Provides tools for performing automated safety audits on Solana tokens, allowing AI agents to retrieve risk scores, liquidity analysis, and security flags to identify potential scams and vulnerabilities.
Token RugCheck — Solana Token Safety Audit for AI Agents
We're LIVE on Mainnet! Try it now:
https://rugcheck.aethercore.dev
# Quick test — no setup needed
curl https://rugcheck.aethercore.dev/health
# See the 402 paywall in action
curl https://rugcheck.aethercore.dev/v1/audit/DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263What you get: A three-layer safety audit for any Solana token — machine-readable verdict, LLM-friendly analysis, and raw evidence — all in one API call for $0.02 USDC.
Powered by ag402 on-chain micropayments.
Disclaimer: Not financial advice (NFA). Token safety scores are automated heuristics — may be inaccurate or outdated. DYOR. The authors accept no liability for losses.
Live Demos (Mainnet)
All demos below are real mainnet transactions — left side is the client, right side is the production server logs.
1. Wallet Setup (ag402 setup)
https://github.com/user-attachments/assets/fb6b1ecb-8d42-43b7-9939-4751ca09b63f
2. Auditing a Safe Token (BONK — risk score 3, SAFE)
https://github.com/user-attachments/assets/4b3814ae-96af-496b-86b7-c80cddef1475
3. Auditing a Risky Token (TRUMP — risk score 60, HIGH)
https://github.com/user-attachments/assets/6e359374-8caf-41c7-8bd1-14f63eb6d6e8
How It Works
Your AI Agent RugCheck Service
│ │
│ GET /v1/audit/{mint} │
├─────────────────────────────────────▶│
│ │
│ 402 Payment Required │
│ (pay 0.02 USDC on Solana) │
│◀─────────────────────────────────────┤
│ │
│ USDC payment (on-chain) │
├─────────────────────────────────────▶│
│ │
│ 200 OK + Audit Report │
│◀─────────────────────────────────────┤Input a Solana token mint address → get a three-layer report:
Layer | For | Content |
Action | Machines |
|
Analysis | LLMs | Summary, red flags, green flags |
Evidence | Humans | Price, liquidity, holder distribution, mint/freeze authority, raw data |
Data sources: RugCheck.xyz + DexScreener + GoPlus Security (concurrent fetch, graceful degradation).
Try It Now (3 minutes)
Step 1: Install
pip install "ag402-core[crypto]" httpxStep 2: Set up your wallet
ag402 setup
# Choose: Consumer → Mainnet
# Enter your Solana private key (encrypted locally with AES)
# Set safety limits (default: $10/day max)Step 3: Run an audit
# Command-line test script (included in this repo)
python3 mainnet_buyer_test.py DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263Or in Python:
import asyncio, httpx, ag402_core
ag402_core.enable() # Auto-handles 402 → pay → retry
async def check_token(mint: str):
async with httpx.AsyncClient(timeout=30.0) as client:
resp = await client.get(
f"https://rugcheck.aethercore.dev/v1/audit/{mint}"
)
report = resp.json()
action = report["action"]
if not action["is_safe"]:
print(f"DANGER — risk score {action['risk_score']}/100")
for flag in report["analysis"]["red_flags"]:
print(f" 🚩 {flag['message']}")
else:
print(f"SAFE — {report['analysis']['summary']}")
asyncio.run(check_token("DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263"))Requirements: Your wallet needs USDC (for payments) and a small amount of SOL (for transaction fees, ~0.01 SOL).
mainnet_buyer_test.py — Command-line Audit Tool
A standalone script to audit any Solana token via the paid gateway.
