Provides tools for performing automated safety audits on Solana tokens, allowing AI agents to retrieve risk scores, liquidity analysis, and security flags to identify potential scams and vulnerabilities.
Token RugCheck — Solana Token Safety Audit for AI Agents
We're LIVE on Mainnet! Try it now:
https://rugcheck.aethercore.dev
# Quick test — no setup needed
curl https://rugcheck.aethercore.dev/health
# See the 402 paywall in action
curl https://rugcheck.aethercore.dev/v1/audit/DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263What you get: A three-layer safety audit for any Solana token — machine-readable verdict, LLM-friendly analysis, and raw evidence — all in one API call for $0.02 USDC.
Powered by ag402 on-chain micropayments.
Disclaimer: Not financial advice (NFA). Token safety scores are automated heuristics — may be inaccurate or outdated. DYOR. The authors accept no liability for losses.
Live Demos (Mainnet)
All demos below are real mainnet transactions — left side is the client, right side is the production server logs.
1. Wallet Setup (ag402 setup)
https://github.com/user-attachments/assets/fb6b1ecb-8d42-43b7-9939-4751ca09b63f
2. Auditing a Safe Token (BONK — risk score 3, SAFE)
https://github.com/user-attachments/assets/4b3814ae-96af-496b-86b7-c80cddef1475
3. Auditing a Risky Token (TRUMP — risk score 60, HIGH)
https://github.com/user-attachments/assets/6e359374-8caf-41c7-8bd1-14f63eb6d6e8
How It Works
Your AI Agent RugCheck Service
│ │
│ GET /v1/audit/{mint} │
├─────────────────────────────────────▶│
│ │
│ 402 Payment Required │
│ (pay 0.02 USDC on Solana) │
│◀─────────────────────────────────────┤
│ │
│ USDC payment (on-chain) │
├─────────────────────────────────────▶│
│ │
│ 200 OK + Audit Report │
│◀─────────────────────────────────────┤Input a Solana token mint address → get a three-layer report:
Layer | For | Content |
Action | Machines |
|
Analysis | LLMs | Summary, red flags, green flags |
Evidence | Humans | Price, liquidity, holder distribution, mint/freeze authority, raw data |
Data sources: RugCheck.xyz + DexScreener + GoPlus Security (concurrent fetch, graceful degradation).
Try It Now (3 minutes)
Step 1: Install
pip install "ag402-core[crypto]" httpxStep 2: Set up your wallet
ag402 setup
# Choose: Consumer → Mainnet
# Enter your Solana private key (encrypted locally with AES)
# Set safety limits (default: $10/day max)Step 3: Run an audit
# Command-line test script (included in this repo)
python3 mainnet_buyer_test.py DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263Or in Python:
import asyncio, httpx, ag402_core
ag402_core.enable() # Auto-handles 402 → pay → retry
async def check_token(mint: str):
async with httpx.AsyncClient(timeout=30.0) as client:
resp = await client.get(
f"https://rugcheck.aethercore.dev/v1/audit/{mint}"
)
report = resp.json()
action = report["action"]
if not action["is_safe"]:
print(f"DANGER — risk score {action['risk_score']}/100")
for flag in report["analysis"]["red_flags"]:
print(f" 🚩 {flag['message']}")
else:
print(f"SAFE — {report['analysis']['summary']}")
asyncio.run(check_token("DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263"))Requirements: Your wallet needs USDC (for payments) and a small amount of SOL (for transaction fees, ~0.01 SOL).
mainnet_buyer_test.py — Command-line Audit Tool
A standalone script to audit any Solana token via the paid gateway.
