agent-payment-mcp — LemonCake
Give your AI agent a wallet — with a kill switch.
JWT-based Pay Tokens + USDC micropayments for autonomous AI agents. No signup. No API keys.
npx agent-payment-mcpboots in Demo Mode instantly.
📚 Docs · 🚀 Quickstart · 📧 Contact
Public website, Discord, and Twitter are launching alongside public beta. For now,please reach out via email — we reply within 1 business day.
↑ An agent calling a paid API via a Pay Token. Balance drops in real time. Kill Switch stops it in one click.
⚡️ 60-second quickstart
# 1. Register at https://lemoncake.xyz, grab a BUYER_JWT
# 2. Issue a Pay Token (scoped, expiring, revocable)
curl -X POST https://lemoncake.xyz/api/tokens \
-H "Authorization: Bearer $BUYER_JWT" \
-H "Content-Type: application/json" \
-d '{"serviceId":"svc_xxx","limitUsdc":"2.00","sandbox":true}'
# → { "jwt": "<pay_token>", ... }
# 3. Hand it to your agent. Done.
# Claude / Cursor:
npx agent-payment-mcp
# Eliza v2:
npm install eliza-plugin-lemoncake
# Anything else:
curl -X POST https://lemoncake.xyz/api/proxy/svc_xxx/your/endpoint \
-H "Authorization: Bearer <pay_token>" \
-H "Idempotency-Key: $(uuidgen)"
Budget exhausted? 402. Token revoked? 422. No runaway agents. No stolen keys.
What is LemonCake?
LLM agents are getting powerful — but they still can't pay for things autonomously.
LemonCake solves this with Pay Tokens: short-lived JWTs that give an agent a scoped spending limit. The agent calls paid APIs through our proxy, gets charged per call in USDC, and stops automatically when the budget runs out.
You Agent Paid API
│ │ │
├─ issue Pay Token ──▶ │ │
│ limit: $2.00 │ │
│ ├─ call /api/proxy ────▶ │
│ │ Authorization: Bearer <pay_token>
│ │ │
│ │ ◀─ response + charge ─┤
│ │ X-Charge-Id: ch_... │
│ │ X-Amount-Usdc: 0.001 │
│ │ │
│ ├─ (budget exhausted) │
│ │ 402 Payment Required │
│ ✗ agent stops cleanly │
🔌 Integrations
MCP サーバー — agent-payment-mcp
Claude Desktop・Cursor に npx 一発で接続できる公式 MCP サーバー。Demo Mode で env vars 空のまま動作(Wikipedia / FX / httpbin が即試せる)。x402-compatible interface。
npx agent-payment-mcp
旧パッケージ名
lemon-cake-mcpは薄いラッパーとして維持中なので、既存のnpx -y lemon-cake-mcpconfigs もそのまま動きます(stderr に deprecation 通知のみ)。
claude_desktop_config.json に追記するだけ:
{
"mcpServers": {
"pay-per-call": {
"command": "npx",
"args": ["-y", "agent-payment-mcp"],
"env": {
"LEMON_CAKE_PAY_TOKEN": "<Pay Token JWT>",
"LEMON_CAKE_BUYER_JWT": "<Buyer JWT>"
}
}
}
}
| ツール | 説明 |
|---|---|
setup |
認証状態の確認と設定手順のガイド(認証不要) |
list_services |
マーケットプレイスの承認済み API 一覧を取得 |
call_service |
Pay Token で課金 API をプロキシ呼び出し |
check_balance |
USDC 残高・KYC ティアを確認 |
Eliza v2 プラグイン — eliza-plugin-lemoncake
@elizaos/core v2 対応の公式プラグイン。character.plugins に追加するだけで Eliza エージェントが自律決済を実行できます。
npm install eliza-plugin-lemoncake
import { lemonCakePlugin } from "eliza-plugin-lemoncake";
const character = {
name: "MyAgent",
plugins: [lemonCakePlugin],
};
# どちらか一方を設定
LEMONCAKE_PAY_TOKEN=eyJhbGci... # クイックスタート(事前発行トークン)
LEMONCAKE_BUYER_JWT=eyJhbGci... # 本番運用(呼び出しごとに都度発行)
自然言語でそのまま動く:
"LemonCake の demo_search_api を 0.50 USDC で呼び出して"
"serviceId: svc_invoice に 0.10 USDC 支払いを実行して"
| アクション | 説明 |
|---|---|
EXECUTE_LEMONCAKE_PAYMENT |
メインアクション。serviceId + limitUsdc を指定して M2M 決済を実行 |
PAY_WITH_LEMONCAKE / M2M_PAYMENT など |
自然言語トリガー用エイリアス(similes) |
→ 詳細: eliza-plugin-lemoncake/README.md
✨ Features
Packages (5)
| Package | What it does |
|---|---|
agent-payment-mcp |
Pay-per-call USDC for any HTTP API. Demo Mode: Wikipedia / FX / httpbin, no signup. |
xstocks-mcp |
Buy tokenized stocks (AAPLx, TSLAx, SPYx…) via Jupiter DEX on Solana. No broker. |
alpaca-guard-mcp |
Trade US stocks via Alpaca Markets with per-session spend caps and kill switch. |
tokenized-stock-mcp |
Buy Dinari dShares (tokenized US stocks) with USDC. Sandbox default. |
@lemon-cake/mcp-sdk |
SDK for MCP developers — add pay-per-call billing to your own MCP server in 3 lines. |
For AI Agents (Buyers)
- Pay Token (JWT) — Scoped, expiring spend authorization. One token per task or session.
- 402-first design — Agents receive structured
402 Payment Requirederrors with machine-readable codes when budget runs out. - Idempotency keys — Prevent double charges on retries (auto-assigned by plugins).