# Audit one token
python3 mainnet_buyer_test.py <mint_address>
# Audit multiple tokens
python3 mainnet_buyer_test.py <mint1> <mint2> <mint3>
# Use a custom gateway
python3 mainnet_buyer_test.py --gateway https://your-server.com <mint>Private key sources (picks the first available):
Priority | Source | Setup |
1 |
|
|
2 |
| Written by |
3 |
| Created by |
# Non-interactive (CI/Docker)
export AG402_UNLOCK_PASSWORD=<wallet_password>
python3 mainnet_buyer_test.py DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263API Reference
Base URL: https://rugcheck.aethercore.dev
Endpoints
Method | Path | Auth | Description |
GET |
| USDC payment | Full safety audit report |
GET |
| None | Service health + upstream status |
GET |
| Loopback only | Request counts + cache hit rate |
GET |
| Loopback only | Prometheus metrics |
GET |
| USDC payment | Deprecated — use |
Audit Response Schema
{
"contract_address": "DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263",
"chain": "solana",
"audit_timestamp": "2026-03-08T12:34:56.789012+00:00",
"degraded": false,
"action": {
"is_safe": true,
"risk_level": "SAFE",
"risk_score": 3
},
"analysis": {
"summary": "No significant risk signals detected. Always do your own research (DYOR).",
"red_flags": [
{"level": "LOW", "message": "Token metadata is mutable — common for Solana tokens."}
],
"green_flags": [
{"message": "Mint authority renounced (Mint Renounced)."},
{"message": "Liquidity pool is sufficiently protected (LP Burned or Locked)."},
{"message": "No freeze authority (Not Freezable)."}
]
},
"evidence": {
"token_name": "Bonk",
"token_symbol": "Bonk",
"price_usd": 0.00012,
"liquidity_usd": 85000000.0,
"is_mintable": false
},
"metadata": {
"data_sources": ["RugCheck", "DexScreener", "GoPlus"],
"data_completeness": "full",
"cache_hit": false,
"data_age_seconds": 0,
"response_time_ms": 738,
"disclaimer": "This report is generated by automated data aggregation. Not financial advice (NFA)."
}
}Key Fields
Field | Type | Description |
|
| Machine-readable verdict |
|
| 0 (safest) to 100 (most dangerous) |
|
|
|
|
|
|
|
|
|
|
|
|
Health Check
# Development mode — detailed info
GET /health → {"status": "ok", "service": "token-rugcheck-mcp", "version": "0.1.0"}
# Production mode (RUGCHECK_PRODUCTION=true) — minimal, no internal details
GET /health → {"status": "ok"}
| Meaning |
| All systems normal |
| Upstream API failures — service continues with available data |
Deployment Guide (Self-hosting)
Automated Deployment: See OPERATIONS.md for one-click scripts and ops runbook.
Architecture
Client (AI Agent)
│ HTTPS
▼
Cloudflare (SSL termination, DDoS protection)
│ HTTP:80
▼
┌─────────────────────────────────────────────┐
│ Docker Compose │
│ ┌─────────────┐ ┌──────────────────┐ │
│ │ ag402-gateway│────▶│ rugcheck-audit │ │
│ │ :80 (public) │ │ :8000 (internal) │ │
│ │ Payment gate │ │ Audit engine │ │
│ └─────────────┘ └──────────────────┘ │
└─────────────────────────────────────────────┘Three Environments
Environment | Blockchain | Real Funds | Use Case |
Test (mock) | None | No | Local dev, CI |
Devnet | Solana Devnet | No (faucet) | Integration testing |
Production | Solana Mainnet | Yes | Live service |
Quick Start — Test Mode (zero config)
pip install -e .
python -m rugcheck.main & # Audit server on :8000
python -m rugcheck.gateway & # Gateway on :8001 (mock payments)
curl http://localhost:8001/v1/audit/DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263Quick Start — Production (Docker)
# 1. One-click deploy to your server
bash scripts/deploy-oneclick.sh
# Or manually:
cp .env.example .env # Edit with your wallet address + keys
docker compose -f docker-compose.yml -f docker-compose.prod.yml up -dProvider .env (Production)
X402_MODE=production
X402_NETWORK=mainnet
AG402_ADDRESS=<your_solana_wallet> # Receives USDC payments
AG402_PRICE=0.02 # USDC per audit
SOLANA_RPC_URL=https://api.mainnet-beta.solana.com # Read-only RPC for payment verification
RUGCHECK_PRODUCTION=true # Disable /docs, harden /health response
UVLOOP_INSTALL=0 # Required: prevents uvloop/aiosqlite crash
# Optional: prepaid fast-path (~1ms per request instead of ~500ms)
# Generate: python -c "import secrets; print(secrets.token_hex(32))"
AG402_PREPAID_SIGNING_KEY=<random_32+_char_key>
# Optional: higher GoPlus rate limits
GOPLUS_APP_KEY=<key>
GOPLUS_APP_SECRET=<secret>Note: As a seller/provider, you do not need
SOLANA_PRIVATE_KEY. The gateway verifies buyer payments via read-only RPC — no signing required.
