mnemonic) {
+	const seed = mnemonicToSeedSync(mnemonic);
+	let I = hmac(sha512, enc.encode("ed25519 seed"), seed);
+	let key = I.slice(0, 32);
+	let chainCode = I.slice(32);
+	for (const index of [
+		2147483692,
+		2147484149,
+		2147483648,
+		2147483648
+	]) {
+		const data = new Uint8Array(37);
+		data[0] = 0;
+		data.set(key, 1);
+		data[33] = index >>> 24 & 255;
+		data[34] = index >>> 16 & 255;
+		data[35] = index >>> 8 & 255;
+		data[36] = index & 255;
+		I = hmac(sha512, chainCode, data);
+		key = I.slice(0, 32);
+		chainCode = I.slice(32);
+	}
+	const secretKey = new Uint8Array(key);
+	const publicKey = ed25519.getPublicKey(secretKey);
+	return {
+		secretKey,
+		publicKey,
+		address: base58.encode(publicKey)
+	};
+}
+/**
+* BIP-32 secp256k1 derivation at m/44'/60'/0'/0/0.
+*/
+function deriveEvmKeypair(mnemonic) {
+	const seed = mnemonicToSeedSync(mnemonic);
+	const derived = HDKey.fromMasterSeed(seed).derive("m/44'/60'/0'/0/0");
+	if (!derived.privateKey) throw new Error("Failed to derive EVM private key");
+	const privateKey = `0x${Buffer.from(derived.privateKey).toString("hex")}`;
+	const hash = keccak_256(secp256k1.getPublicKey(derived.privateKey, false).slice(1));
+	return {
+		privateKey,
+		address: checksumAddress(Buffer.from(hash.slice(-20)).toString("hex"))
+	};
+}
+function checksumAddress(addr) {
+	const hash = Buffer.from(keccak_256(enc.encode(addr))).toString("hex");
+	let out = "0x";
+	for (let i = 0; i < 40; i++) out += Number.parseInt(hash[i], 16) >= 8 ? addr[i].toUpperCase() : addr[i];
+	return out;
+}
+
+//#endregion
+//#region src/lib/resolve-wallet.ts
+/**
+* Resolve wallet keys following the priority cascade:
+* 1. Flags (--evm-key / --solana-key as raw key strings)
+* 2. X402_PROXY_WALLET_EVM_KEY / X402_PROXY_WALLET_SOLANA_KEY env vars
+* 3. X402_PROXY_WALLET_MNEMONIC env var (derives both)
+* 4. ~/.config/x402-proxy/wallet.json (mnemonic file)
+*/
+function resolveWallet(opts) {
+	if (opts?.evmKey || opts?.solanaKey) {
+		const result = { source: "flag" };
+		if (opts.evmKey) {
+			const hex = opts.evmKey.startsWith("0x") ? opts.evmKey : `0x${opts.evmKey}`;
+			result.evmKey = hex;
+			result.evmAddress = privateKeyToAccount(hex).address;
+		}
+		if (opts.solanaKey) {
+			result.solanaKey = parsesolanaKey(opts.solanaKey);
+			result.solanaAddress = solanaAddressFromKey(result.solanaKey);
+		}
+		return result;
+	}
+	const envEvm = process.env.X402_PROXY_WALLET_EVM_KEY;
+	const envSol = process.env.X402_PROXY_WALLET_SOLANA_KEY;
+	if (envEvm || envSol) {
+		const result = { source: "env" };
+		if (envEvm) {
+			const hex = envEvm.startsWith("0x") ? envEvm : `0x${envEvm}`;
+			result.evmKey = hex;
+			result.evmAddress = privateKeyToAccount(hex).address;
+		}
+		if (envSol) {
+			result.solanaKey = parsesolanaKey(envSol);
+			result.solanaAddress = solanaAddressFromKey(result.solanaKey);
+		}
+		return result;
+	}
+	const envMnemonic = process.env.X402_PROXY_WALLET_MNEMONIC;
+	if (envMnemonic) return resolveFromMnemonic(envMnemonic, "mnemonic-env");
+	const walletFile = loadWalletFile();
+	if (walletFile) return resolveFromMnemonic(walletFile.mnemonic, "wallet-file");
+	return { source: "none" };
+}
+function resolveFromMnemonic(mnemonic, source) {
+	const evm = deriveEvmKeypair(mnemonic);
+	const sol = deriveSolanaKeypair(mnemonic);
+	const solanaKey = new Uint8Array(64);
+	solanaKey.set(sol.secretKey, 0);
+	solanaKey.set(sol.publicKey, 32);
+	return {
+		evmKey: evm.privateKey,
+		evmAddress: evm.address,
+		solanaKey,
+		solanaAddress: sol.address,
+		source
+	};
+}
+function parsesolanaKey(input) {
+	const trimmed = input.trim();
+	if (trimmed.startsWith("[")) {
+		const arr = JSON.parse(trimmed);
+		return new Uint8Array(arr);
+	}
+	return base58.decode(trimmed);
+}
+function solanaAddressFromKey(keyBytes) {
+	if (keyBytes.length >= 64) return base58.encode(keyBytes.slice(32));
+	return base58.encode(ed25519.getPublicKey(keyBytes));
+}
+
+//#endregion
+//#region src/wallet.ts
+/**
+* Load a Solana keypair from a solana-keygen JSON file.
