MCP + Verify-Before-Act Agent Starter Kit

Give your AI agent a wallet — and make it verify before it acts.

A runnable kit that lets an agent buy data per-call over MCP, verify the receipt before acting, and refuse tampered or forged bytes — behind a hard spend cap, dry-run by default. The packages are free MIT; this sells you the wired-up assembly and the foot-guns it avoids.

one-time $39 See how it works

Runs green offline · dry-run by default · Claude Desktop / Code / Cursor · npx-runnable demo

The money moves. Your agent still has to trust the bytes — and not overspend.

An agent that can sign payments is one bug away from two bad days: acting on tampered data, or burning the wallet. Payment rails prove the money moved. They don't gate the response — or the spend. This kit does both.

x402 / pay rails

"Did money move?"

USDC settles per call. The payment is proven — but not the bytes returned, or what the agent spends next.

the agent

"What stops a bad call?"

A wallet wired to an autonomous loop needs a gate and a ceiling. Code, not vibes, has to stop it.

ForeSeal kit

"Verify, then act — capped."

A fail-closed receipt check plus a per-call and total spend cap. Refuse bad bytes; stay inside a ceiling you set.

What's in the kit

  • config/

    Drop-in MCP config for Claude Desktop, Claude Code, and Cursor — wire the server to a dedicated wallet in one paste.

  • src/verify-before-act.ts

    The gate, run fully offline (no wallet, no network) — accepts genuine bytes, refuses tampered + forged.

  • src/guard.ts

    assertBuyVerified fails closed on the receipt; SpendGuard caps per-call & total USDC, dry-run by default.

  • src/agent-buy-verify.ts

    A runnable MCP-client loop: connect → free discovery → spend-capped buy → verify → act or refuse.

  • README.md + INTEGRATE.md

    Wire each client, set your caps, and go live on Base mainnet (real USDC) — step by step.

  • verified, end-to-end

    npm install 0 vulns · npm run verify green · dry-run agent connects to 15 tools, 22 feeds.

Three steps

1

Wire the server into your client

// claude_desktop_config.json { "mcpServers": { "byte-protocol": { "command": "npx", "args": ["-y", "byte-mcp-server"], "env": { "PRIVATE_KEY": "0x<dedicated wallet>" } }}}
2

The agent buys — capped, dry-run first

buy · USDC, capped verify receipt ACT/REFUSE

The SpendGuard caps each call and the run total before it signs anything, and stays dry-run until you opt in.

3

Verify before acting — fail closed

const ok = assertBuyVerified(toolResult); // throws unless verified // …safe to act on ok.data // catch ReceiptRefused → refuse: tampered / forged / no receipt

What the receipt proves — and doesn't

PROVES

The bytes are authentic and unaltered, delivered by the attester you pinned. Tamper-evident, signer-pinned, recomputable.

DOESN'T

That the data is correct — provenance, not truth. And the spend cap bounds loss up to the ceiling you set; it isn't a guarantee, and no software cap helps if the key leaks. Fund a dedicated wallet thin.

Questions

Aren't the packages free?
Yes — byte-mcp-server and @payperbyte/sdk are MIT on npm. You can wire them yourself. This kit is the assembly, the fail-closed guard, the spend cap, and a runnable example — it sells you the afternoon and the foot-guns.
Will it spend my money?
Not unless you opt in. The example is dry-run by default — it connects and shows the loop without paying. Add --live with a funded, dedicated wallet to make one real, spend-capped purchase.
What if a response doesn't verify?
assertBuyVerified throws ReceiptRefused — your agent refuses and never acts on it. byte_buy_data also fails closed server-side, so an unverified response surfaces as a tool error.
Which clients does it support?
Claude Desktop, Claude Code, and Cursor — drop-in config for each. Any MCP client works; the kit's example drives the server over stdio directly.
What's the license?
Commercial, single-purchaser for the kit's own code. The npm packages keep their own MIT licenses.

Give your agent a wallet — with guardrails.

Verify-before-act plus a spend cap, wired into your MCP client. npx @foreseal/demo to see the gate first.