Node SDK 参考#
包#
| 包 | 描述 |
|---|---|
@okxweb3/x402-core | 核心:客户端、服务端、facilitator、类型 |
@okxweb3/x402-evm | EVM 机制:exact、aggr_deferred |
@okxweb3/x402-express | Express 中间件(卖方) |
@okxweb3/x402-next | Next.js 中间件(卖方) |
@okxweb3/x402-hono | Hono 中间件(卖方) |
@okxweb3/x402-fastify | Fastify 中间件(卖方) |
@okxweb3/x402-fetch | Fetch 包装器(买方) |
@okxweb3/x402-axios | Axios 包装器(买方) |
@okxweb3/x402-mcp | MCP 集成 |
@okxweb3/x402-paywall | 浏览器付费墙 UI |
@okxweb3/x402-extensions | 协议扩展 |
核心类型#
Network#
typescript
type Network = `${string}:${string}`;
// CAIP-2 format, e.g., "eip155:196", "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp"
Money / Price / AssetAmount#
typescript
type Money = string | number;
// User-friendly amount, e.g., "$0.01", "0.01", 0.01
type AssetAmount = {
asset: string; // Token contract address
amount: string; // Amount in token's smallest unit (e.g., "10000" for 0.01 USDC)
extra?: Record<string, unknown>; // Scheme-specific data (e.g., EIP-712 domain)
};
type Price = Money | AssetAmount;
// Either a user-friendly amount or a specific token amount
ResourceInfo#
typescript
interface ResourceInfo {
url: string; // Resource URL path
description?: string; // Human-readable description
mimeType?: string; // Response content type (e.g., "application/json")
}
PaymentRequirements#
描述卖方接受的支付方式。
typescript
type PaymentRequirements = {
scheme: string; // Payment scheme: "exact" | "aggr_deferred"
network: Network; // CAIP-2 network identifier
asset: string; // Token contract address
amount: string; // Price in token's smallest unit
payTo: string; // Recipient wallet address
maxTimeoutSeconds: number; // Payment authorization validity window
extra: Record<string, unknown>; // Scheme-specific data
};
各 scheme 的 extra 字段:
| Scheme | Extra 字段 | Type | 描述 |
|---|---|---|---|
exact (EIP-3009) | extra.eip712.name | string | EIP-712 域名称(例如 "USD Coin") |
exact (EIP-3009) | extra.eip712.version | string | EIP-712 域版本(例如 "2") |
PaymentRequired#
发送给客户端的 HTTP 402 响应体。
typescript
type PaymentRequired = {
x402Version: number; // Protocol version (currently 2)
error?: string; // Optional error message
resource: ResourceInfo; // Protected resource metadata
accepts: PaymentRequirements[]; // List of accepted payment options
extensions?: Record<string, unknown>; // Extension data (e.g., Bazaar)
};
PaymentPayload#
客户端在重试请求中提交的签名支付。
typescript
type PaymentPayload = {
x402Version: number; // Must match server's version
resource?: ResourceInfo; // Optional resource reference
accepted: PaymentRequirements; // The chosen payment option from `accepts`
payload: Record<string, unknown>; // Scheme-specific signed data (see below)
extensions?: Record<string, unknown>; // Extension data
};
各 scheme 的 payload 字段:
exact (EIP-3009) 的 payload:
typescript
{
signature: `0x${string}`; // EIP-712 signature
authorization: {
from: `0x${string}`; // Buyer wallet address
to: `0x${string}`; // Seller wallet address
value: string; // Amount in smallest unit
validAfter: string; // Unix timestamp (start validity)
validBefore: string; // Unix timestamp (end validity)
nonce: `0x${string}`; // 32-byte unique nonce
};
}
aggr_deferred 的 payload:
typescript
{
signature: `0x${string}`; // Session key signature
authorization: { /* same as EIP-3009 */ };
// acceptedExtraOverrides includes sessionCert
}
VerifyResponse#
typescript
type VerifyResponse = {
isValid: boolean; // Whether signature is valid
invalidReason?: string; // Machine-readable reason code
invalidMessage?: string; // Human-readable error message
payer?: string; // Recovered payer address
extensions?: Record<string, unknown>;
};
SettleResponse#
typescript
type SettleResponse = {
success: boolean; // Whether settlement succeeded
status?: "pending" | "success" | "timeout"; // OKX extension
errorReason?: string; // Machine-readable error code
errorMessage?: string; // Human-readable error message
payer?: string; // Payer address
transaction: string; // On-chain transaction hash (empty for aggr_deferred)