+* Format: JSON array of 64 numbers [32 secret bytes + 32 public bytes].
+*/
+async function loadSvmWallet(keypairPath) {
+	const data = JSON.parse(readFileSync(keypairPath, "utf-8"));
+	return createKeyPairSignerFromBytes(new Uint8Array(data));
+}
+
+//#endregion
+//#region src/openclaw/solana.ts
+const USDC_MINT = "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v";
+const TOKEN_PROGRAM = address("TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA");
+const ASSOCIATED_TOKEN_PROGRAM = address("ATokenGPvbdGVxr1b2hvZbsiqW5xWH25efTNsLJA8knL");
+async function findAta(mint, owner) {
+	const encoder = getAddressEncoder();
+	const [pda] = await getProgramDerivedAddress({
+		programAddress: ASSOCIATED_TOKEN_PROGRAM,
+		seeds: [
+			encoder.encode(owner),
+			encoder.encode(TOKEN_PROGRAM),
+			encoder.encode(mint)
+		]
+	});
+	return pda;
+}
+function transferCheckedIx(source, mint, destination, authority, amount, decimals) {
+	const data = new Uint8Array(10);
+	data[0] = 12;
+	new DataView(data.buffer).setBigUint64(1, amount, true);
+	data[9] = decimals;
+	return {
+		programAddress: TOKEN_PROGRAM,
+		accounts: [
+			{
+				address: source,
+				role: 2
+			},
+			{
+				address: mint,
+				role: 0
+			},
+			{
+				address: destination,
+				role: 2
+			},
+			{
+				address: authority.address,
+				role: 1
+			}
+		],
+		data
+	};
+}
+async function getTokenAccounts(rpcUrl, owner) {
+	const { value } = await createSolanaRpc(rpcUrl).getTokenAccountsByOwner(address(owner), { programId: TOKEN_PROGRAM }, { encoding: "jsonParsed" }).send();
+	return value.map((v) => {
+		const info = v.account.data.parsed.info;
+		return {
+			mint: info.mint,
+			amount: info.tokenAmount.uiAmountString,
+			decimals: info.tokenAmount.decimals
+		};
+	}).filter((t) => t.mint !== USDC_MINT && t.amount !== "0");
+}
+async function getUsdcBalance(rpcUrl, owner) {
+	const { value } = await createSolanaRpc(rpcUrl).getTokenAccountsByOwner(address(owner), { mint: address(USDC_MINT) }, { encoding: "jsonParsed" }).send();
+	if (value.length > 0) {
+		const ta = value[0].account.data.parsed.info.tokenAmount;
+		return {
+			raw: BigInt(ta.amount),
+			ui: ta.uiAmount !== null ? ta.uiAmount.toFixed(2) : "0.00"
+		};
+	}
+	return {
+		raw: 0n,
+		ui: "0.00"
+	};
+}
+async function getSolBalanceLamports(rpcUrl, owner) {
+	const { value } = await createSolanaRpc(rpcUrl).getBalance(address(owner)).send();
+	return value;
+}
+async function getSolBalance(rpcUrl, owner) {
+	const lamports = await getSolBalanceLamports(rpcUrl, owner);
+	return (Number(lamports) / 1e9).toFixed(4);
+}
+async function checkAtaExists(rpcUrl, owner) {
+	const ata = await findAta(address(USDC_MINT), address(owner));
+	const { value } = await createSolanaRpc(rpcUrl).getAccountInfo(ata, { encoding: "base64" }).send();
+	return value !== null;
+}
+async function transferUsdc(signer, rpcUrl, dest, amountRaw) {
+	const rpc = createSolanaRpc(rpcUrl);
+	const usdcMint = address(USDC_MINT);
+	const transferIx = transferCheckedIx(await findAta(usdcMint, signer.address), usdcMint, await findAta(usdcMint, address(dest)), signer, amountRaw, 6);
+	const { value: latestBlockhash } = await rpc.getLatestBlockhash().send();
+	const encoded = getBase64EncodedWireTransaction(await partiallySignTransactionMessageWithSigners(pipe(createTransactionMessage({ version: 0 }), (m) => setTransactionMessageFeePayer(signer.address, m), (m) => appendTransactionMessageInstructions([transferIx], m), (m) => setTransactionMessageLifetimeUsingBlockhash(latestBlockhash, m))));
+	return await rpc.sendTransaction(encoded, { encoding: "base64" }).send();
+}
+
+//#endregion
+//#region src/openclaw/tools.ts
+const SOL_MAINNET = "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp";
+const USDC_DECIMALS = 6;
+const INFERENCE_RESERVE = .3;
+const MAX_RESPONSE_CHARS = 5e4;
+function paymentAmount(payment) {
+	if (!payment?.amount) return void 0;
+	const parsed = Number.parseFloat(payment.amount);
+	return Number.isNaN(parsed) ? void 0 : parsed / 10 ** USDC_DECIMALS;
