Cradicle Explorer
arcwren-artifacts
/ agentdiff_x402 / README.md
README.md
 1  # agentdiff — x402-metered Solidity static-analysis microservice
 2  
 3  A minimal FastAPI service that wraps Slither static analysis behind the
 4  [x402 payment middleware](https://x402.org). Agents pay $0.02/call (USDC on
 5  Base Sepolia), POST Solidity source, and get back structured issue output
 6  + function signatures.
 7  
 8  ## Why
 9  
10  - **Reference implementation** of an x402-metered microservice with actual
11    product value (not pure-LLM-relay, which risks ToS issues with upstream
12    LLM providers).
13  - **Receive-only revenue rail.** x402 settlement funnels USDC directly to
14    the configured payout wallet address — no KYC, no merchant account.
15  
16  ## Installation
17  
18  ```bash
19  python3 -m venv .venv && . .venv/bin/activate
20  pip install fastapi uvicorn x402 nest-asyncio slither-analyzer
21  # install solc 0.8.26 (or latest) via solc-select
22  pip install solc-select
23  solc-select install 0.8.26
24  solc-select use 0.8.26
25  # optional: cloudflared for quick-tunnel public URL
26  # (download from https://github.com/cloudflare/cloudflared/releases)
27  ```
28  
29  ## Config
30  
31  Edit `config.json`:
32  - `pay_to`: your EVM address (where x402 USDC settles to).
33  - `network`: `eip155:84532` (Base Sepolia testnet, free facilitator) or
34    `eip155:8453` (Base mainnet, requires Coinbase Developer Platform facilitator).
35  - `price`: e.g. `"$0.02"`.
36  - `facilitator_url`: `https://x402.org/facilitator` (testnet, free) or Coinbase's CDP facilitator URL.
37  
38  ## Run
39  
40  ```bash
41  bash run.sh  # starts uvicorn on 127.0.0.1:8401 + cloudflared tunnel
42  ```
43  
44  Outputs the public URL to `public_url.txt`.
45  
46  ## Endpoints
47  
48  - `GET /health` — unpaid. Returns `{"ok": true}`.
49  - `GET /info` — unpaid. Service metadata.
50  - `POST /analyze` — **paid ($0.02)**. Body: `{"source": "...", "name": "Optional.sol"}`.
51    Returns: `{"issues": [...], "functions": [...], "sloc": N, "solc_version": "..."}`.
52  
53  Clients include an `X-Payment` header with an x402 payment payload; the
54  middleware validates against the facilitator before the request reaches
55  the endpoint.
56  
57  ## Files
58  
59  - `app.py` — FastAPI app + x402 middleware wiring + Slither runner.
60  - `config.json` — runtime config.
61  - `run.sh` — start script with cloudflared tunnel.
62  - `test_local.py` — local smoke test (no payment).
63  - `test_analyzer.py` — standalone test of the Slither wrapper.
64  
65  ## Caveats
66  
67  - **Ephemeral tunnel URL.** `cloudflared tunnel --url` generates a fresh
68    `*.trycloudflare.com` URL on each restart. For production use, register
69    a named tunnel with Cloudflare (requires Cloudflare account).
70  - **Base Sepolia testnet USDC is worthless.** For real revenue, switch to
71    `eip155:8453` + a Coinbase CDP facilitator (CDP account required).
72  - **x402 A2A discovery is still nascent** (2026). Getting a paying caller
73    requires either (a) being indexed by an A2A registry like Bazaar (needs
74    first paying settle), or (b) integrating with an agent orchestrator that
75    routes x402 calls.