x402scan-mcp 0.0.2 → 0.0.3

package/dist/index.js

@@ -1014,6 +1014,170 @@ function registerExecuteCallTool(server) {
   );
 }
 
+// src/tools/siwe.ts
+import { z as z4 } from "zod";
+import { SiweMessage, generateNonce } from "siwe";
+var CHAIN_IDS = {
+  mainnet: 1,
+  base: 8453,
+  "base-sepolia": 84532,
+  optimism: 10,
+  arbitrum: 42161,
+  polygon: 137,
+  sepolia: 11155111
+};
+function registerCreateSiweProofTool(server) {
+  server.tool(
+    "create_siwe_proof",
+    "Create a SIWE (Sign-In with Ethereum) proof for wallet authentication. Returns a proof string to use in X-SIWE-PROOF header.",
+    {
+      domain: z4.string().describe(
+        'Domain requesting auth (e.g., "localhost:3000" or "stablestudio.io")'
+      ),
+      uri: z4.string().url().describe('Full URI of the API (e.g., "http://localhost:3000")'),
+      statement: z4.string().optional().default("Authenticate to API").describe("Human-readable statement"),
+      chainId: z4.number().optional().describe(
+        "Chain ID (default: 8453 for Base). Common IDs: 1=mainnet, 8453=base, 84532=base-sepolia, 10=optimism"
+      ),
+      chain: z4.enum(["mainnet", "base", "base-sepolia", "optimism", "arbitrum", "polygon", "sepolia"]).optional().describe("Chain name (alternative to chainId). Default: base"),
+      expirationMinutes: z4.number().optional().default(60).describe("Proof validity in minutes")
+    },
+    async ({ domain, uri, statement, chainId, chain, expirationMinutes }) => {
+      try {
+        const { account, address } = await getOrCreateWallet();
+        const resolvedChainId = chainId ?? (chain ? CHAIN_IDS[chain] : CHAIN_IDS.base);
+        const siweMessage = new SiweMessage({
+          domain,
+          address,
+          statement,
+          uri,
+          version: "1",
+          chainId: resolvedChainId,
+          nonce: generateNonce(),
+          issuedAt: (/* @__PURE__ */ new Date()).toISOString(),
+          expirationTime: new Date(
+            Date.now() + expirationMinutes * 60 * 1e3
+          ).toISOString()
+        });
+        const message = siweMessage.prepareMessage();
+        const signature = await account.signMessage({ message });
+        const proof = JSON.stringify({
+          message: JSON.stringify(siweMessage),
+          signature
+        });
+        return mcpSuccess({
+          proof,
+          address,
+          chainId: resolvedChainId,
+          expiresAt: siweMessage.expirationTime,
+          usage: "Add to request headers as: X-SIWE-PROOF: <proof>"
+        });
+      } catch (err) {
+        return mcpError(err, { tool: "create_siwe_proof" });
+      }
+    }
+  );
+}
+
+// src/tools/fetch_with_siwe.ts
+import { z as z5 } from "zod";
+import { SiweMessage as SiweMessage2, generateNonce as generateNonce2 } from "siwe";
+var CHAIN_IDS2 = {
+  mainnet: 1,
+  base: 8453,
+  "base-sepolia": 84532,
+  optimism: 10,
+  arbitrum: 42161,
+  polygon: 137,
+  sepolia: 11155111
+};
+async function createSiweProof(account, domain, uri, chainId) {
+  const siweMessage = new SiweMessage2({
+    domain,
+    address: account.address,
+    statement: "Authenticate to API",
+    uri,
+    version: "1",
+    chainId,
+    nonce: generateNonce2(),
+    issuedAt: (/* @__PURE__ */ new Date()).toISOString(),
+    expirationTime: new Date(Date.now() + 36e5).toISOString()
+  });
+  const message = siweMessage.prepareMessage();
+  const signature = await account.signMessage({ message });
+  return JSON.stringify({
+    message: JSON.stringify(siweMessage),
+    signature
+  });
+}
+function registerFetchWithSiweTool(server) {
+  server.tool(
+    "fetch_with_siwe",
+    "Make an HTTP request with automatic SIWE wallet authentication. Useful for APIs that require wallet ownership proof.",
+    {
+      url: z5.string().url().describe("The URL to fetch"),
+      method: z5.enum(["GET", "POST", "PUT", "DELETE", "PATCH"]).optional().default("GET"),
+      body: z5.unknown().optional().describe("Request body for POST/PUT/PATCH"),
+      headers: z5.record(z5.string()).optional().describe("Additional headers"),
