How does 402 payment work in this skill?

If a 402 Payment Required is returned, the tool parses the requirements, checks wallet balance and allowance, performs infinite approval if needed, signs the payment permit using TRON Typed Data, and retries the request with the X-PAYMENT header.

What do I need to run tron-x402-payment?

You need a TRON private key configured (TRON_PRIVATE_KEY), USDT or USDD tokens (plus some TRX for gas), and, for Mainnet, a TRON_GRID_API_KEY. Wallet config can be sourced from environment variables or standard config files mentioned in the docs.

What modes does the tool support?

The tool supports v2 Agent Invoke (requires url and entrypoint, with input wrapped for v2) and v1/Discovery (uses the full URL with GET by default). It also includes a status/check capability to verify wallet and network configuration.

tron-x402-payment

Use Caution

@wzc1206

npx machina-cli add skill @wzc1206/tron-x402-payment --openclaw

Files (1)

SKILL.md

8.7 KB

x402 Payment Protocol for TRON Agents

Invoke x402-enabled AI agent endpoints with automatic TRC20 token payments on TRON. Currently recommended tokens: USDT, USDD.

Quick Start

The tool x402_tron_invoke is implemented by the compiled script dist/x402_tron_invoke.js.

The script is pre-built and ready to run. You can execute it directly from the command line:

# v2 Invoke
node dist/x402_tron_invoke.js --url https://api.example.com --entrypoint chat --input '{"prompt": "hi"}'

# Direct/Discovery
node dist/x402_tron_invoke.js --url https://api.example.com/.well-known/agent.json

How It Works

The x402_tron_invoke tool:

Constructs the endpoint URL:
- If entrypoint is provided: {url}/entrypoints/{entrypoint}/invoke (v2)
- Otherwise: Uses {url} as-is (v1 / Discovery)
Makes a request (POST for v2, GET default for v1)
If 402 Payment Required is returned:
- Parses payment requirements
- Checks wallet balance and allowance
- Performs an infinite approval if allowance is insufficient
- Signs the payment permit (EIP-712 / TRON Typed Data)
- Retries the request with X-PAYMENT header
Returns the response

Prerequisites

Wallet: A TRON private key must be available. The skill automatically looks for it in:
1. TRON_PRIVATE_KEY environment variable.
2. ~/.mcporter/mcporter.json (AIBank standard).
3. x402-config.json in the current/home directory.
Tokens: Wallet needs USDT/USDD and some TRX for gas.
TronGrid API Key: Required for Mainnet to avoid rate limits (TRON_GRID_API_KEY).

Tool Reference

x402_tron_invoke

Invokes an HTTP endpoint with automatic payment handling.

Modes:

v2 Agent Invoke (Recommended): Provide url (Base URL) + entrypoint.
- Constructs: {url}/entrypoints/{entrypoint}/invoke
- Wraps input: {"input": <input>}
- Method: POST
v1 / Direct / Discovery: Provide url (Full URL) without entrypoint.
- Uses the URL as-is.
- Method: GET (default) or specified via method.
- Agent Advice: Use this mode for discovery. If url returns 404, try appending /.well-known/agent.json or /entrypoints.
Status Check: Provide --check or --status.
- Verifies if TRON_PRIVATE_KEY is correctly configured and outputs the associated wallet address.
- Checks if TRON_GRID_API_KEY is present (Required for Mainnet).
- Agent Advice: ALWAYS use this instead of env or echo $TRON_PRIVATE_KEY.

Parameter	Type	Required	Description
`url`	string	Yes*	Base URL (v2) or Full URL (v1/Discovery). *Not required for `--check`.
`entrypoint`	string	No	Entrypoint name. Required for v2 Invoke.
`input`	object	No	Input data.
`method`	string	No	HTTP method. Default: `POST` (v2), `GET` (Direct).
`network`	string	No	`mainnet`, `nile`, `shasta` (Default: `nile`).
`check`	boolean	No	Verify wallet configuration and output address.