+}
+function toolResult(text) {
+	return {
+		content: [{
+			type: "text",
+			text
+		}],
+		details: {}
+	};
+}
+async function getWalletSnapshot(rpcUrl, wallet, historyPath) {
+	const [{ ui, raw }, sol, tokens] = await Promise.all([
+		getUsdcBalance(rpcUrl, wallet),
+		getSolBalance(rpcUrl, wallet),
+		getTokenAccounts(rpcUrl, wallet).catch(() => [])
+	]);
+	const records = readHistory(historyPath);
+	return {
+		ui,
+		raw,
+		sol,
+		tokens,
+		records,
+		spend: calcSpend(records)
+	};
+}
+function createBalanceTool(ctx) {
+	return {
+		name: "x_balance",
+		label: "Wallet Balance",
+		description: "Check wallet SOL and USDC balances. Use before making payments to verify sufficient funds.",
+		parameters: Type.Object({}),
+		async execute() {
+			const walletAddress = ctx.getWalletAddress();
+			if (!walletAddress) return toolResult("Wallet not loaded yet. Wait for gateway startup.");
+			try {
+				const snap = await getWalletSnapshot(ctx.rpcUrl, walletAddress, ctx.historyPath);
+				const total = Number.parseFloat(snap.ui);
+				const available = Math.max(0, total - INFERENCE_RESERVE);
+				const tokenLines = snap.tokens.slice(0, 5).map((t) => {
+					const short = `${t.mint.slice(0, 4)}...${t.mint.slice(-4)}`;
+					return `${Number.parseFloat(t.amount).toLocaleString("en-US", { maximumFractionDigits: 0 })} (${short})`;
+				});
+				return toolResult([
+					`Wallet: ${walletAddress}`,
+					`SOL: ${snap.sol} SOL`,
+					`USDC: ${snap.ui} USDC`,
+					`Available for tools: ${available.toFixed(2)} USDC`,
+					`Reserved for inference: ${INFERENCE_RESERVE.toFixed(2)} USDC`,
+					`Spent today: ${snap.spend.today.toFixed(4)} USDC`,
+					`Total spent: ${snap.spend.total.toFixed(4)} USDC (${snap.spend.count} txs)`,
+					...tokenLines.length > 0 ? [`Tokens held: ${tokenLines.join(", ")}`] : []
+				].join("\n"));
+			} catch (err) {
+				return toolResult(`Failed to check balance: ${String(err)}`);
+			}
+		}
+	};
+}
+function createPaymentTool(ctx) {
+	return {
+		name: "x_payment",
+		label: "x402 Payment",
+		description: `Call an x402-enabled paid API endpoint with automatic USDC payment on Solana. Use this when you need to call a paid service given by the user. Note: ${INFERENCE_RESERVE.toFixed(2)} USDC is reserved for LLM inference and cannot be spent by this tool.`,
+		parameters: Type.Object({
+			url: Type.String({ description: "The x402-enabled endpoint URL" }),
+			method: Type.Optional(Type.String({ description: "HTTP method (default: GET)" })),
+			params: Type.Optional(Type.String({ description: "For GET: query params as JSON object. For POST/PUT/PATCH: JSON request body." })),
+			headers: Type.Optional(Type.String({ description: "Custom HTTP headers as JSON object" }))
+		}),
+		async execute(_id, params) {
+			const walletAddress = ctx.getWalletAddress();
+			if (!walletAddress) return toolResult("Wallet not loaded yet. Wait for gateway startup.");
+			try {
+				const { ui } = await getUsdcBalance(ctx.rpcUrl, walletAddress);
+				if (Number.parseFloat(ui) <= INFERENCE_RESERVE) return toolResult(`Insufficient funds. Balance: ${ui} USDC, reserved for inference: ${INFERENCE_RESERVE.toFixed(2)} USDC. Top up wallet: ${walletAddress}`);
+			} catch {}
+			const method = (params.method || "GET").toUpperCase();
+			let url = params.url;
+			const reqInit = { method };
+			if (params.headers) try {
+				reqInit.headers = JSON.parse(params.headers);
+			} catch {
+				return toolResult("Invalid headers JSON.");
+			}
+			if (params.params) if (method === "GET" || method === "HEAD") try {
+				const qp = JSON.parse(params.params);
+				const qs = new URLSearchParams(qp).toString();
+				url = qs ? `${url}${url.includes("?") ? "&" : "?"}${qs}` : url;
+			} catch {
+				return toolResult("Invalid params JSON for GET request.");
+			}
+			else {
+				reqInit.body = params.params;
+				reqInit.headers = {
+					"Content-Type": "application/json",
+					...reqInit.headers
+				};
+			}
+			const toolStartMs = Date.now();
+			try {
