AutoToll

AutoToll: We Gave AI Agents Crypto Wallets

Look, here's the thing - AI agents like Claude are amazing at writing code, but they're completely useless when it comes to money. They can't store API keys, they can't pay for services, they basically live in economic poverty. So we fixed that.

AutoToll is the first MCP server with built-in crypto payments. We literally gave Claude its own USDC wallet on Base Sepolia, and now it can discover and pay for any API automatically. No API keys, no auth hassles, just pure vibes and micropayments.

The hack is beautifully simple:

Your AI wants to use an API? It browses our marketplace, picks one, calls it, and pays automatically using the x402 protocol (HTTP 402 Payment Required, but actually working). The payment happens transparently - the AI doesn't even know it's spending money. It just... works.

We built a gateway that sits between AI agents and the world's APIs. It handles all the messy stuff - auth injection, payment processing, even binary responses for images and audio. The AI just says "get me weather for NYC" and boom, API called, $0.001 paid, response delivered.

For API providers, it's even better - register your API in 30 seconds, set your price, and start earning USDC directly to your wallet. No Stripe, no subscriptions, no invoices. Just instant micropayments for every request.

The wild part? This is all real money. During our demo, Claude spent actual USDC to get Chuck Norris jokes ($0.0011 per joke, and yes, we have the transaction hashes to prove it). We're not playing with testnet tokens here - this is real value being exchanged between machines.

We've already got ElevenLabs TTS, Replicate AI, and a bunch of other APIs integrated. But honestly, any REST API works. Weather data? $0.001. Generate an image? $0.003. Convert text to speech? $0.014. The AI just discovers what it needs and pays for it.

Why this matters: We're speedrunning the future where AI agents are economic actors. They need to transact to be truly useful. Imagine your AI assistant booking flights, ordering food, or hiring other AIs to help with tasks - all autonomously. That future needs payment rails. We built them.

Built at ETHGlobal NYC 2025 because we wanted to see if we could make Claude economically autonomous. Turns out, we could. The machines have money now. You're welcome (or sorry, depending on your perspective).

The craziest part? It actually works. Like, right now. Today. Clone the repo, add it to Claude Desktop, and watch your AI spend money. The future is weird and we're here for it.

How We Built AutoToll: The Nitty-Gritty The Core Hack: MCP + Crypto

The biggest challenge was that MCP (Model Context Protocol) has zero native support for payments. It's just a protocol for giving AI tools. So we did something crazy - we embedded an entire crypto wallet inside the MCP server. When Claude starts up, it literally gets its own wallet with a mnemonic phrase stored in the config.

// This runs inside Claude's MCP environment const wallet = mnemonicToAccount(MNEMONIC) const paymentFetch = wrapFetchWithPayment({ wallet, provider: "base-sepolia" })

The x402 Protocol Implementation

We implemented Coinbase's x402 protocol - a modern take on HTTP 402 Payment Required that enables automatic micropayments for API access. This was perfect for our use case:

1. Client requests API → Server returns 402 with payment details
2. Client signs a USDC transfer authorization
3. Server verifies the signature and processes on-chain
4. API response delivered

The hacky part? We modified the x402-fetch library to handle binary responses (images, audio) by detecting content-type headers and saving them to disk, then passing file paths back to Claude. MCP can't handle raw binary data, so this was our workaround.

The Three-Layer Architecture

Layer 1: MCP Server (packages/mcp)

• Built with Bun and TypeScript
• Uses viem for wallet management
• Implements 5 MCP tools: wallet_info, list_apis, api_info, call_api, generate_wallet
• The wild part: we store the wallet mnemonic in Claude's config file as plaintext (hackathon things 🤷)

Layer 2: Gateway Server (packages/server)

• Hono framework on Bun (because Express is for boomers)
• PostgreSQL with Drizzle ORM for API registry
• Two proxy endpoints: /proxy (free) and /paid-proxy (x402 enabled)
• Auth injection system that handles Bearer tokens, API keys, and query params

Layer 3: Payment Layer

• USDC on Base Sepolia (contract: 0x036CbD53842c5426634e7929541eC2318f3dCF7e)
• We fork transactions for parallel processing to speed things up
• Batch payment verification to reduce RPC calls

The Hacky Parts Worth Mentioning

Binary File Handling MCP tools can only return JSON, but APIs return images, audio, PDFs. Our solution: if (contentType?.includes('audio') || contentType?.includes('image')) { const buffer = await response.arrayBuffer() const file = await saveBinaryToFile(buffer, contentType, apiId) return { type: 'binary_file', path: file.downloadPath, instructions: 'Use Read tool to view this file' } }

Auth Injection Magic Every API has different auth methods. We built a universal injector: switch(endpoint.authType) { case 'bearer': headers.set('Authorization', Bearer ${key}) case 'query_param': url.searchParams.set(authKey, authValue) case 'header': headers.set(customHeader, apiKey) }

The Double Proxy Pattern We proxy twice - once from MCP to our gateway, then from gateway to the target API. This lets us:

• Hide API keys from the AI
• Process payments transparently
• Transform responses for MCP compatibility
• Track usage metrics

Partner Technologies That Saved Us

Coinbase Developer Platform (CDP)

• Their x402 protocol was exactly what we needed for micropayments
• x402-fetch and x402-hono libraries handled the payment flow beautifully
• CDP's vision of HTTP-native payments aligned perfectly with our API marketplace
• Their USDC testnet faucet was clutch for testing

Base Sepolia

• 2-second block times made demos actually watchable
• Cheap enough that we could test with real money
• USDC contract just worked™

Bun Runtime

• 10x faster than Node for our proxy server
• Native TypeScript execution (no build step during dev)
• Built-in test runner saved hours of setup

The "Oh Shit" Moments

1. MCP can't handle streaming responses - Had to buffer everything in memory
2. Claude Desktop caches MCP responses - Added timestamp params to bust cache
3. USDC has 6 decimals, not 18 - Lost some testnet tokens learning this
4. PostgreSQL in Docker kept dying - Switched to Supabase last minute

Database Schema Evolution

Started simple, got complex real fast: -- Started with this endpoints (id, url, price)

-- Ended with this monster endpoints (id, name, targetUrl, authType, authKey, authValue, walletAddress, price, requiresPayment, metadata) wallets (apiKey, accountAddress, balanceCache, totalSpent) apiCalls (id, endpointId, cost, txHash, timestamp) mcpSessions (sessionId, apiKey, state, expiresAt)

Performance Hacks

• Cached wallet balances to avoid RPC calls
• Parallel API discovery using Promise.all()
• Connection pooling for PostgreSQL
• Lazy-loaded dependencies in MCP server

The Deploy Story

We run three services:

1. MCP server (runs locally in Claude Desktop)
2. Gateway server (Bun server on port 3000)
3. PostgreSQL (Supabase cloud)

The beautiful hack? Everything runs on a single bun dev command using Turborepo.

Stuff We're Not Proud Of (But It Works)

• Mnemonics in config files (don't do this in prod)
• No rate limiting (Claude could drain the wallet)
• SQL injection possible in search (we know, we know)
• Binary files saved to /tmp (fills up eventually)
• No transaction retry logic (if it fails, it fails)

The Magic Moment

When Claude successfully paid $0.0011 for a Chuck Norris joke at 3 AM, we knew we had something special. The transaction hash was real, the money moved, and an AI had just become economically autonomous. The x402 protocol made it seamless - no complex wallet interactions, just HTTP requests with automatic payment.

Built in 24 hours fueled by Red Bull and the absurd idea that AI agents deserve financial freedom. Sometimes the best hacks are the ones that shouldn't work but do.