x402 MCP Proxy
Provides access to CoinMarketCap data through a proxy that automatically handles x402 payments, enabling AI agents to query cryptocurrency market data on a pay-per-request basis.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@x402 MCP ProxyWhat's the current price of Bitcoin?"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
x402 MCP Proxy
A local MCP (Model Context Protocol) proxy that connects to remote MCP servers and automatically handles x402 payments. When a remote MCP tool triggers an HTTP 402 response, the proxy signs a USDC payment on-chain and retries — transparently, with no changes needed on the client side.
How It Works
┌─────────────┐ stdio ┌──────────────┐ HTTP + x402 ┌──────────────┐
│ AI Client │ ◄──────────────► │ x402 Proxy │ ◄────────────────► │ Remote MCP A │
│ (Claude, etc)│ │ (this repo) │ ├──────────────┤
└─────────────┘ │ │ ◄────────────────► │ Remote MCP B │
└──────────────┘ └──────────────┘The proxy connects to one or more remote MCP servers (via Streamable HTTP or SSE).
It discovers their tools and re-exposes them to the AI client over stdio, prefixed by server name (e.g.
cmc_get_quotes).When a tool call returns HTTP 402, the proxy intercepts it, signs an EIP-3009
transferWithAuthorization(USDC on Base), and retries automatically.
Related MCP server: agent-discovery-mcp
Quick Start
1. Install
git clone https://github.com/coinmarketcap-official/x402-mcp-proxy.git
cd x402-mcp-proxy
pnpm install2. Configure Remote MCPs
Create x402-mcps.json in the project root (see x402-mcps.example.json):
{
"x402mcpServers": [
{
"url": "https://pro.coinmarketcap.com/x402/mcp",
"prefix": "cmc"
},
{
"url": "https://other-mcp.example.com/mcp",
"prefix": "other",
"headers": {
"Authorization": "Bearer your_token"
}
}
]
}Or pass it as an environment variable (prefix, url pairs):
export X402_REMOTE_MCPS="cmc,https://pro.coinmarketcap.com/x402/mcp"3. Configure Wallet
Copy .env.example to .env and add at least one private key:
cp .env.example .envEVM_PRIVATE_KEY=0xYOUR_PRIVATE_KEY_HEREThe EVM wallet needs USDC on Base for x402 payments. Solana (SVM) is also supported.
4. Run
pnpm dev # development (tsx)
pnpm build && pnpm start # production5. Connect from an AI Client
Claude Desktop (claude_desktop_config.json):
{
"mcpServers": {
"x402": {
"command": "npx",
"args": ["tsx", "/path/to/x402-mcp-proxy/src/index.ts"],
"env": {
"EVM_PRIVATE_KEY": "0x...",
"X402_REMOTE_MCPS": ["cmc", "https://pro.coinmarketcap.com/x402/mcp"]
}
}
}
}Cursor (.cursor/mcp.json):
{
"mcpServers": {
"x402": {
"command": "npx",
"args": ["tsx", "/path/to/x402-mcp-proxy/src/index.ts"],
"env": {
"EVM_PRIVATE_KEY": "0x...",
"X402_REMOTE_MCPS": ["cmc", "https://pro.coinmarketcap.com/x402/mcp"]
}
}
}
}You can also point to a config file for more advanced options (custom headers, etc.):
"X402_CONFIG": "/path/to/x402-mcps.json"Configuration Reference
Remote MCP Servers
Source | Description |
| Flat pair list: |
| Custom path to a JSON config file |
| Default config file in project root |
Env var format — prefix/url pairs, no headers support:
["cmc", "https://pro.coinmarketcap.com/x402/mcp"]Config file format — full control with headers:
{
"x402mcpServers": [
{
"prefix": "cmc",
"url": "https://pro.coinmarketcap.com/x402/mcp"
},
{
"prefix": "other",
"url": "https://other.example.com/mcp",
"headers": { "Authorization": "Bearer xxx" }
}
]
}Wallet Keys
Env Variable | Description |
| EVM private key (0x-prefixed hex). Used for USDC payments on Base. |
| Solana private key (base58-encoded). Used for USDC payments on Solana. |
At least one key is required for x402 payment handling.
Payment Safety Limits
The proxy validates every 402 payment request before signing. All limits are configurable via environment variables:
Env Variable | Default | Description |
|
| Maximum amount per single request (in asset smallest unit) |
|
| Maximum cumulative spend per proxy session |
|
| Comma-separated allowlist of CAIP-2 network IDs |
| Base USDC, Solana USDC | Comma-separated allowlist of asset contract addresses |
If a 402 response requests an amount, network, or asset outside these limits, the proxy rejects the payment and returns the raw 402 to the client without signing anything. Session spend resets when the proxy process restarts.
What is x402?
x402 is an open protocol by Coinbase that enables instant, pay-per-request API access using stablecoin payments over HTTP. When an API returns HTTP 402, the client signs a USDC transfer authorization, and the server's facilitator executes the on-chain payment only after successfully delivering the response.
Key properties:
No subscription needed — pay per request with USDC
Pay only on success — if the server fails to return data, the signed authorization expires unused and no payment is deducted
Works on Base (EVM) and Solana
Project Structure
x402-mcp-proxy/
├── src/index.ts # Proxy entry point
├── x402-mcps.example.json # Example remote MCP config
├── .env.example # Example environment variables
├── package.json
├── tsconfig.json
└── LICENSE # MITSecurity Considerations
Trust Model
This proxy is designed to run locally on your own machine as a stdio-based MCP server. The AI client (Claude, Cursor, etc.) communicates with it over stdin/stdout — there is no network listener. Authentication between the client and the proxy is therefore handled by OS-level process isolation.
If you deploy this proxy in a shared or multi-user environment (e.g., a server accessed by multiple users), you should add an authentication layer in front of it. The default stdio transport is not designed for that use case.
Private Key Storage
Private keys are loaded from environment variables (typically a .env file). For personal / development use this is acceptable, but for production or high-value wallets consider:
OS keychain integration (macOS Keychain, Linux secret-service)
Hardware wallets or cloud KMS (AWS KMS, GCP Cloud KMS)
Encrypted env files with a passphrase
Never commit .env files containing real private keys to version control.
Built-in Protections
The proxy ships with several safety checks enabled by default:
Per-request amount cap — rejects 402 responses that request more than the configured limit
Session spending cap — stops signing once cumulative spend reaches the threshold
Network & asset allowlists — only pays on explicitly permitted chains and tokens
HTTPS enforcement — warns at startup if any remote MCP URL uses an insecure protocol (non-localhost HTTP)
Sanitised error output — internal error details are not leaked to clients
Structured payment audit log — every signed payment is logged to stderr with amount, network, asset, recipient, and target URL
License
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/openCMC/x402-mcp-proxy'
If you have feedback or need assistance with the MCP directory API, please join our Discord server