+				const response = await ctx.proxy.x402Fetch(url, reqInit);
+				const body = await response.text();
+				if (response.status === 402) {
+					ctx.proxy.shiftPayment();
+					appendHistory(ctx.historyPath, {
+						t: Date.now(),
+						ok: false,
+						kind: "x402_payment",
+						net: SOL_MAINNET,
+						from: walletAddress,
+						label: url,
+						ms: Date.now() - toolStartMs,
+						error: "payment_required"
+					});
+					return toolResult(`Payment failed (402): ${body.substring(0, 500)}. Wallet: ${walletAddress}`);
+				}
+				const payment = ctx.proxy.shiftPayment();
+				const amount = paymentAmount(payment);
+				appendHistory(ctx.historyPath, {
+					t: Date.now(),
+					ok: true,
+					kind: "x402_payment",
+					net: SOL_MAINNET,
+					from: walletAddress,
+					to: payment?.payTo,
+					tx: extractTxSignature(response),
+					amount,
+					token: "USDC",
+					label: url,
+					ms: Date.now() - toolStartMs
+				});
+				const truncated = body.length > MAX_RESPONSE_CHARS ? `${body.substring(0, MAX_RESPONSE_CHARS)}\n\n[Truncated - response was ${body.length} chars]` : body;
+				return toolResult(`HTTP ${response.status}\n\n${truncated}`);
+			} catch (err) {
+				ctx.proxy.shiftPayment();
+				appendHistory(ctx.historyPath, {
+					t: Date.now(),
+					ok: false,
+					kind: "x402_payment",
+					net: SOL_MAINNET,
+					from: walletAddress,
+					label: params.url,
+					error: String(err).substring(0, 200)
+				});
+				const msg = String(err);
+				return toolResult(msg.includes("Simulation failed") || msg.includes("insufficient") ? `Payment failed - insufficient funds. Wallet: ${walletAddress}. Error: ${msg}` : `Request failed: ${msg}`);
+			}
+		}
+	};
+}
+
+//#endregion
+//#region src/openclaw/commands.ts
+const HISTORY_PAGE_SIZE = 5;
+const STATUS_HISTORY_COUNT = 3;
+const INLINE_HISTORY_TOKEN_THRESHOLD = 3;
+const TOKEN_SYMBOL_CACHE_MAX = 200;
+const tokenSymbolCache = /* @__PURE__ */ new Map();
+async function resolveTokenSymbols(mints) {
+	const result = /* @__PURE__ */ new Map();
+	const toResolve = [];
+	for (const m of mints) {
+		const cached = tokenSymbolCache.get(m);
+		if (cached) result.set(m, cached);
+		else toResolve.push(m);
+	}
+	if (toResolve.length === 0) return result;
+	try {
+		const res = await globalThis.fetch(`https://api.dexscreener.com/tokens/v1/solana/${toResolve.join(",")}`, { signal: AbortSignal.timeout(5e3) });
+		if (!res.ok) return result;
+		const pairs = await res.json();
+		for (const pair of pairs) {
+			const addr = pair.baseToken?.address;
+			const sym = pair.baseToken?.symbol;
+			if (addr && sym && toResolve.includes(addr)) {
+				if (tokenSymbolCache.size >= TOKEN_SYMBOL_CACHE_MAX) {
+					const oldest = tokenSymbolCache.keys().next();
+					if (!oldest.done) tokenSymbolCache.delete(oldest.value);
+				}
+				tokenSymbolCache.set(addr, sym);
+				result.set(addr, sym);
+			}
+		}
+	} catch {}
+	return result;
+}
+async function handleSend(parts, wallet, signer, rpc, histPath) {
+	if (!signer) return { text: "Wallet not loaded yet. Please wait for the gateway to finish starting." };
+	if (parts.length !== 2) return { text: "Usage: `/x_wallet send <amount|all> <address>`\n\n  `/x_wallet send 0.5 7xKXtg...`\n  `/x_wallet send all 7xKXtg...`" };
+	const [amountStr, destAddr] = parts;
+	if (destAddr.length < 32 || destAddr.length > 44) return { text: `Invalid Solana address: ${destAddr}` };
+	try {
+		if (!await checkAtaExists(rpc, destAddr)) return { text: "Recipient does not have a USDC token account.\nThey need to receive USDC at least once to create one." };
+		let amountRaw;
+		let amountUi;
+		if (amountStr.toLowerCase() === "all") {
+			const balance = await getUsdcBalance(rpc, wallet);
+			if (balance.raw === 0n) return { text: "Wallet has no USDC to send." };
+			amountRaw = balance.raw;
+			amountUi = balance.ui;
+		} else {
+			const amount = Number.parseFloat(amountStr);
+			if (Number.isNaN(amount) || amount <= 0) return { text: `Invalid amount: ${amountStr}` };
+			amountRaw = BigInt(Math.round(amount * 1e6));
