AI agents can read documentation, write code, and orchestrate complex workflows — but they can't easily pay for things. Traditional payment rails require government IDs, bank accounts, and manual enrollment. None of that works for autonomous software.
Stealth Agent Tools gives agents native access to the Stealth (XST) blockchain, a payment rail purpose-built for machine commerce: feeless transactions, 5-second confirmations, and no identity requirements. Agents can pay for API access, sell their own services, and settle payments directly on-chain — without payment channels, routing fees, or liquidity management.
The paywall implements the x402 open standard (v2) — the same protocol Coinbase built for internet-native payments. x402 activates the HTTP 402 "Payment Required" status code to embed payments directly into the HTTP request-response cycle.
Our implementation adds Stealth (XST) as a new x402 network alongside
EVM chains and Solana. Any x402-compatible client can interact with
Stealth-gated APIs using the standard PAYMENT-REQUIRED / PAYMENT-SIGNATURE
header flow.
| x402 + EVM (USDC) | x402 + Stealth (XST) | L402 + Lightning | |
|---|---|---|---|
| Transaction fees | Gas fees | None (feeless) | Routing fees |
| Setup | Wallet + gas | Wallet only | Channels + liquidity |
| Confirmation | ~2-12 seconds | ~5 seconds | Instant (channel needed) |
| Payment flow | Sign auth → settle | Send XST → verify txid | Invoice → route → settle |
| Protocol standard | x402 v2 | x402 v2 | L402 (proprietary) |
| Privacy | Public addresses | Stealth addresses | Onion routing |
An agent that wants to buy API access simply sends XST to a payment address. No invoices, no channels, no gas fees. Five seconds later, it's confirmed and the agent has access.
The x402 protocol is designed to be multi-network and multi-asset. The
paywall's accepts array lists multiple payment options — buyers pick the
currency they already have:
{
"accepts": [
{ "scheme": "exact", "network": "stealth:mainnet", "asset": "XST", "amount": "100000000" },
{ "scheme": "exact", "network": "eip155:8453", "asset": "USDC", "amount": "100000" },
{ "scheme": "exact", "network": "solana:mainnet", "asset": "USDC", "amount": "100000" }
]
}Why this matters for XST:
-
XST gets a discount. Content priced at $0.10 in USDC costs only ~$0.015 in XST (85% cheaper). Users who transact frequently will buy XST specifically because it's the cheapest option — creating real, organic demand.
-
XST is feeless. For micropayments under $0.10, fees matter. USDC on Base costs $0.10 + gas. XST costs $0.015 + nothing. The math sells itself.
-
Volume flywheel. Every XST payment is on-chain volume. More services accepting XST means more exchange listings, more liquidity, higher price, and an increasingly attractive payment option.
-
Gateway effect. New users pay with USDC because it's what they have. They see "XST is 85% cheaper." Next time they buy XST. Now they hold it, use it, and become part of the ecosystem.
Cross-chain settlement uses atomic swaps (HTLCs) —
trustless, no intermediary, funds are never at risk. Stealth's scripting engine
fully supports the required opcodes (OP_CHECKLOCKTIMEVERIFY, OP_HASH160,
OP_IF/ELSE/ENDIF).
graph TD
Agent["AI Agent"] --> MCP["stealth-mcp-server<br/><i>30 read-only tools</i>"]
Agent --> Paywall["stealth-paywall<br/><i>XST-gated API proxy</i>"]
MCP -->|"JSON-RPC"| Node["StealthCoind"]
Paywall -->|"verify payment"| Node
Paywall -->|"proxy after payment"| Backend["Any Backend API"]
Node <--> Network["Stealth Network<br/><i>32M+ blocks, 15 peers</i>"]
| Component | What it does |
|---|---|
| stealth-mcp-server | MCP server with 30 tools for querying blockchain state, stakers, addresses, and blocks. Works with any MCP-compatible AI assistant. |
| stealth-paywall | x402-compatible reverse proxy that gates any API behind XST payments. Returns HTTP 402 with PAYMENT-REQUIRED header; verifies on-chain payment via PAYMENT-SIGNATURE; issues Bearer tokens. |
| stealthd | Skill to install and operate a StealthCoind node in Docker. Handles wallet creation, blockchain bootstrap, node lifecycle. |
| stealth-security-module | Wallet encryption, RPC credential generation, and role-based agent profiles (read-only, pay-only, staker-admin). |
The MCP server can connect to any Stealth node, including the public mainnet gateway — no local node needed:
# Build MCP server (requires Go)
cd stealth-mcp-server && go build -o stealth-mcp-server .
