Stellar Agent Merchant Lab
Enables AI agents to purchase resources using USDC on the Stellar testnet via the Merchant Payment Protocol (MPP). Provides tools for resource listing, quoting, and payment handling.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Stellar Agent Merchant Labshow me available resources"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Stellar Agent Merchant Lab
Independent Stellar testnet merchant for reproducible agent purchase validation.
Merchant Lab is the seller-side counterpart to Stellar Agent Spend Hub. An agent discovers resources through MCP, receives a machine-readable quote, requests a purchase URL, handles an MPP 402 Payment Required challenge, and receives a resource plus a privacy-safe merchant receipt.
The local mode is explicitly simulated. It never emits a transaction hash or claims settlement. Real testnet settlement activates only with official Stellar MPP configuration, a separate merchant account, and atomic Upstash storage.
Why a separate project
A buyer paying a seller in another repository, process, deployment, and Stellar account proves more than an application calling itself. Merchant Lab creates that independent trust boundary and doubles as a reusable Provider Kit acceptance harness.
flowchart LR
Agent["AI agent"] --> MCP["Merchant MCP quote"]
MCP --> URL["Purchase URL"]
URL --> Challenge["MPP 402"]
Challenge --> Hub["Spend Hub policy"]
Hub --> Human["Human confirmation"]
Human --> Merchant["Merchant USDC account"]
Merchant --> Delivery["Resource and receipt"]Related MCP server: MCP Money
Current capabilities
Three machine-purchasable resources priced from
0.001to0.01 USDC.Provider definition at
/.well-known/agent-provider.json.MCP stdio and stateless Streamable HTTP transports.
Official Stellar MPP Charge integration for testnet USDC.
Local
402 -> credential -> delivery -> receiptsimulation.One-time local credentials and replay rejection.
Eight adversarial scenarios for buyer-policy tests.
Sanitized merchant receipts with no PII, secrets, XDR, or fake hashes.
Stateless checksummed simulated receipts that survive Vercel cold starts.
Independent buyer script and ten automated tests.
Zero known npm vulnerabilities.
Quick start
npm install
npm run qa
npm run build
npm run devOpen http://localhost:4180.
In another terminal:
npm run demo:buyer -- --resource=market-signal --yesWithout --yes, the buyer stops at the human-confirmation boundary.
Public interfaces
Interface | Purpose |
| Machine-readable provider definition |
| Resource catalog and purchase URLs |
| LCP terms and verifiable ATR hash |
| MPP-protected delivery |
| Valid and adversarial buyer tests |
| Sanitized merchant evidence |
| Public readiness without secrets |
| Stateless MCP Streamable HTTP |
| Local MCP stdio server |
MCP tools
list_resourcesquote_resourcelist_test_scenariosget_merchant_receipt
There is no MCP payment-execution tool. The MCP server quotes resources; Spend Hub owns policy and confirmation.
Test scenarios
happyover-budgetwrong-recipientwrong-assetwrong-networkexpiredunavailabledelivery-failure
Only happy is executable. Adversarial scenarios generate non-chargeable challenges or failures for buyer validation.
Real Stellar testnet mode
Configure private Vercel environment variables:
MERCHANT_SIMULATION_ENABLED=falseMPP_ENABLED=trueMPP_STELLAR_RECIPIENT=<merchant G address>MPP_SECRET_KEY=<32+ random characters>UPSTASH_REDIS_REST_URLUPSTASH_REDIS_REST_TOKEN
Server-side public configuration:
PUBLIC_BASE_URLMPP_NETWORK=stellar:testnetMPP_PRICE_USDC=0.01STELLAR_HORIZON_URLSOROBAN_RPC_URL
No buyer secret belongs in this project or Vercel deployment.
Acceptance gate
Real evidence requires:
A distinct merchant testnet account and USDC trustline.
Official MPP challenge for the quoted resource.
Spend Hub buyer validates price, recipient, asset and network.
Human confirmation occurs before signing.
Merchant receives USDC and delivers the resource.
Merchant and buyer receipts reference the same public hash.
Replay produces no second debit.
Pending/simulated evidence never contains a hash.
See architecture, threat model, and deployment runbook.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/CaBsCrypto/stellar-agent-merchant-lab'
If you have feedback or need assistance with the MCP directory API, please join our Discord server