network: Network; // Settlement network
amount?: string; // Actual settled amount (may differ for "upto")
extensions?: Record<string, unknown>;
};
SupportedKind / SupportedResponse#
typescript
type SupportedKind = {
x402Version: number;
scheme: string;
network: Network;
extra?: Record<string, unknown>;
};
type SupportedResponse = {
kinds: SupportedKind[];
extensions: string[]; // Supported extension keys
signers: Record<string, string[]>; // CAIP family → signer addresses
};
服务端 API (x402ResourceServer)#
构造函数#
typescript
import { x402ResourceServer } from "@okxweb3/x402-core/server";
const server = new x402ResourceServer(facilitatorClients?);
// facilitatorClients: FacilitatorClient | FacilitatorClient[]
register(network, server)#
注册服务端 scheme。可链式调用。
typescript
server
.register("eip155:84532", new ExactEvmScheme())
.register("eip155:196", new AggrDeferredEvmScheme());
registerExtension(extension)#
typescript
interface ResourceServerExtension {
key: string;
enrichDeclaration?: (declaration: unknown, transportContext: unknown) => unknown;
enrichPaymentRequiredResponse?: (
declaration: unknown,
context: PaymentRequiredContext,
) => Promise<unknown>;
enrichSettlementResponse?: (
declaration: unknown,
context: SettleResultContext,
) => Promise<unknown>;
}
initialize()#
从 facilitator 获取支持的 kinds。在启动时调用一次。
typescript
await server.initialize();
buildPaymentRequirements(config) → PaymentRequirements[]#
typescript
interface ResourceConfig {
scheme: string; // "exact" | "aggr_deferred" | "upto"
payTo: string; // Recipient wallet address
price: Price; // "$0.01" or AssetAmount
network: Network; // "eip155:196"
maxTimeoutSeconds?: number; // Default: 300
extra?: Record<string, unknown>;
}
const reqs = await server.buildPaymentRequirements({
scheme: "exact",
payTo: "0xSeller",
price: "$0.01",
network: "eip155:196",
});
buildPaymentRequirementsFromOptions(options, context) → PaymentRequirements[]#
动态定价和 payTo。函数接收 context 参数。
typescript
const reqs = await server.buildPaymentRequirementsFromOptions(
[
{
scheme: "exact",
network: "eip155:196",
payTo: (ctx) => ctx.sellerId === "A" ? "0xWalletA" : "0xWalletB",
price: (ctx) => ctx.premium ? "$0.10" : "$0.01",
},
],
requestContext
);
verifyPayment(payload, requirements) → VerifyResponse#
typescript
const result = await server.verifyPayment(paymentPayload, requirements);
// result.isValid: boolean
settlePayment(payload, requirements, ...) → SettleResponse#
typescript
const result = await server.settlePayment(
paymentPayload,
requirements,
declaredExtensions?, // Extension data from 402 response
transportContext?, // HTTP transport context
settlementOverrides?, // { amount: "$0.05" } for upto scheme
);
服务端生命周期钩子#
| 钩子 | 上下文 | 可中止/恢复 |
|---|---|---|
onBeforeVerify | { paymentPayload, requirements } | { abort: true, reason, message? } |
onAfterVerify | { paymentPayload, requirements, result } | 否 |
onVerifyFailure | { paymentPayload, requirements, error } | { recovered: true, result } |
onBeforeSettle | { paymentPayload, requirements } | { abort: true, reason, message? } |
onAfterSettle | { paymentPayload, requirements, result, transportContext? } | 否 |
onSettleFailure | { paymentPayload, requirements, error } | { recovered: true, result } |
typescript
server.onBeforeVerify(async (ctx) => {
// Log or gate verification
});
server.onAfterSettle(async (ctx) => {
console.log(`Settled: ${ctx.result.transaction} on ${ctx.result.network}`);
});
server.onSettleFailure(async (ctx) => {
if (ctx.error.message.includes("timeout")) {
return { recovered: true, result: { success: true, transaction: "", network: "eip155:196" } };
}
});
HTTP 资源服务器 (x402HTTPResourceServer)#
更高层的封装,处理路由匹配、付费墙和 HTTP 特定逻辑。
构造函数#
typescript
import { x402HTTPResourceServer } from "@okxweb3/x402-core/http";
const httpServer = new x402HTTPResourceServer(resourceServer, routes);
RoutesConfig#
typescript
type RoutesConfig = Record<string, RouteConfig> | RouteConfig;
interface RouteConfig {
accepts: PaymentOption | PaymentOption[]; // Accepted payment methods
