{"passport":{"unfragile":{"@version":"1.0","version":"2026-05","artifact":{"id":"smithery_amrinder847-cipher-x402-mcp","slug":"amrinder847-cipher-x402-mcp","name":"cipher-x402-mcp","type":"mcp","url":"https://github.com/cryptomotifs/cipher-x402-mcp","page_url":"https://unfragile.ai/amrinder847-cipher-x402-mcp","categories":["mcp-servers","code-review-security","app-builders"],"tags":["mcp","model-context-protocol","smithery:amrinder847/cipher-x402-mcp"],"pricing":{"model":"open_source","free":true,"starting_price":null},"status":"active","verified":false},"capabilities":[{"id":"smithery_amrinder847-cipher-x402-mcp__cap_0","uri":"capability://tool.use.integration.http.402.payment.gated.tool.invocation.with.agent.side.wallet.signing","name":"http 402 payment-gated tool invocation with agent-side wallet signing","description":"Implements a forward-only relay pattern where MCP clients invoke paid tools without pre-funding. When an agent calls a gated tool lacking an X-PAYMENT header, the server returns the upstream HTTP 402 response with an accept-list (payment terms, amount, recipient address) verbatim. The agent's wallet signs the payment in USDC on Base, includes the signature in X-PAYMENT header, and retries. The server never custodies funds — it validates signatures and forwards authenticated requests upstream. This enables pay-per-call microtransactions (0.005–0.25 USDC) without wallet pre-setup or escrow.","intents":["Build agents that pay for API calls on-demand without pre-funding wallets","Expose premium tools to Claude/Cursor/Cline with transparent per-call pricing","Implement trustless payment verification without custody of caller funds","Enable agents to autonomously negotiate and execute blockchain payments"],"best_for":["AI agent builders integrating premium APIs into Claude Desktop or Cursor","Crypto-native teams monetizing tools via micropayments","Developers building trustless agent-to-service interactions"],"limitations":["Requires agent to have USDC balance on Base and ability to sign transactions — not all MCP clients support wallet integration","Payment validation latency depends on Base RPC speed; no built-in retry logic for failed transactions","X-PAYMENT header format is custom; requires agent-side implementation of signature generation and retry logic","No fallback for agents without wallet capability — tool becomes unavailable rather than gracefully degrading"],"requires":["MCP client with HTTP header manipulation support (Claude Desktop, Cursor, Cline, Continue)","Agent with USDC balance on Base mainnet","Wallet signing capability in agent runtime (ethers.js or equivalent)","Access to Base RPC endpoint for transaction submission"],"input_types":["MCP tool call with optional X-PAYMENT header","Wallet signature (hex-encoded)"],"output_types":["HTTP 402 response with accept-list (JSON)","Tool result (JSON or text) on successful payment"],"categories":["tool-use-integration","payment-protocol"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"smithery_amrinder847-cipher-x402-mcp__cap_1","uri":"capability://safety.moderation.solana.wallet.security.audit.with.rule.based.vulnerability.detection","name":"solana wallet security audit with rule-based vulnerability detection","description":"Provides a free, rule-based security audit for Solana wallets by analyzing on-chain activity patterns and account state. The audit applies a hardcoded ruleset (included in the MCP server) to detect common vulnerabilities: token account misconfigurations, suspicious delegation patterns, exposure to known malicious programs, and balance anomalies. Results are returned as structured findings with severity levels. This is the only free tool in the suite; others are gated behind x402 payments.","intents":["Audit a Solana wallet for security risks before transacting","Detect if a wallet has been compromised or exposed to malicious programs","Identify token account misconfigurations that could lead to fund loss","Integrate wallet security checks into agent workflows without per-call costs"],"best_for":["Agents managing Solana wallets or recommending wallet security practices","Developers building Solana portfolio dashboards with security overlays","Non-technical users wanting free wallet health checks"],"limitations":["Rule-based detection only — cannot detect novel attack vectors or zero-day exploits","Requires wallet address to be queryable on Solana RPC; private/non-existent