+			amountUi = amount.toString();
+		}
+		const sig = await transferUsdc(signer, rpc, destAddr, amountRaw);
+		appendHistory(histPath, {
+			t: Date.now(),
+			ok: true,
+			kind: "transfer",
+			net: SOL_MAINNET,
+			from: wallet,
+			to: destAddr,
+			tx: sig,
+			amount: Number.parseFloat(amountUi),
+			token: "USDC",
+			label: `${destAddr.slice(0, 4)}...${destAddr.slice(-4)}`
+		});
+		return { text: `Sent ${amountUi} USDC to \`${destAddr}\`\n[View transaction](https://solscan.io/tx/${sig})` };
+	} catch (err) {
+		appendHistory(histPath, {
+			t: Date.now(),
+			ok: false,
+			kind: "transfer",
+			net: SOL_MAINNET,
+			from: wallet,
+			to: destAddr,
+			token: "USDC",
+			error: String(err).substring(0, 200)
+		});
+		const msg = String(err);
+		const detail = err.cause?.message || msg;
+		if (detail.includes("insufficient") || detail.includes("lamports")) return { text: "Send failed - insufficient SOL for fees\nBalance too low for transaction fees. Fund wallet with SOL." };
+		return { text: `Send failed: ${detail}` };
+	}
+}
+function handleHistory(histPath, page) {
+	const records = readHistory(histPath);
+	const totalTxs = records.length;
+	const start = (page - 1) * HISTORY_PAGE_SIZE;
+	const fromEnd = totalTxs - start;
+	const pageRecords = records.slice(Math.max(0, fromEnd - HISTORY_PAGE_SIZE), fromEnd).reverse();
+	if (pageRecords.length === 0) return { text: page === 1 ? "No transactions yet." : "No more transactions." };
+	const lines = [`**History** (${start + 1}-${start + pageRecords.length})`, ""];
+	for (const r of pageRecords) lines.push(formatTxLine(r));
+	const nav = [];
+	if (page > 1) nav.push(`Newer: \`/x_wallet history${page === 2 ? "" : ` ${page - 1}`}\``);
+	if (start + HISTORY_PAGE_SIZE < totalTxs) nav.push(`Older: \`/x_wallet history ${page + 1}\``);
+	if (nav.length > 0) lines.push("", nav.join(" · "));
+	return { text: lines.join("\n") };
+}
+function createWalletCommand(ctx) {
+	return {
+		name: "x_wallet",
+		description: "Wallet status, balance, send USDC, transaction history",
+		acceptsArgs: true,
+		handler: async (cmdCtx) => {
+			const walletAddress = ctx.getWalletAddress();
+			if (!walletAddress) return { text: "Wallet not loaded yet. Please wait for the gateway to finish starting." };
+			const parts = (cmdCtx.args?.trim() ?? "").split(/\s+/).filter(Boolean);
+			if (parts[0]?.toLowerCase() === "send") return handleSend(parts.slice(1), walletAddress, ctx.getSigner(), ctx.rpcUrl, ctx.historyPath);
+			if (parts[0]?.toLowerCase() === "history") {
+				const pageArg = parts[1];
+				const page = pageArg ? Math.max(1, Number.parseInt(pageArg, 10) || 1) : 1;
+				return handleHistory(ctx.historyPath, page);
+			}
+			try {
+				const snap = await getWalletSnapshot(ctx.rpcUrl, walletAddress, ctx.historyPath);
+				const solscanUrl = `https://solscan.io/account/${walletAddress}`;
+				const lines = [`x402-proxy v0.7.1`];
+				const defaultModel = ctx.allModels[0];
+				if (defaultModel) lines.push("", `**Model** - ${defaultModel.name} (${defaultModel.provider})`);
+				lines.push("", `**[Wallet](${solscanUrl})**`, `\`${walletAddress}\``);
+				lines.push("", `  ${snap.sol} SOL`, `  ${snap.ui} USDC`);
+				if (snap.spend.today > 0) lines.push(`  -${snap.spend.today.toFixed(2)} USDC today`);
+				if (snap.tokens.length > 0) {
+					const displayTokens = snap.tokens.slice(0, 10);
+					const symbols = await resolveTokenSymbols(displayTokens.map((t) => t.mint));
+					lines.push("", "**Tokens**");
+					for (const t of displayTokens) {
+						const label = symbols.get(t.mint) ?? `${t.mint.slice(0, 4)}...${t.mint.slice(-4)}`;
+						const amt = Number.parseFloat(t.amount).toLocaleString("en-US", { maximumFractionDigits: 0 });
+						lines.push(`  ${amt} ${label}`);
+					}
+					if (snap.tokens.length > 10) lines.push(`  ...and ${snap.tokens.length - 10} more`);
+				}
+				if (snap.tokens.length <= INLINE_HISTORY_TOKEN_THRESHOLD) {
+					const recentRecords = snap.records.slice(-STATUS_HISTORY_COUNT).reverse();
+					if (recentRecords.length > 0) {
