Give your AI agent a wallet — and make it verify before it acts.
A runnable kit that lets an agent buy data per-call over MCP, verify the receipt before acting, and refuse tampered or forged bytes — behind a hard spend cap, dry-run by default. The packages are free MIT; this sells you the wired-up assembly and the foot-guns it avoids.
Runs green offline · dry-run by default · Claude Desktop / Code / Cursor · npx-runnable demo
verify-before-act gate: genuine → ACT paid $0.001000 · signed by the pinned attester tampered → REFUSE HASH MISMATCH — do not act spend cap: authorize "weather" ≤ $0.01 → declined (DRY RUN — not spending) connected over MCP — 15 tools · byte_list_feeds → 22 feeds (free)
The money moves. Your agent still has to trust the bytes — and not overspend.
An agent that can sign payments is one bug away from two bad days: acting on tampered data, or burning the wallet. Payment rails prove the money moved. They don't gate the response — or the spend. This kit does both.
"Did money move?"
USDC settles per call. The payment is proven — but not the bytes returned, or what the agent spends next.
"What stops a bad call?"
A wallet wired to an autonomous loop needs a gate and a ceiling. Code, not vibes, has to stop it.
"Verify, then act — capped."
A fail-closed receipt check plus a per-call and total spend cap. Refuse bad bytes; stay inside a ceiling you set.
What's in the kit
-
config/Drop-in MCP config for Claude Desktop, Claude Code, and Cursor — wire the server to a dedicated wallet in one paste.
-
src/verify-before-act.tsThe gate, run fully offline (no wallet, no network) — accepts genuine bytes, refuses tampered + forged.
-
src/guard.tsassertBuyVerifiedfails closed on the receipt;SpendGuardcaps per-call & total USDC, dry-run by default. -
src/agent-buy-verify.tsA runnable MCP-client loop: connect → free discovery → spend-capped buy → verify → act or refuse.
-
README.md + INTEGRATE.mdWire each client, set your caps, and go live on Base mainnet (real USDC) — step by step.
-
verified, end-to-endnpm install0 vulns ·npm run verifygreen · dry-run agent connects to 15 tools, 22 feeds.
Three steps
Wire the server into your client
The agent buys — capped, dry-run first
The SpendGuard caps each call and the run total before it signs anything, and stays dry-run until you opt in.
Verify before acting — fail closed
What the receipt proves — and doesn't
The bytes are authentic and unaltered, delivered by the attester you pinned. Tamper-evident, signer-pinned, recomputable.
That the data is correct — provenance, not truth. And the spend cap bounds loss up to the ceiling you set; it isn't a guarantee, and no software cap helps if the key leaks. Fund a dedicated wallet thin.
Questions
Aren't the packages free?
byte-mcp-server and @payperbyte/sdk are MIT on npm. You can wire them yourself. This kit is the assembly, the fail-closed guard, the spend cap, and a runnable example — it sells you the afternoon and the foot-guns.Will it spend my money?
--live with a funded, dedicated wallet to make one real, spend-capped purchase.What if a response doesn't verify?
assertBuyVerified throws ReceiptRefused — your agent refuses and never acts on it. byte_buy_data also fails closed server-side, so an unverified response surfaces as a tool error.Which clients does it support?
What's the license?
Give your agent a wallet — with guardrails.
Verify-before-act plus a spend cap, wired into your MCP client. npx @foreseal/demo to see the gate first.