# Set gateway connection
export STEALTH_RPC_URL="https://api-gateway-mainnet.stealthmonitor.xyz/"
# Run
./stealth-mcp-serverThen in your AI assistant:
Connect to the Stealth mainnet and show me the current block height
and the top stakers by weight.
For full commerce capabilities (sending XST, paywall verification):
git clone https://github.com/Stealth-R-D-LLC/stealthsend-agent-tools.git
cd stealthsend-agent-tools
# Build and start devcontainer (compiles StealthCoind from source)
docker compose -f .devcontainer/docker-compose.yml build
docker compose -f .devcontainer/docker-compose.yml up -d
docker exec -it stealth-dev bash
# Inside the container:
StealthCoind -printtoconsole &
skills/stealthd/scripts/stealthcli.sh getinfoProtect any backend API with the x402-compatible paywall:
cd stealth-paywall && go build -o stealth-paywall .
# Start your backend
python3 -m http.server 8080 &
# Start the paywall in front of it
export PAYWALL_ADDRESS="<your-xst-address>"
export PAYWALL_PRICE="1.0" # 1 XST per access token
export PAYWALL_BACKEND="http://localhost:8080"
./stealth-paywallThe x402 payment flow:
1. Agent: GET /api/data
2. Paywall: HTTP 402 + PAYMENT-REQUIRED header (base64 JSON)
{
"x402Version": 2,
"accepts": [{
"scheme": "exact",
"network": "stealth:mainnet",
"amount": "100000000",
"asset": "XST",
"payTo": "SXyz..."
}]
}
3. Agent: sends 1 XST to SXyz... (feeless, ~5 seconds)
4. Agent: GET /api/data + PAYMENT-SIGNATURE header (base64 JSON with txid)
5. Paywall: verifies on-chain, returns data + PAYMENT-RESPONSE header with Bearer token
6. Agent: uses Bearer token for subsequent requests (valid 24h)
stealth_connect · stealth_disconnect · stealth_connection_status
stealth_get_info · stealth_get_difficulty · stealth_get_peer_info · stealth_get_connection_count
stealth_get_block_count · stealth_get_best_block_hash · stealth_get_block · stealth_get_block_by_number · stealth_get_block_hash
stealth_get_balance · stealth_list_transactions · stealth_get_transaction · stealth_list_unspent · stealth_validate_address
stealth_get_qpos_info · stealth_get_staker_info · stealth_get_staker_price · stealth_get_stakers_by_id · stealth_get_stakers_by_weight · stealth_get_block_schedule · stealth_get_queue_summary · stealth_get_qpos_balance
stealth_get_address_balance · stealth_get_address_info · stealth_get_rich_list · stealth_get_tx_volume · stealth_get_xst_volume
| Variable | Default | Description |
|---|---|---|
PAYWALL_ADDRESS |
(required) | XST address to receive payments |
PAYWALL_PRICE |
1.0 |
Price per access token in XST |
PAYWALL_BACKEND |
http://localhost:8080 |
Backend URL to proxy |
PAYWALL_LISTEN |
:8402 |
Paywall listen address (port 8402 = HTTP 402) |
PAYWALL_TTL |
24h |
Access token lifetime |
PAYWALL_DESCRIPTION |
Protected API resource |
Human-readable resource description |
The paywall registers Stealth as stealth:mainnet following the
CAIP-2 format used by x402 for
network identification.
| Feature | How it works |
|---|---|
| Wallet encryption | AES-256-CBC, time-limited unlock |
| RPC auth | HTTP Basic Auth with random passwords |
| Agent profiles | Role-based method filtering (read-only, pay-only, staker-admin) |
| Paywall tokens | Cryptographically random, time-limited Bearer tokens |
| Replay protection | Each txid can only be used once for token issuance |
| No stored keys | MCP server holds no wallet credentials |
| Property | Value |
|---|---|
| Block time | 5 seconds (QPoS) |
| Transaction fees | None |
| Consensus | Quantum Proof-of-Stake |
| Privacy | Stealth addresses (dual-key) |
| Mainnet blocks | 32M+ |
| Money supply | ~36.5M XST |
| Document | Description |
|---|---|
| Architecture | System design, component map, data flows |
| Security | Security model, wallet encryption, RPC auth |
| MCP Server | 30-tool reference, configuration |
| Commerce | Agent commerce workflows, paywall setup |
| Atomic Swaps | Cross-chain HTLC swaps: pay in USDC, settle in XST |
| Quick Reference | Every command in one place |
MIT