+						lines.push("", "**Recent**");
+						for (const r of recentRecords) lines.push(formatTxLine(r));
+					}
+				}
+				lines.push("", "History: `/x_wallet history`");
+				if (ctx.dashboardUrl) lines.push(`[Dashboard](${ctx.dashboardUrl})`);
+				return { text: lines.join("\n") };
+			} catch (err) {
+				return { text: `Failed to check balance: ${String(err)}` };
+			}
+		}
+	};
+}
+
+//#endregion
+//#region src/openclaw/route.ts
+function createX402RouteHandler(opts) {
+	const { upstreamOrigin, proxy, getWalletAddress, historyPath, allModels, logger } = opts;
+	return async (req, res) => {
+		const url = new URL(req.url ?? "/", "http://localhost");
+		const walletAddress = getWalletAddress();
+		if (!walletAddress) {
+			res.writeHead(503, { "Content-Type": "application/json" });
+			res.end(JSON.stringify({ error: {
+				message: "Wallet not loaded yet",
+				code: "not_ready"
+			} }));
+			return;
+		}
+		const pathSuffix = url.pathname.slice(5);
+		const upstreamUrl = upstreamOrigin + pathSuffix + url.search;
+		logger.info(`x402: intercepting ${upstreamUrl.substring(0, 80)}`);
+		const chunks = [];
+		for await (const chunk of req) chunks.push(Buffer.from(chunk));
+		let body = Buffer.concat(chunks).toString("utf-8");
+		const HOP_BY_HOP = new Set([
+			"authorization",
+			"host",
+			"connection",
+			"content-length",
+			"transfer-encoding",
+			"keep-alive",
+			"te",
+			"upgrade"
+		]);
+		const headers = {};
+		for (const [key, val] of Object.entries(req.headers)) {
+			if (HOP_BY_HOP.has(key)) continue;
+			if (typeof val === "string") headers[key] = val;
+		}
+		const isChatCompletion = pathSuffix.includes("/chat/completions");
+		let thinkingMode;
+		if (isChatCompletion && body) try {
+			const parsed = JSON.parse(body);
+			if (parsed.reasoning_effort) thinkingMode = String(parsed.reasoning_effort);
+			if (!parsed.stream_options) {
+				parsed.stream_options = { include_usage: true };
+				body = JSON.stringify(parsed);
+			}
+		} catch {}
+		const method = req.method ?? "GET";
+		const startMs = Date.now();
+		try {
+			const response = await proxy.x402Fetch(upstreamUrl, {
+				method,
+				headers,
+				body: ["GET", "HEAD"].includes(method) ? void 0 : body
+			});
+			if (response.status === 402) {
+				const responseBody = await response.text();
+				logger.error(`x402: payment failed, raw response: ${responseBody}`);
+				const payment = proxy.shiftPayment();
+				const amount = paymentAmount(payment);
+				appendHistory(historyPath, {
+					t: Date.now(),
+					ok: false,
+					kind: "x402_inference",
+					net: SOL_MAINNET,
+					from: walletAddress,
+					to: payment?.payTo,
+					amount,
+					token: amount != null ? "USDC" : void 0,
+					ms: Date.now() - startMs,
+					error: "payment_required"
+				});
+				let userMessage;
+				if (responseBody.includes("simulation") || responseBody.includes("Simulation")) userMessage = `Insufficient USDC or SOL in wallet ${walletAddress}. Fund it with USDC (SPL token) to pay for inference.`;
+				else if (responseBody.includes("insufficient") || responseBody.includes("balance")) userMessage = `Insufficient funds in wallet ${walletAddress}. Top up with USDC on Solana mainnet.`;
+				else userMessage = `x402 payment failed: ${responseBody.substring(0, 200) || "unknown error"}. Wallet: ${walletAddress}`;
+				res.writeHead(402, { "Content-Type": "application/json" });
+				res.end(JSON.stringify({ error: {
+					message: userMessage,
+					type: "x402_payment_error",
+					code: "payment_failed"
+				} }));
+				return;
+			}
+			if (!response.ok && isChatCompletion) {
+				const responseBody = await response.text();
+				logger.error(`x402: upstream error ${response.status}: ${responseBody.substring(0, 300)}`);
+				const payment = proxy.shiftPayment();
+				const amount = paymentAmount(payment);
+				appendHistory(historyPath, {
+					t: Date.now(),
+					ok: false,
+					kind: "x402_inference",
+					net: SOL_MAINNET,
+					from: walletAddress,
+					to: payment?.payTo,
+					amount,
