Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions packages/x402-mcp/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,11 @@
# Changelog

## 0.11.0

- Trust query-string variants of a query-free catalog URL after the same live
money-field verification, via `openpay-x402-sdk` 0.2.x.
- Preserve all MCP tool names, descriptions, and input schemas byte-for-byte.

## 0.10.0

- Delegate payment execution, catalog resolution, guards, payment wire handling,
Expand Down
5 changes: 4 additions & 1 deletion packages/x402-mcp/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -173,10 +173,13 @@ Ordering flow (autonomous): `find_shops` → `order_menu` → pick items → `or
| `STEWARD_SIGNER_SECRET` | unset | Required when `SIGNER_MODE=steward`; scoped signer secret. Treated as a secret. |
| `MAX_PER_CALL_JPYC` | `10` | Upper bound for the tool call's required `maxTotalJpyc`. |
| `MAX_SESSION_JPYC` | `100` | Process-lifetime cumulative cap for successful `x402_pay` calls. Restarting the process resets it. |
| `CATALOG_TRUST` | `true` | When true, URLs listed (exact match) in the OpenPay discovery catalog are payable without editing `ALLOWED_HOSTS`. Before signing, the live `accepts` fetched from a catalog URL is checked field-by-field (asset / forwarder / merchant / fee receiver / amounts) against the catalog listing (server-authored), so a third-party domain cannot bait-and-switch a different destination; mismatches are refused (`catalog_accept_mismatch`). Money caps still apply. Set `false` for strict manual allowlisting. |
| `CATALOG_TRUST` | `true` | When true, URLs listed in the OpenPay discovery catalog are payable without editing `ALLOWED_HOSTS`. Before signing, the live `accepts` fetched from a catalog URL is checked field-by-field (asset / forwarder / merchant / fee receiver / amounts) against the catalog listing (server-authored), so a third-party domain cannot bait-and-switch a different destination; mismatches are refused (`catalog_accept_mismatch`). Money caps still apply. Set `false` for strict manual allowlisting. |
| `ALLOWED_HOSTS` | `open-pay.jp` | Comma-separated bare host allowlist. `x402_quote` still works outside the list but returns `host_not_allowed`. |
| `DISCOVERY_URL` | `https://open-pay.jp/api/discovery` | Catalog used by `discovery_search`. |

Query string variants of a query-free listed URL are trusted after the same
money-field verification; query-bearing catalog entries remain exact-only.

## Signer Modes

`env-key` is the default zero-config mode. It is convenient for local testing and should use a dedicated low-balance wallet.
Expand Down
12 changes: 6 additions & 6 deletions packages/x402-mcp/package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions packages/x402-mcp/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "openpay-x402-mcp",
"version": "0.10.0",
"version": "0.11.0",
"description": "Local MCP buyer for OpenPay x402 JPYC resources",
"type": "module",
"bin": {
Expand All @@ -20,7 +20,7 @@
},
"dependencies": {
"@modelcontextprotocol/sdk": "^1.18.0",
"openpay-x402-sdk": "^0.1.0",
"openpay-x402-sdk": "^0.2.0",
"viem": "^2.45.0"
}
}
Loading