wallets return empty results","Audit rules are static and embedded in the server — no dynamic rule updates without redeployment","Does not analyze off-chain metadata or social engineering risks"],"requires":["Valid Solana wallet address (base58-encoded)","Access to Solana RPC endpoint (public or private)","MCP client with tool-calling support"],"input_types":["Solana wallet address (string, base58)"],"output_types":["Structured audit findings (JSON array with severity, description, remediation)"],"categories":["safety-moderation","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"smithery_amrinder847-cipher-x402-mcp__cap_2","uri":"capability://data.processing.analysis.solana.wallet.transaction.and.balance.scanning.with.on.chain.indexing","name":"solana wallet transaction and balance scanning with on-chain indexing","description":"Scans a Solana wallet's transaction history, token balances, and account state by querying the Solana RPC API. Returns structured data including recent transactions, token holdings, SOL balance, and account metadata. The tool abstracts RPC complexity behind a simple wallet address input, handling pagination and data aggregation internally. Results are cached implicitly by the RPC provider but not by the MCP server itself.","intents":["Retrieve a wallet's current token balances and SOL holdings","Fetch recent transaction history for a wallet to detect activity patterns","Analyze a wallet's account state and metadata for compliance or risk assessment","Build agent workflows that depend on real-time wallet data"],"best_for":["Agents managing Solana portfolios or monitoring wallet activity","Developers building Solana dashboards or analytics tools","Compliance teams auditing wallet activity"],"limitations":["RPC rate limits apply — high-frequency scans of many wallets may hit provider limits","No built-in caching in the MCP server — repeated calls to the same wallet incur RPC costs","Transaction history is limited to what the RPC provider indexes; historical data beyond provider retention is unavailable","Token metadata (name, decimals, logo) requires additional RPC calls or external indexing"],"requires":["Valid Solana wallet address (base58-encoded)","Access to Solana RPC endpoint with sufficient rate limits","MCP client with tool-calling support"],"input_types":["Solana wallet address (string, base58)","Optional: limit (number of transactions to return)"],"output_types":["Structured wallet data (JSON): transactions array, token balances, SOL balance, account metadata"],"categories":["data-processing-analysis","search-retrieval"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"smithery_amrinder847-cipher-x402-mcp__cap_3","uri":"capability://safety.moderation.password.breach.detection.via.have.i.been.pwned.integration","name":"password breach detection via have i been pwned integration","description":"Checks if an email address or password has appeared in known data breaches by querying the Have I Been Pwned (HIBP) API. The MCP server acts as a relay, forwarding requests to HIBP and returning breach records with metadata (breach name, date, compromised data types). Requests are gated behind x402 payments to monetize access to the HIBP service.","intents":["Check if a user's email has been compromised in known breaches","Verify password strength by checking against breach databases","Build agent workflows that validate user credentials before onboarding","Integrate breach detection into security audit chains"],"best_for":["Agents handling user onboarding or credential validation","Security teams auditing user account exposure","Developers building credential-checking tools"],"limitations":["HIBP API has rate limits (1 request per 1.5 seconds); high-frequency checks will be throttled","Only detects breaches in HIBP's database; newer breaches may not be indexed immediately","Email-based lookups only; cannot check arbitrary passwords without submitting them to HIBP (privacy risk)","Requires HIBP API key; service availability depends on HIBP uptime"],"requires":["Email address or password to check (string)","Valid HIBP API key (configured in MCP server)","MCP client with tool-calling support","Payment capability (x402 USDC on Base)"],"input_types":["Email address (string) or password hash (string)"],"output_types":["Breach records array (JSON): breach name, date, compromised data types, or empty array if no breaches