# Audit one token
python3 mainnet_buyer_test.py <mint_address>
# Audit multiple tokens
python3 mainnet_buyer_test.py <mint1> <mint2> <mint3>
# Use a custom gateway
python3 mainnet_buyer_test.py --gateway https://your-server.com <mint>Private key sources (picks the first available):
Priority | Source | Setup |
1 |
|
|
2 |
| Written by |
3 |
| Created by |
# Non-interactive (CI/Docker)
export AG402_UNLOCK_PASSWORD=<wallet_password>
python3 mainnet_buyer_test.py DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263API Reference
Base URL: https://rugcheck.aethercore.dev
Endpoints
Method | Path | Auth | Description |
GET |
| USDC payment | Full safety audit report |
GET |
| None | Service health + upstream status |
GET |
| Loopback only | Request counts + cache hit rate |
GET |
| Loopback only | Prometheus metrics |
GET |
| USDC payment | Deprecated — use |
Audit Response Schema
{
"contract_address": "DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263",
"chain": "solana",
"audit_timestamp": "2026-03-08T12:34:56.789012+00:00",
"degraded": false,
"action": {
"is_safe": true,
"risk_level": "SAFE",
"risk_score": 3
},
"analysis": {
"summary": "No significant risk signals detected. Always do your own research (DYOR).",
"red_flags": [
{"level": "LOW", "message": "Token metadata is mutable — common for Solana tokens."}
],
"green_flags": [
{"message": "Mint authority renounced (Mint Renounced)."},
{"message": "Liquidity pool is sufficiently protected (LP Burned or Locked)."},
{"message": "No freeze authority (Not Freezable)."}
]
},
"evidence": {
"token_name": "Bonk",
"token_symbol": "Bonk",
"price_usd": 0.00012,
"liquidity_usd": 85000000.0,
"is_mintable": false
},
"metadata": {
"data_sources": ["RugCheck", "DexScreener", "GoPlus"],
"data_completeness": "full",
"cache_hit": false,
"data_age_seconds": 0,
"response_time_ms": 738,
"disclaimer": "This report is generated by automated data aggregation. Not financial advice (NFA)."
}
}Key Fields
Field | Type | Description |
|
| Machine-readable verdict |
|
| 0 (safest) to 100 (most dangerous) |
|
|
|
|
|
|
|
|
|
|
|
|
Health Check
# Development mode — detailed info
GET /health → {"status": "ok", "service": "token-rugcheck-mcp", "version": "0.1.0"}
# Production mode (RUGCHECK_PRODUCTION=true) — minimal, no internal details
GET /health → {"status": "ok"}
| Meaning |
| All systems normal |
| Upstream API failures — service continues with available data |
Deployment Guide (Self-hosting)
Automated Deployment: See OPERATIONS.md for one-click scripts and ops runbook.
Architecture
Client (AI Agent)
│ HTTPS
▼
Cloudflare (SSL termination, DDoS protection)
│ HTTP:80
▼
┌─────────────────────────────────────────────┐
│ Docker Compose │
│ ┌─────────────┐ ┌──────────────────┐ │
│ │ ag402-gateway│────▶│ rugcheck-audit │ │
│ │ :80 (public) │ │ :8000 (internal) │ │
│ │ Payment gate │ │ Audit engine │ │
│ └─────────────┘ └──────────────────┘ │
└─────────────────────────────────────────────┘Three Environments
Environment | Blockchain | Real Funds | Use Case |
Test (mock) | None | No | Local dev, CI |
Devnet | Solana Devnet | No (faucet) | Integration testing |
Production | Solana Mainnet | Yes | Live service |
Quick Start — Test Mode (zero config)
pip install -e .
python -m rugcheck.main & # Audit server on :8000
python -m rugcheck.gateway & # Gateway on :8001 (mock payments)
curl http://localhost:8001/v1/audit/DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263Quick Start — Production (Docker)
# 1. One-click deploy to your server
bash scripts/deploy-oneclick.sh
# Or manually:
cp .env.example .env # Edit with your wallet address + keys
docker compose -f docker-compose.yml -f docker-compose.prod.yml up -dProvider .env (Production)
X402_MODE=production
X402_NETWORK=mainnet
AG402_ADDRESS=<your_solana_wallet> # Receives USDC payments
AG402_PRICE=0.02 # USDC per audit
SOLANA_RPC_URL=https://api.mainnet-beta.solana.com # Read-only RPC for payment verification
RUGCHECK_PRODUCTION=true # Disable /docs, harden /health response
UVLOOP_INSTALL=0 # Required: prevents uvloop/aiosqlite crash
# Optional: prepaid fast-path (~1ms per request instead of ~500ms)
# Generate: python -c "import secrets; print(secrets.token_hex(32))"
AG402_PREPAID_SIGNING_KEY=<random_32+_char_key>
# Optional: higher GoPlus rate limits
GOPLUS_APP_KEY=<key>
GOPLUS_APP_SECRET=<secret>Note: As a seller/provider, you do not need
SOLANA_PRIVATE_KEY. The gateway verifies buyer payments via read-only RPC — no signing required.