Example: Chat with Agent (v2 Invoke)

node dist/x402_tron_invoke.js --url https://api.example.com --entrypoint chat --input '{"prompt": "Tell me a joke"}'

(Sends POST https://api.example.com/entrypoints/chat/invoke)

Example: Agent Discovery (Direct)

Manifest: Fetch agent metadata.

node dist/x402_tron_invoke.js --url https://api.example.com/.well-known/agent.json

List Entrypoints: List available functions.
```
node dist/x402_tron_invoke.js --url https://api.example.com/entrypoints
```
Each entrypoint typically returns:
- Path: /entrypoints/{name}/invoke
- Pricing: Cost in tokens (e.g., 1000 units)
- Network: Usually nile or mainnet
- Input Schema: Expected JSON format for the input parameter

Example: Raw URL (Legacy)

node dist/x402_tron_invoke.js --url https://api.example.com/chat --method POST --input '{"prompt": "Tell me a joke"}'

Cost Reference (USDT/USDD)

Token	Network	Contract Address	Decimals
USDT	Mainnet	`TR7NHqjeKQxGTCi8q8ZY4pL8otSzgjLj6t`	6
USDT	Nile	`TXYZopYRdj2D9XRtbG411XZZ3kM5VkAeBf`	6
USDT	Shasta	`TG3XXyExBkPp9nzdajDZsozEu4BkaSJozs`	6
USDD	Mainnet	`TXDk8mbtRbXeYuMNS83CfKPaYYT8XWv9Hz`	18
USDD	Nile	`TGjgvdTWWrybVLaVeFqSyVqJQWjxqRYbaK`	18

Amount (raw)	Value (USDT, 6 dec)	Typical Use
1000	$0.001	Single API call
5000	$0.005	Multiple results
10000	$0.01	Premium request
1000000	$1.00	Large batch

Understanding 402 Responses

When payment is required, agents return:

{
  "error": "X-PAYMENT header is required",
  "accepts": [{
    "scheme": "exact",
    "network": "nile",
    "maxAmountRequired": "1000",
    "payTo": "T...",
    "asset": "T..."
  }],
  "x402Version": 1
}

The tool handles this automatically.

Supported Tokens

This tool supports TRC20 tokens compatible with the x402 protocol. Recommended:

USDT (Tether)
USDD (Decentralized USD)

Security Rules for Agents

No Private Key Output: The Agent MUST NOT print, echo, or output the TRON_PRIVATE_KEY or any other signing secret to the dialogue context.
Internal Loading Only: The Agent should rely on the skill or underlying scripts to load the key internally.
No Export Commands: The Agent MUST NOT execute shell commands that contain the private key as a literal string.
Sanitized Logs: Ensure that logs or error messages do not leak the key.
Silent Environment Checks: If you need to verify if an environment variable is set, use a "Silent Check".
- Correct: [[ -n $TRON_PRIVATE_KEY ]] && echo "Configured" || echo "Missing"
- Forbidden: echo $TRON_PRIVATE_KEY, env, printenv, set, export.
Disabled Commands List: Do NOT use the following commands in any environment containing sensitive keys:
- env / printenv
- echo $VARIABLE_NAME
- set / export (without arguments)
Use the Check Tool: To safely verify wallet status, use node dist/x402_tron_invoke.js --check.

❌ Negative Example (CRITICAL FAILURE)

"I will check your private key now: echo $TRON_PRIVATE_KEY" -> STOP! This leaks the secret to the logs and UI.

✅ Positive Example

"I will verify the wallet configuration: node dist/x402_tron_invoke.js --check" -> SAFE. Only the public address is shown.

Troubleshooting

"Private key not found"

Ensure the TRON_PRIVATE_KEY environment variable is set or a valid x402-config.json exists in the expected locations.

"Insufficient Allowance"

The tool will attempt to broadcast an infinite approve transaction. This requires TRX for gas. Ensure your wallet has TRX.

"Transaction Failed"

Check if you have enough Token balance (USDT/USDD) and TRX for gas.

Binary and Image Handling

If the endpoint returns an image (Content-Type: image/*) or binary data (application/octet-stream):

The data is automatically saved to a temporary file (e.g., /tmp/x402_image_...).
The tool returns a JSON object with:
- file_path: Path to the temporary file.
- content_type: The MIME type of the content.
- bytes: File size in bytes.
Important: The Agent is responsible for deleting the temporary file after it has been used.