found"],"categories":["safety-moderation","search-retrieval"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"smithery_amrinder847-cipher-x402-mcp__cap_4","uri":"capability://data.processing.analysis.jito.tip.calculator.for.solana.transaction.optimization","name":"jito tip calculator for solana transaction optimization","description":"Calculates optimal Jito tips for Solana transactions based on current network congestion and MEV conditions. The tool queries Jito's tip API to fetch current tip percentiles and returns a recommendation (in lamports or USDC) for a given transaction size. This enables agents to optimize transaction inclusion probability without overpaying for tips.","intents":["Calculate fair Jito tip amount for a Solana transaction","Optimize transaction costs by avoiding overpaying for tips","Build agent workflows that dynamically adjust tips based on network conditions","Integrate MEV-aware transaction execution into trading agents"],"best_for":["Solana trading agents and arbitrage bots","Developers building transaction optimization tools","High-frequency traders optimizing execution costs"],"limitations":["Tip recommendations are point-in-time; network conditions change rapidly and recommendations may become stale","Jito tip API availability depends on Jito infrastructure; service outages affect tool availability","Does not guarantee transaction inclusion even with recommended tips — MEV conditions are unpredictable","Requires knowledge of transaction size to calculate tips; complex transactions may have variable sizes"],"requires":["Transaction size in lamports or USDC (number)","Access to Jito tip API endpoint","MCP client with tool-calling support","Payment capability (x402 USDC on Base)"],"input_types":["Transaction size (number, in lamports or USDC)","Optional: percentile (number, 0-100, default 50)"],"output_types":["Tip recommendation (JSON): suggested tip amount, percentile, network congestion level"],"categories":["data-processing-analysis","planning-reasoning"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"smithery_amrinder847-cipher-x402-mcp__cap_5","uri":"capability://data.processing.analysis.github.repository.health.scoring.and.metadata.extraction","name":"github repository health scoring and metadata extraction","description":"Analyzes a GitHub repository and returns a health score based on metrics: commit frequency, issue resolution time, test coverage, documentation completeness, and dependency freshness. The tool queries the GitHub API to fetch repository metadata, recent commits, issues, and workflows, then applies a weighted scoring algorithm. Results include the overall health score (0-100) and component breakdowns.","intents":["Evaluate code quality and maintenance status of a GitHub repository","Assess dependency freshness and security posture of a project","Build agent workflows that recommend repositories based on health metrics","Integrate repository analysis into CI/CD or code review pipelines"],"best_for":["Developers evaluating open-source dependencies","Teams assessing code quality of external projects","Agents recommending libraries or frameworks"],"limitations":["GitHub API rate limits apply (60 requests/hour unauthenticated, 5000/hour authenticated); high-frequency analysis will be throttled","Health scoring algorithm is heuristic-based and may not reflect actual code quality for all project types","Private repositories require GitHub authentication; public-only analysis limits scope","Does not analyze code complexity, security vulnerabilities, or runtime performance"],"requires":["GitHub repository URL or owner/repo string","GitHub API token (optional, but recommended for higher rate limits)","MCP client with tool-calling support","Payment capability (x402 USDC on Base)"],"input_types":["Repository identifier (string): 'owner/repo' or full GitHub URL"],"output_types":["Health report (JSON): overall score, component scores (commits, issues, tests, docs, dependencies), metadata"],"categories":["data-processing-analysis","search-retrieval"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"smithery_amrinder847-cipher-x402-mcp__cap_6","uri":"capability://data.processing.analysis.fred.macro.series.retrieval.and.time.series.analysis","name":"fred macro series retrieval and time-series analysis","description":"Fetches economic time-series data from the Federal Reserve Economic Data (FRED) API, including GDP, inflation, unemployment, and