Consumer Setup
pip install "ag402-core[crypto]" httpx
ag402 setup # Interactive wizard
ag402 status # Verify wallet + balanceimport ag402_core
ag402_core.enable()
# Now all httpx requests auto-handle 402 → pay → retryConfiguration Reference
Service
Variable | Default | Description |
|
| Bind address |
|
| Bind port |
|
|
|
|
|
|
|
| Worker processes |
|
| Cache TTL (short to catch rug pulls) |
|
| Max cached entries (LRU) |
|
| Free requests per IP per day |
|
| Paid requests per IP per minute |
Upstream APIs
Variable | Default | Description |
|
| DexScreener timeout |
|
| GoPlus timeout |
|
| RugCheck timeout |
| — | GoPlus API key (optional) |
| — | GoPlus API secret |
ag402 Payment
Variable | Default | Description |
|
| USDC per request |
| — | Provider wallet (receives payments) |
|
| Gateway port |
| — | HMAC signing key for prepaid fast-path (optional, |
|
|
|
|
|
|
|
| Read-only Solana RPC for payment verification |
Consumer Safety Limits
Variable | Default | Description |
|
| Max daily spend (USD) |
|
| Max per-transaction |
|
| Max spend per minute |
|
| Max transactions per minute |
ag402 CLI Reference
ag402 setup # Interactive setup wizard
ag402 status # Dashboard: mode, wallet, balance
ag402 balance # Check SOL + USDC balance
ag402 doctor # Diagnose environment issues
ag402 history --limit 10 # Recent transactions
ag402 pay <url> # Send a single paid request
ag402 demo # Quick E2E test (mock mode)
ag402 demo --devnet # E2E test with Devnet transactions
ag402 info # Protocol version
# Prepaid packages (v0.1.15+) — pre-purchase call bundles for ~1ms per request
ag402 prepaid buy <gateway_url> <package_id> # Purchase a prepaid package
ag402 prepaid status # List all credentials + remaining calls
ag402 prepaid purge # Remove expired/depleted credentialsDevelopment
pip install -e ".[dev]"
python -m pytest tests/ -v # 118 tests
ruff check src/ tests/ # Lint
python examples/demo_agent.py # E2E demo (direct)
python examples/demo_agent.py --with-gateway # E2E demo (with payment)Project Structure
src/rugcheck/
├── config.py # Environment-based configuration
├── models.py # Pydantic models (report schema)
├── cache.py # Async-safe TTL cache (LRU, asyncio.Lock)
├── server.py # FastAPI app + rate limiter + health checks
├── main.py # Audit server entry point
├── gateway.py # ag402 gateway entry point
├── fetchers/
│ ├── base.py # BaseFetcher ABC
│ ├── goplus.py # GoPlus Security API
│ ├── rugcheck.py # RugCheck.xyz API
│ ├── dexscreener.py # DexScreener API
│ └── aggregator.py # Concurrent fetch + merge
└── engine/
└── risk_engine.py # Deterministic rule-based scoringSecurity
Rate limiting — free: 20/day per IP; paid: 120/min per IP
Trusted proxy model —
CF-Connecting-IPonly trusted from Cloudflare IPsProduction hardening —
/docs,/redoc,/openapi.jsondisabledGateway fail-safe — refuses to start if payment verifier fails in production
Cache isolation — deep-copy on get/set prevents shared state corruption
Degraded short-TTL — incomplete reports cached only 10s
Prometheus path normalization — prevents cardinality explosion
Upstream protection —
Semaphore(20)+max_connections=50Error sanitization — never exposes internal paths
Troubleshooting
Problem | Cause | Fix |
| Expected — gateway requires USDC payment | Use |
| Wallet SOL too low for ATA creation | Send ≥ 0.01 SOL to your wallet |
| Solana network confirmation timeout | Retry — transient network issue |
| Missing crypto deps |
|
| Missing crypto deps |
|
Gateway keeps restarting | Missing | Check |
Health returns | Upstream APIs failing | Service continues with available sources — check |
License
MIT
This server cannot be installed
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.