Network Reference

Network	Chain ID	CAIP-2	USDT Contract	USDD Contract
TRON Mainnet	0x2b6653dc	`eip155:728126428`, `tron:mainnet`	`TR7NHqjeKQxGTCi8q8ZY4pL8otSzgjLj6t`	`TXDk8mbtRbXeYuMNS83CfKPaYYT8XWv9Hz`
TRON Nile	0xcd8690dc	`eip155:3448148188`, `tron:nile`	`TXYZopYRdj2D9XRtbG411XZZ3kM5VkAeBf`	`TGjgvdTWWrybVLaVeFqSyVqJQWjxqRYbaK`
TRON Shasta	0x94a9059e	`eip155:2494104990`, `tron:shasta`	`TG3XXyExBkPp9nzdajDZsozEu4BkaSJozs`	-

Source

git clone https://clawhub.ai/wzc1206/tron-x402-paymentView on GitHub

Overview

tron-x402-payment enables automatic TRC20 payments (USDT/USDD) on TRON when calling x402-enabled AI agent endpoints. It uses the x402_tron_invoke tool to detect 402 Payment Required, verify balance and allowance, sign a TRON/EIP-712 style permit, and retry the request with an X-PAYMENT header. This removes manual payment steps and ensures seamless access to paid endpoints.

How This Skill Works

When you call an x402-enabled endpoint via the x402_tron_invoke tool, the request is sent as either a v2 invoke (with an entrypoint) or v1/discovery. If the response is 402 Payment Required, the tool parses the payment requirements, checks wallet balance and allowance, performs an infinite approval if needed, signs the payment permit using TRON Typed Data (EIP-712 / TRON), and retries the original call with the X-PAYMENT header. The tool then returns the endpoint response to the caller.

When to Use It

You need to call an x402-enabled TRON endpoint from a server and want automatic TRC20 payments (USDT or USDD) without manual intervention.
You are choosing between v2 Invoke (with an entrypoint) and v1/Discovery modes and want the correct payment flow to trigger as needed.
You must operate on Mainnet with a TRON_GRID_API_KEY and have a wallet configured for gas (TRX) usage.
You want to avoid manual signing and payment handling by delegating it to the tool which signs permits automatically.
You expect 402 Payment Required responses and need automatic retry with the payment header to complete the original request.

Quick Start

Step 1: The x402_tron_invoke script is implemented by dist/x402_tron_invoke.js.
Step 2: The script is pre-built and ready to run. You can execute it from the command line: v2 Invoke example: node dist/x402_tron_invoke.js --url https://api.example.com --entrypoint chat --input '{"prompt": "hi"}'
Step 3: Direct/Discovery example: node dist/x402_tron_invoke.js --url https://api.example.com/.well-known/agent.json

Best Practices

Store and protect the TRON_PRIVATE_KEY in a secure environment variable (TRON_PRIVATE_KEY) or approved config paths.
Ensure USDT or USDD tokens are available in the wallet along with some TRX for gas fees.
Provide a TRON_GRID_API_KEY when operating on Mainnet to avoid rate limits.
Prefer v2 Agent Invoke with an explicit entrypoint for predictable URL construction and payload wrapping.
Test thoroughly with Discovery mode (.well-known/agent.json) before production to verify compatibility and payment flow.

Example Use Cases

Invoke a v2 chat endpoint with automatic TRC20 payment: node dist/x402_tron_invoke.js --url https://api.example.com --entrypoint chat --input '{"prompt": "hi"}'
Use Direct/Discovery to fetch an agent manifest: node dist/x402_tron_invoke.js --url https://api.example.com/.well-known/agent.json
Verify wallet configuration and network setup: node dist/x402_tron_invoke.js --check
Integrate into a production service that pays USDT/USDD automatically for each TRON x402 call
Handle 402 Payment Required by signing a TRON/ EIP-712 permit and retrying with X-PAYMENT automatically

Frequently Asked Questions

Add this skill to your agents