interest rates. The tool accepts a FRED series ID and returns historical data points with dates and values. Results can be aggregated (mean, median, latest) or returned as full time-series for agent-side analysis.","intents":["Retrieve historical economic indicators for macro analysis","Build agent workflows that incorporate economic data into trading or investment decisions","Analyze inflation, unemployment, or interest rate trends","Integrate macro data into risk assessment or portfolio optimization"],"best_for":["Trading agents and quantitative analysts","Developers building macro-aware investment tools","Economic researchers integrating FRED data into analysis pipelines"],"limitations":["FRED API has rate limits (120 requests/minute); high-frequency queries will be throttled","Data is published with lags (e.g., monthly employment data released weeks later); real-time data is unavailable","Time-series may have gaps or revisions; historical data can change as FRED updates estimates","Requires knowledge of FRED series IDs; discovery of relevant series requires external lookup"],"requires":["FRED series ID (string, e.g., 'GDP', 'UNRATE')","FRED API key (configured in MCP server)","MCP client with tool-calling support","Payment capability (x402 USDC on Base)"],"input_types":["FRED series ID (string)","Optional: start date, end date, aggregation method (string)"],"output_types":["Time-series data (JSON): array of date-value pairs, or aggregated statistics"],"categories":["data-processing-analysis","search-retrieval"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"smithery_amrinder847-cipher-x402-mcp__cap_7","uri":"capability://data.processing.analysis.drift.protocol.exposure.and.position.analysis","name":"drift protocol exposure and position analysis","description":"Queries the Drift Protocol (a Solana perpetual futures platform) to retrieve a wallet's open positions, collateral, and leverage exposure. The tool fetches position data from Drift's on-chain state and returns structured position information including entry price, current price, PnL, and liquidation risk. This enables agents to monitor trading positions and assess liquidation risk in real-time.","intents":["Monitor open positions and collateral on Drift Protocol","Calculate liquidation price and risk for leveraged positions","Build agent workflows that manage Drift positions or hedge exposure","Integrate Drift data into portfolio dashboards or risk management systems"],"best_for":["Solana trading agents and arbitrage bots","Developers building Drift position dashboards","Risk managers monitoring leveraged exposure"],"limitations":["Requires wallet to have an active Drift account; non-Drift users return empty results","Position data is point-in-time; prices and PnL change rapidly and may be stale by the time results are used","Liquidation risk calculations depend on Drift's liquidation engine; actual liquidation may differ from calculated risk","Does not include historical position data or closed positions; only active positions are returned"],"requires":["Solana wallet address with active Drift account (base58-encoded)","Access to Drift Protocol on-chain state (via Solana RPC)","MCP client with tool-calling support","Payment capability (x402 USDC on Base)"],"input_types":["Solana wallet address (string, base58)"],"output_types":["Position data (JSON): array of positions with entry price, current price, PnL, collateral, liquidation price"],"categories":["data-processing-analysis","search-retrieval"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"smithery_amrinder847-cipher-x402-mcp__cap_8","uri":"capability://tool.use.integration.mcp.server.deployment.and.client.integration.with.payment.relay","name":"mcp server deployment and client integration with payment relay","description":"The cipher-x402-mcp server itself is deployable as a standalone MCP server that integrates with any MCP client (Claude Desktop, Cursor, Cline, Continue). The server implements the MCP protocol specification, exposing tools as callable functions with standardized input/output schemas. The payment relay logic is built into the server: it intercepts tool calls, checks for X-PAYMENT headers, returns HTTP 402 responses with payment terms when needed, and validates signatures on retry. The server is stateless and can be deployed as a Docker container, Node.js process, or serverless function.","intents":["Deploy a