+					token: amount != null ? "USDC" : void 0,
+					ms: Date.now() - startMs,
+					error: `upstream_${response.status}`
+				});
+				res.writeHead(502, { "Content-Type": "application/json" });
+				res.end(JSON.stringify({ error: {
+					message: `LLM provider temporarily unavailable (HTTP ${response.status}). Try again shortly.`,
+					type: "x402_upstream_error",
+					code: "upstream_failed"
+				} }));
+				return;
+			}
+			logger.info(`x402: response ${response.status}`);
+			const txSig = extractTxSignature(response);
+			const payment = proxy.shiftPayment();
+			const amount = paymentAmount(payment);
+			const resHeaders = {};
+			for (const [key, val] of response.headers.entries()) resHeaders[key] = val;
+			res.writeHead(response.status, resHeaders);
+			if (!response.body) {
+				res.end();
+				appendHistory(historyPath, {
+					t: Date.now(),
+					ok: true,
+					kind: "x402_inference",
+					net: SOL_MAINNET,
+					from: walletAddress,
+					to: payment?.payTo,
+					tx: txSig,
+					amount,
+					token: "USDC",
+					ms: Date.now() - startMs
+				});
+				return;
+			}
+			const ct = response.headers.get("content-type") || "";
+			const isSSE = isChatCompletion && ct.includes("text/event-stream");
+			let lastDataLine = "";
+			let residual = "";
+			const reader = response.body.getReader();
+			const decoder = new TextDecoder();
+			try {
+				while (true) {
+					const { done, value } = await reader.read();
+					if (done) break;
+					res.write(value);
+					if (isSSE) {
+						const lines = (residual + decoder.decode(value, { stream: true })).split("\n");
+						residual = lines.pop() ?? "";
+						for (const line of lines) if (line.startsWith("data: ") && line !== "data: [DONE]") lastDataLine = line.slice(6);
+					}
+				}
+			} finally {
+				reader.releaseLock();
+			}
+			res.end();
+			const durationMs = Date.now() - startMs;
+			if (isSSE && lastDataLine) try {
+				const parsed = JSON.parse(lastDataLine);
+				const usage = parsed.usage;
+				const model = parsed.model ?? "";
+				appendHistory(historyPath, {
+					t: Date.now(),
+					ok: true,
+					kind: "x402_inference",
+					net: SOL_MAINNET,
+					from: walletAddress,
+					to: payment?.payTo,
+					tx: txSig,
+					amount,
+					token: "USDC",
+					provider: allModels.find((m) => m.id === model || `${m.provider}/${m.id}` === model)?.provider,
+					model,
+					inputTokens: usage?.prompt_tokens ?? 0,
+					outputTokens: usage?.completion_tokens ?? 0,
+					reasoningTokens: usage?.completion_tokens_details?.reasoning_tokens,
+					cacheRead: usage?.prompt_tokens_details?.cached_tokens,
+					cacheWrite: usage?.prompt_tokens_details?.cache_creation_input_tokens,
+					thinking: thinkingMode,
+					ms: durationMs
+				});
+			} catch {
+				appendHistory(historyPath, {
+					t: Date.now(),
+					ok: true,
+					kind: "x402_inference",
+					net: SOL_MAINNET,
+					from: walletAddress,
+					to: payment?.payTo,
+					tx: txSig,
+					amount,
+					token: "USDC",
+					ms: durationMs
+				});
+			}
+			else appendHistory(historyPath, {
+				t: Date.now(),
+				ok: true,
+				kind: "x402_inference",
+				net: SOL_MAINNET,
+				from: walletAddress,
+				to: payment?.payTo,
+				tx: txSig,
+				amount,
+				token: "USDC",
+				ms: durationMs
+			});
+			return;
+		} catch (err) {
+			const msg = String(err);
+			logger.error(`x402: fetch threw: ${msg}`);
+			proxy.shiftPayment();
+			appendHistory(historyPath, {
+				t: Date.now(),
+				ok: false,
+				kind: "x402_inference",
+				net: SOL_MAINNET,
+				from: walletAddress,
+				ms: Date.now() - startMs,
+				error: msg.substring(0, 200)
+			});
+			let userMessage;
+			if (msg.includes("Simulation failed") || msg.includes("simulation")) userMessage = `Insufficient USDC or SOL in wallet ${walletAddress}. Fund it with USDC and SOL to pay for inference.`;
+			else if (msg.includes("Failed to create payment")) userMessage = `x402 payment creation failed: ${msg}. Wallet: ${walletAddress}`;
+			else userMessage = `x402 request failed: ${msg}`;
