tate@programs ~/tools/x402-surface-check manifest / challenge / launch surface

x402 surface check / may 2026

Inspect the public payment surface before a real agent spends.

Paste a manifest, OpenAPI spec, direct endpoint, 402 challenge, MPP payment header, or x402 V2 requirements header. The check looks for HTTP resource leaks, missing price fields, inconsistent networks, placeholder payees, staging rails, browser payment-header blockers, and payment metadata risks. It never sends payment headers and never attempts a paid call.

run surface check npm cli github agensi skill mcp wrapper mcp registry marketplace action commerce gate $49 quick pass $299 fix sprint sample report checklist batch settlement worker guide attack map

mode: no payment
input: manifest / endpoint
output: patch order

x402 surface

$ npx --yes x402-surface-check \
  --endpoint --method POST https://x402.rpc.ankr.com/eth
document: direct endpoint
challenge: mpp, amount, payTo, asset
rails: production, not staging
browser: method surface mapped
result: markdown patch queue

cli

Run the same no-payment pass from the CLI.

The package is dependency-free and reads manifests, OpenAPI specs, Streamable HTTP MCP tool catalogs, route catalogs, item catalogs, agent catalogs with agents[].tools[].resourceUrl, endpoint-bearing tool maps, string-valued endpoint maps, nested discovery links, framework-wrapped challenge bodies such as {"detail": {...}}, or direct paid endpoints. It never sends payment headers, signs, or attempts paid calls. Current reports include grouped findings, cache-policy maps, browser-readable challenge/session headers, x402/MPP retry-header preflight, MPP descriptor-only 402 detection, accept-leg resource binding, timeout/expiry metadata, payment-metadata privacy findings for prompt/user context and token-like values, optional --strict-cache findings for missing policy headers, optional --strict-proof findings for idempotency and signed offer/receipt evidence, and contextual guide links for CORS, cache, Worker gates, resource echo, metadata boundaries, replay windows, and validation/auth ordering.

npm

npx --yes x402-surface-check https://api.example.com/.well-known/x402
npx --yes x402-surface-check https://api.example.com/openapi.json report.md
npx --yes x402-surface-check --endpoint --method POST https://x402.rpc.ankr.com/eth
npx --yes x402-surface-check --strict-cache https://api.example.com/openapi.json
npx --yes x402-surface-check --strict-proof https://api.example.com/openapi.json

github action

- uses: TateLyman/x402-surface-check-action@v1
  with:
    target: https://api.example.com/.well-known/x402
    origin: https://app.example.com
    strict-cache: true
    output: x402-surface-report.md

external proof

Recent checks are turning into shipped fixes.

The strongest proof is public builder response: issues reproduced, patches landed, and follow-up checks closing the loop without paid calls or wallet signatures.

latent bug

anchor-x402 middleware order

The provider confirmed the CORS middleware-order finding was real, patched it, and called the scanner catch the one that mattered.

builder acknowledgement

cors shipped

x402watch 402 responses

The provider added browser-readable CORS headers directly on 402 responses after the review isolated the actual-challenge path; the follow-up pass now checks clean.

clean re-check

ready

KR Crypto Intelligence

After re-verification, the provider marked both audit items resolved and ready for maintainers to merge.

resolved note

clarity

Mycelium Oasis

The review led to canonical resource metadata, payment-rail clarity, browser-readable 402s, and a final public preflight fix.

final re-check

clean

AlgoVoi Agent Trust Bench

Three no-payment passes converged on zero findings after the builder patched discovery, browser preflight, cache controls, and resource echoes across sampled rails.

builder validation

landed

Cryptorefills live checkout

A live x402 demo fix was verified against the merchant API, re-authored by the maintainer, and landed on master with credit after the no-payment diagnosis found the sample order blocker.

landed credit

fixed

Sentinel reputation API

The builder patched browser payment headers and HTTPS resource binding, then a fresh external pass confirmed the P1 findings were fixed on the public edge.

fixed re-check

fresh

Phoenix Zero sequencer health

A same-day registry PR received a launch-readiness pass that confirmed the Base x402 gate and isolated missing OpenAPI, resource URL, and browser-agent CORS gaps before merge.

first pass

ecosystem

Coinbase x402 listings

Fresh partner listings now have public no-payment proof notes across route catalogs, OpenAPI docs, Base/Solana rails, browser payment headers, and cache/resource-binding launch edges. DPX and Sentinel show the response loop: public notes, same-day fixes, and clean no-payment re-checks.