payment-gated tool server that integrates with Claude Desktop or Cursor","Build custom MCP servers that monetize tool access via x402 payments","Integrate multiple crypto and macro tools into a single MCP endpoint","Enable agents to call payment-gated tools without pre-funding wallets"],"best_for":["Developers building monetized MCP servers","Teams deploying crypto-native tools to Claude Desktop","Builders integrating multiple APIs behind a single MCP interface"],"limitations":["Requires MCP client support for custom HTTP headers (X-PAYMENT); not all clients may support this","Server deployment requires Node.js runtime or Docker; no Python or Go implementations provided","Payment validation depends on Base RPC availability; RPC outages affect tool availability","No built-in persistence or logging; audit trails require external infrastructure"],"requires":["Node.js 18+ or Docker runtime","MCP client (Claude Desktop, Cursor, Cline, Continue) configured to connect to the server","Base RPC endpoint for payment validation","Optional: environment variables for API keys (HIBP, GitHub, FRED, Jito)"],"input_types":["MCP tool call (JSON, following MCP protocol)","Optional: X-PAYMENT header with wallet signature"],"output_types":["MCP tool result (JSON) or HTTP 402 response with payment terms"],"categories":["tool-use-integration","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0}],"trust":{"score":40,"verified":false,"data_access_risk":"high","permissions":["MCP client with HTTP header manipulation support (Claude Desktop, Cursor, Cline, Continue)","Agent with USDC balance on Base mainnet","Wallet signing capability in agent runtime (ethers.js or equivalent)","Access to Base RPC endpoint for transaction submission","Valid Solana wallet address (base58-encoded)","Access to Solana RPC endpoint (public or private)","MCP client with tool-calling support","Access to Solana RPC endpoint with sufficient rate limits","Email address or password to check (string)","Valid HIBP API key (configured in MCP server)"],"failure_modes":["Requires agent to have USDC balance on Base and ability to sign transactions — not all MCP clients support wallet integration","Payment validation latency depends on Base RPC speed; no built-in retry logic for failed transactions","X-PAYMENT header format is custom; requires agent-side implementation of signature generation and retry logic","No fallback for agents without wallet capability — tool becomes unavailable rather than gracefully degrading","Rule-based detection only — cannot detect novel attack vectors or zero-day exploits","Requires wallet address to be queryable on Solana RPC; private/non-existent wallets return empty results","Audit rules are static and embedded in the server — no dynamic rule updates without redeployment","Does not analyze off-chain metadata or social engineering risks","RPC rate limits apply — high-frequency scans of many wallets may hit provider limits","No built-in caching in the MCP server — repeated calls to the same wallet incur RPC costs","builder identity is not verified yet","no observed match outcomes yet"],"rank_breakdown":{"adoption":0.05,"quality":0.53,"ecosystem":0.6900000000000001,"match_graph":0.25,"freshness":0.75,"weights":{"adoption":0.25,"quality":0.25,"ecosystem":0.15,"match_graph":0.23,"freshness":0.12}},"observed_outcomes":{"matches":0,"success_rate":0,"avg_confidence":0,"top_intents":[],"last_matched_at":null},"maintenance":{"status":"active","updated_at":"2026-05-24T12:16:25.635Z","last_scraped_at":"2026-05-03T15:19:22.209Z","last_commit":null},"community":{"stars":null,"forks":null,"weekly_downloads":null,"model_downloads":null,"model_likes":null}},"distribution":{"claim_url":"https://unfragile.ai/submit?claim=amrinder847-cipher-x402-mcp","compare_url":"https://unfragile.ai/compare?artifact=amrinder847-cipher-x402-mcp"}},"signature":"tBjeA5j5oTOhGblkzX0iAH6DW9frtXBR1UJSPy2SXodA+f5z3uHvoROgdzeb76YZfdklhxObQvY2U42+uxdhCA==","signedAt":"2026-06-20T13:41:11.692Z","signedBy":"unfragile.ai","version":1},"_links":{"self":"https://unfragile.ai/api/v1/passport/amrinder847-cipher-x402-mcp","artifact":"https://unfragile.ai/amrinder847-cipher-x402-mcp","verify":"https://unfragile.ai/api/v1/verify?slug=amrinder847-cipher-x402-mcp","publicKey":"https://unfragile.ai/api/v1/trust-passport-public-key","spec":"https://unfragile.ai/trust","schema":"https://unfragile.ai/schema.json","docs":"https://unfragile.ai/docs"}}