- Real-time balance — Check remaining USDC before committing to expensive calls.
- Kill Switch — Atomic one-click token revocation. Race-condition-free.
For API Providers (Sellers)
- Service registry — Register any REST API. Set price-per-call in USDC.
- Instant revenue — Get paid per call with no invoicing, no net-30, no chargebacks.
- Usage analytics — See call counts, revenue, and error rates per service.
Infrastructure
- JPYC on-chain deposit — Charge balance with JPYC (Polygon ERC-20). Auto-verified via TX hash.
- KYA (Know Your Agent) — Tiered spending limits: 10 → 1,000 → 50,000 USDC/day.
🏗 Architecture
┌──────────────────────────────────────────────────────────┐
│ lemoncake.xyz │
│ │
│ ┌─────────────┐ ┌──────────────┐ ┌─────────────┐ │
│ │ Dashboard │ │ Hono API │ │ Pay Proxy │ │
│ │ (Next.js) │◀──▶│ + OpenAPI │◀──│ Middleware │ │
│ └─────────────┘ └──────┬───────┘ └─────────────┘ │
│ │ │
│ ┌────────────┼────────────┐ │
│ ▼ ▼ ▼ │
│ PostgreSQL Redis Polygon │
│ (Prisma) (Queue) USDC / JPYC │
└──────────────────────────────────────────────────────────┘
▲ ▲
│ │
MCP / Eliza Upstream APIs
(Claude, Cursor, Eliza...) (registered services)
Key design decisions:
- HMAC-SHA256 (HS256, RFC 7518) for JWT signing today; Ed25519 (EdDSA, RFC 8037) migration planned for v0.1.0 to enable asymmetric verification by external partners
- Optimistic locking on
usedUsdc— prevents double charges under concurrent agent calls - Proxy-first — upstream API keys never leave the server; agents only hold Pay Tokens
🔌 Public API (selected endpoints)
Full OpenAPI spec available at
/api/docafter signing in.
Auth
POST /api/auth/register
{ "name": "string", "email": "string", "password": "string (min 8)" }
→ { "token": "<buyer_jwt>", "expiresIn": 2592000 }
POST /api/auth/buyer-login
{ "email": "string", "password": "string" }
→ { "token": "<buyer_jwt>" }
Tokens (Pay Token)
POST /api/tokens
Authorization: Bearer <buyer_jwt>
{
"serviceId": "<id>",
"limitUsdc": "5.00",
"buyerTag": "my-agent-session-42",
"expiresAt": "2026-05-01T00:00:00Z"
}
→ { "tokenId": "...", "jwt": "<pay_token>", "limitUsdc": "5.000000", "expiresAt": "..." }
Proxy (Pay-per-call)
ANY /api/proxy/<serviceId>/<upstream-path>
Authorization: Bearer <pay_token>
Idempotency-Key: <uuid>
→ upstream response
+ X-Charge-Id: ch_...
+ X-Amount-Usdc: 0.001000
Error responses:
{ "error": "Token limit exceeded", "used": "4.999", "limit": "5.000" } // 402
{ "error": "Insufficient balance: 1.23 USDC available" } // 402
{ "error": "Token expired" } // 401
Services
GET /api/services?reviewStatus=APPROVED&limit=50
→ [{ "id": "...", "name": "...", "pricePerCallUsdc": "0.001", ... }]
🧑💻 Local Development
# 1. Clone
git clone https://github.com/evidai/agent-payment-mcp.git
cd agent-payment-mcp
# 2. API server
cd api
cp .env.example .env
npm install && npx prisma migrate dev
npm run dev # http://localhost:3000
# 3. Dashboard
cd ../dashboard
cp .env.example .env.local # NEXT_PUBLIC_API_URL=http://localhost:3000
npm install && npm run dev # http://localhost:3001
# 4. MCP server
cd ../mcp-server
npm install && npm run build
# 5. Eliza plugin
cd ../eliza-plugin-lemoncake
npm install && npm run build
Seed demo data
node api/seed_demo.js
# Creates demo provider, 4 approved services, and 9,000+ sample charge records
🛡 Security
- Brute-force protection — 10 failed logins triggers a 15-minute lockout per email
- Pay Token scoping — Each token is bound to a single
serviceId; cross-service reuse is rejected - No JWT storage — Only the
jti(token ID) is stored in the DB; the signed JWT never persists - CSRF protection — OAuth state parameter with 10-minute TTL and single-use consumption
- On-chain deposit verification — JPYC transfers are verified against Polygon event logs before balance is credited
🗺 Roadmap
Shipped:
- agent-payment-mcp — USDC pay-per-call for any HTTP API, Demo Mode included
- xstocks-mcp — Jupiter DEX xStocks (AAPLx/TSLAx/SPYx) on Solana mainnet
- alpaca-guard-mcp — Alpaca Markets proxy with spend caps and kill switch
- tokenized-stock-mcp — Dinari dShares with USDC, sandbox default
- @lemon-cake/mcp-sdk — SDK for MCP developers to add Pay Token billing in 3 lines
- Kill Switch — atomic one-click token revocation (race-condition-free)
- KYA (Know Your Agent) — tiered spending limits: 10 → 1,000 → 50,000 USDC/day
- Sandbox / Demo Mode — full-flow dry-run without moving real USDC
- JPYC on-chain deposit with Polygon event-log verification
Next:
- Panic button — revoke all active tokens for a buyer in one click
- LemonCake marketplace — register and monetize any REST API
- Streaming / token-count billing for LLM APIs
- Agent-to-agent sub-token delegation (parent caps child)
- Self-hostable edition
📄 License
Proprietary — All rights reserved © 2026 LemonCake MCP server and Eliza plugin source are available for review. Core API and payment engine are closed source.
Built for the agentic web. lemoncake.xyz