DPX resolved re-check Jorkal proof note Sentinel fixed re-check Agiotage follow-up MEV Intelligence first pass docpull proof note

same-day

LogicNodes Bazaar catalog

A live Coinbase x402 ecosystem PR exposed 256 Bazaar-style resources. The current build detects FastAPI-style nested 402 challenge bodies and isolates browser CORS, preflight, cache-policy, metadata-privacy, and discovery-surface notes without paid calls.

LogicNodes proof note

spend caps

Dynamic Agent Payments

The auto-fund PR turns a 402 challenge into a Checkout swap and signed payment. The public code pass isolated the missing hard caps, permissive unknown-network fallback, and first-accept selection risk before that path becomes the default agent behavior.

spend-control review

sdk ci

Nevermined Visa x402

The Python Visa/card-delegation mirror failed e2e because the stricter payment-method provider type rejected backend erc4337 rows. The note narrowed the patch to summary typing and the remaining uint256 serialization failure.

Visa x402 review

field notes

Recent public checks have caught real launch edges.

The useful signal is narrow: no-payment probes, reproducible commands, and fixes that make public payment surfaces easier for wallets and agents to trust.

fixed

TensorFeed premium routes

Eleven parameter-required routes were moved behind canonical x402 V2 challenges after no-payment probes found validation-first gaps.

final verification

signal

Builder proof

TensorFeed called the checker "load-bearing" for catching audit gaps after repeated fixes made the public surface read clean.

public reply

cors

MadeOnSol browser path

A public Solana x402 surface returned clean 402 pricing, but preflight did not allow `X-PAYMENT` before the payment challenge.

surface note

fixed

x402jp weather routes

Weather endpoints that returned 500 now return structured Base x402 challenges across the sampled manifest.

fix verification

mpp

MetEngine data agent

OpenAPI probes found coherent Solana x402 and payment-header alternatives, plus a browser preflight blocker to fix or document.

surface note

multi-rail

KR Crypto Intelligence

After the first pass, sampled paid routes now return clean x402 challenges with browser preflight and resource URLs aligned.

fix verification

pricing

Vegacore document services

No-payment probes found live document-analysis challenges and a public price mismatch between PAY.md and the `doc-compliance` API.

surface note

clean

UZPROOF verify

The paid verify endpoint now exposes canonical Solana x402 pricing, browser payment headers, and an MPP `Payment` challenge path from no-payment probes.

fix verification

price drift

HYRE Agent

The 10x OpenAPI/live price drift was fixed; sampled Solana routes now match live 402 challenge prices.

fix verification

clean

anchor-x402

After a middleware-order fix, sampled routes now return browser-readable preflight and actual 402 payment challenges with route-level resource echo.

fix verification

clean

Agent Trust Bench

The adversarial payment bench now returns browser-readable preflight, no-store 402s, body-level x402 fields, and matching canonical plus extra resource echoes across sampled profiles.

clean final pass

discovery

EconDash macro data

OpenAPI discovery, preflight, no-store policy, and resource echo are fixed; actual 402 responses still need browser-readable CORS.

follow-up note

transfer

paysh-send private transfer

The Solana transfer gate returns a live x402 challenge, but browser preflight, no-store policy, and canonical resource binding need tightening before wallet-facing use.

surface note

private inference

Solrouter inference

The private LLM inference route returns live Solana x402 challenges, while HTTPS resource binding and price copy need one alignment pass.

surface note

checkout

Cryptorefills shopping

The Solana checkout manifest links to OpenAPI, and example-driven probes found the order path touching upstream stock before a 402 challenge.

surface note

receipt

Settle sandbox

Three devnet proxy endpoints return structured x402 challenges with capability hashes before execution; preflight/header discovery is the remaining polish.

surface note

analytics

Nansen API

Follow-up probes confirmed the sampled paid analytics routes still return coherent x402 challenges, while the auth-only account route is no longer advertised as paid.

fix verification

market data

Blocksize market data

Final no-payment re-check shows sampled market-data routes now pass resource binding, browser-readable 402s, exposed payment headers, and no-store cache posture.

final clean re-check

ecosystem

x402watch analytics

OpenAPI metadata, resource echo, POST preflight, and actual 402 browser-readable CORS now check clean on the sampled paid routes.

clean re-check

headers

SolSentry x402 stats

A live endpoint returned stats with no payment challenge while headers advertised enforced x402, and browser preflight omitted the documented payment header. The check is now covered in 0.2.24.

surface note

mpp

ClawdMarket MCP gate

A paid MCP route failed closed with 402 and discovery headers, but did not return a usable MPP retry challenge in the response. The check is now covered in 0.2.36.

surface note

compliance

AlgoVoi compliance gate

The unsupported-network fixture and browser preflight were fixed; no-payment checks now hit the intended verdict and payment-header path.