Consumer Setup
pip install "ag402-core[crypto]" httpx
ag402 setup # Interactive wizard
ag402 status # Verify wallet + balanceimport ag402_core
ag402_core.enable()
# Now all httpx requests auto-handle 402 → pay → retryConfiguration Reference
Service
Variable | Default | Description |
|
| Bind address |
|
| Bind port |
|
|
|
|
|
|
|
| Worker processes |
|
| Cache TTL (short to catch rug pulls) |
|
| Max cached entries (LRU) |
|
| Free requests per IP per day |
|
| Paid requests per IP per minute |
Upstream APIs
Variable | Default | Description |
|
| DexScreener timeout |
|
| GoPlus timeout |
|
| RugCheck timeout |
| — | GoPlus API key (optional) |
| — | GoPlus API secret |
ag402 Payment
Variable | Default | Description |
|
| USDC per request |
| — | Provider wallet (receives payments) |
|
| Gateway port |
| — | HMAC signing key for prepaid fast-path (optional, |
|
|
|
|
|
|
|
| Read-only Solana RPC for payment verification |
Consumer Safety Limits
Variable | Default | Description |
|
| Max daily spend (USD) |
|
| Max per-transaction |
|
| Max spend per minute |
|
| Max transactions per minute |
ag402 CLI Reference
ag402 setup # Interactive setup wizard
ag402 status # Dashboard: mode, wallet, balance
ag402 balance # Check SOL + USDC balance
ag402 doctor # Diagnose environment issues
ag402 history --limit 10 # Recent transactions
ag402 pay <url> # Send a single paid request
ag402 demo # Quick E2E test (mock mode)
ag402 demo --devnet # E2E test with Devnet transactions
ag402 info # Protocol version
# Prepaid packages (v0.1.15+) — pre-purchase call bundles for ~1ms per request
ag402 prepaid buy <gateway_url> <package_id> # Purchase a prepaid package
ag402 prepaid status # List all credentials + remaining calls
ag402 prepaid purge # Remove expired/depleted credentialsDevelopment
pip install -e ".[dev]"
python -m pytest tests/ -v # 118 tests
ruff check src/ tests/ # Lint
python examples/demo_agent.py # E2E demo (direct)
python examples/demo_agent.py --with-gateway # E2E demo (with payment)Project Structure
src/rugcheck/
├── config.py # Environment-based configuration
├── models.py # Pydantic models (report schema)
├── cache.py # Async-safe TTL cache (LRU, asyncio.Lock)
├── server.py # FastAPI app + rate limiter + health checks
├── main.py # Audit server entry point
├── gateway.py # ag402 gateway entry point
├── fetchers/
│ ├── base.py # BaseFetcher ABC
│ ├── goplus.py # GoPlus Security API
│ ├── rugcheck.py # RugCheck.xyz API
│ ├── dexscreener.py # DexScreener API
│ └── aggregator.py # Concurrent fetch + merge
└── engine/
└── risk_engine.py # Deterministic rule-based scoringSecurity
Rate limiting — free: 20/day per IP; paid: 120/min per IP
Trusted proxy model —
CF-Connecting-IPonly trusted from Cloudflare IPsProduction hardening —
/docs,/redoc,/openapi.jsondisabledGateway fail-safe — refuses to start if payment verifier fails in production
Cache isolation — deep-copy on get/set prevents shared state corruption
Degraded short-TTL — incomplete reports cached only 10s
Prometheus path normalization — prevents cardinality explosion
Upstream protection —
Semaphore(20)+max_connections=50Error sanitization — never exposes internal paths
Troubleshooting
Problem | Cause | Fix |
| Expected — gateway requires USDC payment | Use |
| Wallet SOL too low for ATA creation | Send ≥ 0.01 SOL to your wallet |
| Solana network confirmation timeout | Retry — transient network issue |
| Missing crypto deps |
|
| Missing crypto deps |
|
Gateway keeps restarting | Missing | Check |
Health returns | Upstream APIs failing | Service continues with available sources — check |
License
MIT
This server cannot be installed
Resources
Looking for Admin?
Admins can modify the Dockerfile, update the server description, and track usage metrics. If you are the server author, to access the admin panel.