+      siweHeader: z5.string().optional().default("X-SIWE-PROOF").describe("Header name for SIWE proof"),
+      chainId: z5.number().optional().describe(
+        "Chain ID for SIWE proof (default: 8453 for Base). Common IDs: 1=mainnet, 8453=base, 84532=base-sepolia"
+      ),
+      chain: z5.enum(["mainnet", "base", "base-sepolia", "optimism", "arbitrum", "polygon", "sepolia"]).optional().describe("Chain name (alternative to chainId). Default: base")
+    },
+    async ({ url, method, body, headers, siweHeader, chainId, chain }) => {
+      try {
+        const { account } = await getOrCreateWallet();
+        const parsedUrl = new URL(url);
+        const resolvedChainId = chainId ?? (chain ? CHAIN_IDS2[chain] : CHAIN_IDS2.base);
+        const proof = await createSiweProof(
+          account,
+          parsedUrl.host,
+          parsedUrl.origin,
+          resolvedChainId
+        );
+        const response = await fetch(url, {
+          method,
+          headers: {
+            "Content-Type": "application/json",
+            [siweHeader]: proof,
+            ...headers
+          },
+          body: body ? JSON.stringify(body) : void 0
+        });
+        const responseHeaders = Object.fromEntries(response.headers.entries());
+        if (!response.ok) {
+          let errorBody;
+          try {
+            errorBody = await response.json();
+          } catch {
+            errorBody = await response.text();
+          }
+          return mcpError(`HTTP ${response.status}`, {
+            statusCode: response.status,
+            headers: responseHeaders,
+            body: errorBody
+          });
+        }
+        let data;
+        const contentType = response.headers.get("content-type");
+        if (contentType?.includes("application/json")) {
+          data = await response.json();
+        } else {
+          data = await response.text();
+        }
+        return mcpSuccess({
+          statusCode: response.status,
+          headers: responseHeaders,
+          data
+        });
+      } catch (err) {
+        return mcpError(err, { tool: "fetch_with_siwe", url });
+      }
+    }
+  );
+}
+
 // src/index.ts
 async function main() {
   log.clear();
@@ -1026,7 +1190,9 @@ async function main() {
   registerQueryEndpointTool(server);
   registerValidatePaymentTool(server);
   registerExecuteCallTool(server);
-  log.info("Registered 4 tools: check_balance, query_endpoint, validate_payment, execute_call");
+  registerCreateSiweProofTool(server);
+  registerFetchWithSiweTool(server);
+  log.info("Registered 6 tools: check_balance, query_endpoint, validate_payment, execute_call, create_siwe_proof, fetch_with_siwe");
   const transport = new StdioServerTransport();
   await server.connect(transport);
   log.info(`Connected to transport, ready for requests. Log file: ${log.path}`);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "x402scan-mcp",
-  "version": "0.0.2",
+  "version": "0.0.3",
   "description": "Generic MCP server for calling x402-protected APIs with automatic payment handling",
   "type": "module",
   "main": "dist/index.js",
@@ -10,19 +10,11 @@
   "files": [
     "dist"
   ],
-  "scripts": {
-    "build": "tsup",
-    "build:mcpb": "tsx scripts/build-mcpb.ts",
-    "dev": "tsx src/index.ts",
-    "dev:bun": "bun run src/index.ts",
-    "typecheck": "tsc --noEmit",
-    "publish-package": "tsx scripts/publish.ts",
-    "prepublishOnly": "npm run build"
-  },
   "dependencies": {
     "@modelcontextprotocol/sdk": "^1.6.1",
     "@x402/core": "^2.0.0",
     "@x402/evm": "^2.0.0",
+    "siwe": "^2.3.2",
     "viem": "^2.31.3",
     "zod": "^3.25.1"
   },
@@ -50,5 +42,13 @@
   "repository": {
     "type": "git",
     "url": "https://github.com/merit-systems/x402scan-mcp"
+  },
+  "scripts": {
+    "build": "tsup",
+    "build:mcpb": "tsx scripts/build-mcpb.ts",
+    "dev": "tsx src/index.ts",
+    "dev:bun": "bun run src/index.ts",
+    "typecheck": "tsc --noEmit",
+    "publish-package": "tsx scripts/publish.ts"
   }
-}
+}