+			if (!res.headersSent) {
+				res.writeHead(402, { "Content-Type": "application/json" });
+				res.end(JSON.stringify({ error: {
+					message: userMessage,
+					type: "x402_payment_error",
+					code: "payment_failed"
+				} }));
+			}
+		}
+	};
+}
+
+//#endregion
+//#region src/openclaw/plugin.ts
+function parseProviders(config) {
+	const raw = config.providers ?? {};
+	const models = [];
+	const upstreamOrigins = [];
+	for (const [name, prov] of Object.entries(raw)) {
+		if (prov.upstreamUrl) upstreamOrigins.push(prov.upstreamUrl);
+		for (const m of prov.models) models.push({
+			...m,
+			provider: name
+		});
+	}
+	return {
+		models,
+		upstreamOrigins
+	};
+}
+function register(api) {
+	const config = api.pluginConfig ?? {};
+	const explicitKeypairPath = config.keypairPath;
+	const rpcUrl = config.rpcUrl || "https://api.mainnet-beta.solana.com";
+	const dashboardUrl = config.dashboardUrl || "";
+	const { models: allModels, upstreamOrigins } = parseProviders(config);
+	if (allModels.length === 0) {
+		api.logger.error("x402-proxy: no providers configured");
+		return;
+	}
+	const raw = config.providers ?? {};
+	for (const [name, prov] of Object.entries(raw)) api.registerProvider({
+		id: name,
+		label: `${name} (x402)`,
+		auth: [],
+		models: {
+			baseUrl: prov.baseUrl,
+			api: "openai-completions",
+			authHeader: false,
+			models: prov.models
+		}
+	});
+	api.logger.info(`x402-proxy: ${Object.keys(raw).join(", ")} - ${allModels.length} models, ${upstreamOrigins.length} x402 endpoints`);
+	let walletAddress = null;
+	let signerRef = null;
+	let proxyRef = null;
+	let walletLoading = false;
+	const historyPath = getHistoryPath();
+	async function ensureWalletLoaded() {
+		if (walletLoading || walletAddress) return;
+		walletLoading = true;
+		let signer;
+		try {
+			if (explicitKeypairPath) {
+				signer = await loadSvmWallet(explicitKeypairPath.startsWith("~/") ? join(homedir(), explicitKeypairPath.slice(2)) : explicitKeypairPath);
+				walletAddress = signer.address;
+			} else {
+				const resolution = resolveWallet();
+				if (resolution.source === "none" || !resolution.solanaKey || !resolution.solanaAddress) {
+					walletLoading = false;
+					api.logger.error("x402-proxy: no wallet found. Run `x402-proxy setup` to create one, or set X402_PROXY_WALLET_MNEMONIC env var.");
+					return;
+				}
+				signer = await createKeyPairSignerFromBytes(resolution.solanaKey);
+				walletAddress = resolution.solanaAddress;
+			}
+			signerRef = signer;
+			api.logger.info(`x402: wallet ${walletAddress}`);
+		} catch (err) {
+			walletLoading = false;
+			api.logger.error(`x402: failed to load wallet: ${err}`);
+			return;
+		}
+		const client = new x402Client();
+		client.register(SOL_MAINNET, new ExactSvmScheme(signer, { rpcUrl }));
+		proxyRef = createX402ProxyHandler({ client });
+		const upstreamOrigin = upstreamOrigins[0];
+		if (upstreamOrigin) {
+			const handler = createX402RouteHandler({
+				upstreamOrigin,
+				proxy: proxyRef,
+				getWalletAddress: () => walletAddress,
+				historyPath,
+				allModels,
+				logger: api.logger
+			});
+			api.registerHttpRoute({
+				path: "/x402",
+				match: "prefix",
+				auth: "plugin",
+				handler
+			});
+			api.logger.info(`x402: HTTP route registered for ${upstreamOrigin}`);
+		}
+	}
+	ensureWalletLoaded();
+	api.registerService({
+		id: "x402-wallet",
+		async start() {
+			await ensureWalletLoaded();
+		},
+		async stop() {}
+	});
+	const toolCtx = {
+		getWalletAddress: () => walletAddress,
+		getSigner: () => signerRef,
+		rpcUrl,
+		historyPath,
+		get proxy() {
+			if (!proxyRef) throw new Error("x402 proxy not initialized yet");
+			return proxyRef;
+		},
+		allModels
+	};
+	api.registerTool(createBalanceTool(toolCtx));
+	api.registerTool(createPaymentTool(toolCtx));
+	const cmdCtx = {
+		getWalletAddress: () => walletAddress,
+		getSigner: () => signerRef,
+		rpcUrl,
+		dashboardUrl,
+		historyPath,
+		allModels
+	};
+	api.registerCommand(createWalletCommand(cmdCtx));
+}
+
+//#endregion
+export { register };