fix verification

market data

Tetrac market data

Ten sampled read routes return coherent Solana x402 challenges; the browser contract needs `x-x402-payment` added to allowed headers.

surface note

resources

three.ws resources

The live `resources[]` catalog returns ten paid x402 challenges; PAY.md, OpenAPI, live discovery, and third-party browser origin handling need alignment.

surface note

mpp

Top Ledger wallet data

Documented wallet routes return MPP challenges at `$0.0004`; public discovery and browser payment-header preflight need a launch pass.

surface note

checkout

Purch marketplace

Search, shop, and vault search return x402 challenges at fixed prices; HTTPS resource binding and dynamic-buy ordering need polish.

surface note

gateway

Orion memecoin safety

Gateway routes return MPP challenges before data; OpenAPI rail metadata, discovery, route scope, and browser-readable 402 CORS need alignment.

surface note

devtools

Boundary Guard x402

Resource binding, sidecar scope, and health-probe boundaries were fixed; sampled paid REST routes now read clean.

fix verification

macro data

Stratum macro data

Fresh May 16 probes found live macro x402 routes with Solana accept legs; listing scope and multi-rail clarity need cleanup.

surface note

audit trail

Mycelium Oasis

The resource URL, actual 402 CORS headers, and browser OPTIONS preflight now check clean; the listing also separates testnet payment from mainnet audit anchoring.

final re-check

payai

PayAI provider set

Xona sampled paid routes return coherent Solana challenges; a 0.2.17 recheck narrowed BlockRun concerns to price, image examples, and browser/server clarity.

follow-up note

gig escrow

MoltyCash gigs

The `gig.create` gate is live, browser-readable, and exposes Solana mainnet USDC; the public note isolated dynamic-fee clarity and resource-echo polish.

surface note

manifest

Fresh manifest shapes

Endpoint arrays, Streamable HTTP MCP tools/list catalogs, routes[] catalogs, resources[] catalogs, agent catalogs with agents[].tools[].resourceUrl, endpoint-bearing tools maps, string-valued endpoint maps, raw resource URL strings, item catalogs, string and nested discovery links, OpenAPI server base paths, paid-operation prioritization, nested request schemas, explicit direct-endpoint bodies, framework-wrapped challenge bodies, schemes[] challenges, declared-price drift, x402 V2 requirements headers, MPP descriptor-only 402s, cache-control posture, accept-leg resource binding, timeout/expiry metadata, payment-metadata privacy leaks, optional strict-cache findings, optional strict-proof idempotency and signed offer/receipt findings, credential-like registry URL params with redacted report output, browser-readable 402 CORS gaps, and legacy decimal x402 v1 challenges are parsed because live providers are already shipping those shapes. MCP tool-name arrays are kept as tool metadata unless a tool entry includes an actual endpoint path or URL.

current npm build

Manifest, OpenAPI, or direct paid endpoint URL

URL mode Treat the URL as one paid endpoint instead of a discovery document. Direct endpoint method

Direct endpoint JSON body

Paste manifest or OpenAPI JSON Paste 402 challenge JSON Paste WWW-Authenticate payment header

Manual proof Challenges use HTTPS resource URLs in every field. Browser clients can send the required payment header. Manifest networks match the live payment challenges. Payment metadata is documented and minimized. Payment-gated responses bypass shared caches or use no-store/private. Mutating paid routes use payment identifiers or another idempotency key. Signed offers or receipts create portable proof of terms and delivery. Failed, expired, duplicate, and disputed payments are documented.

what it checks

The public surface should tell wallets exactly what is being bought.

402

Challenge shape

Amount, asset, network, payTo, resource URL, and timeout should be present before any client signs or pays.

https

Canonical resources

Resource URLs should use HTTPS and match the endpoint a wallet or facilitator is actually paying for.

cors

Browser payment path

If the public flow expects browser clients, the API must allow the payment header path it documents.

cache

Shared-cache boundary

Paid routes should avoid public cache policy, and protected responses should use no-store/private or bypass shared proxy caches. The CLI defaults to warning on explicitly cacheable gates; --strict-cache also flags missing policy headers when a team wants a research-grade hardening pass.

proof

Receipts and idempotency

Mutating paid routes should expose a retry-safe payment identifier path, and production launches should make signed offers or receipts available when buyers need audit or dispute evidence.

scope

Metadata boundary

The CLI now redacts and flags sensitive resource query fields, emails, SSN-like strings, token-like values, prompts, private user content, internal IDs, and broad query context.

private pass

Need the external pass against a live x402 launch?

Start with a $49 quick proof pass for one public surface, scope the full $149 review when the project needs a spend map and patch order, or use the $299 fix sprint for one authorized blocker.

view sample report attack map fix sprint pay $49 quick pass send scope