resource?: string; // Override resource name
description?: string; // Human-readable description
mimeType?: string; // Response MIME type
customPaywallHtml?: string; // Custom HTML for browser 402 page
unpaidResponseBody?: (ctx: HTTPRequestContext) => HTTPResponseBody | Promise<HTTPResponseBody>;
settlementFailedResponseBody?: (ctx, result) => HTTPResponseBody | Promise<HTTPResponseBody>;
extensions?: Record<string, unknown>;
}
interface PaymentOption {
scheme: string; // "exact" | "aggr_deferred" | "upto"
payTo: string | DynamicPayTo; // Static or dynamic recipient
price: Price | DynamicPrice; // Static or dynamic price
network: Network;
maxTimeoutSeconds?: number;
extra?: Record<string, unknown>;
}
// Dynamic functions receive HTTPRequestContext
type DynamicPayTo = (context: HTTPRequestContext) => string | Promise<string>;
type DynamicPrice = (context: HTTPRequestContext) => Price | Promise<Price>;
onSettlementTimeout(hook)#
typescript
type OnSettlementTimeoutHook = (txHash: string, network: string) => Promise<{ confirmed: boolean }>;
httpServer.onSettlementTimeout(async (txHash, network) => {
// Custom recovery logic
return { confirmed: false };
});
onProtectedRequest(hook)#
typescript
type ProtectedRequestHook = (
context: HTTPRequestContext,
routeConfig: RouteConfig,
) => Promise<void | { grantAccess: true } | { abort: true; reason: string }>;
httpServer.onProtectedRequest(async (ctx, config) => {
// Grant free access for certain users
if (ctx.adapter.getHeader("x-api-key") === "internal") {
return { grantAccess: true };
}
});
中间件参考#
Express (@okxweb3/x402-express)#
typescript
import {
paymentMiddleware,
paymentMiddlewareFromConfig,
paymentMiddlewareFromHTTPServer,
setSettlementOverrides,
} from "@okxweb3/x402-express";
// From pre-configured server (recommended)
app.use(paymentMiddleware(routes, server, paywallConfig?, paywall?, syncFacilitatorOnStart?));
// From config (creates server internally)
app.use(paymentMiddlewareFromConfig(routes, facilitatorClients?, schemes?, paywallConfig?, paywall?, syncFacilitatorOnStart?));
// From HTTP server (most control)
app.use(paymentMiddlewareFromHTTPServer(httpServer, paywallConfig?, paywall?, syncFacilitatorOnStart?));
// Settlement override in handler (for "upto" scheme)
app.post("/api/generate", (req, res) => {
setSettlementOverrides(res, { amount: "$0.05" });
res.json({ result: "..." });
});
| Parameter | Type | Default | 描述 |
|---|---|---|---|
routes | RoutesConfig | 必填 | 路由到支付配置的映射 |
server | x402ResourceServer | 必填 | 预配置的资源服务器 |
paywallConfig | PaywallConfig | undefined | 浏览器付费墙设置 |
paywall | PaywallProvider | undefined | 自定义付费墙渲染器 |
syncFacilitatorOnStart | boolean | true | 在首次请求时获取支持的 kinds |
Next.js (@okxweb3/x402-next)#
typescript
import {
paymentProxy,
paymentProxyFromConfig,
paymentProxyFromHTTPServer,
withX402,
withX402FromHTTPServer,
} from "@okxweb3/x402-next";
// As global middleware (middleware.ts)
const proxy = paymentProxy(routes, server, paywallConfig?, paywall?, syncFacilitatorOnStart?);
export async function middleware(request: NextRequest) { return proxy(request); }
export const config = { matcher: ["/api/:path*"] };
// Per-route wrapper (app/api/data/route.ts)
export const GET = withX402(handler, routeConfig, server, paywallConfig?, paywall?, syncFacilitatorOnStart?);
export const GET = withX402FromHTTPServer(handler, httpServer, paywallConfig?, paywall?, syncFacilitatorOnStart?);
Hono (@okxweb3/x402-hono)#
typescript
import { paymentMiddleware, paymentMiddlewareFromConfig, paymentMiddlewareFromHTTPServer } from "@okxweb3/x402-hono";
app.use("/*", paymentMiddleware(routes, server, paywallConfig?, paywall?, syncFacilitatorOnStart?));
Fastify (@okxweb3/x402-fastify)#
typescript
import { paymentMiddleware, paymentMiddlewareFromConfig, paymentMiddlewareFromHTTPServer } from "@okxweb3/x402-fastify";
// NOTE: Fastify registers hooks directly, returns void
paymentMiddleware(app, routes, server, paywallConfig?, paywall?, syncFacilitatorOnStart?);
EVM 机制类型#
ExactEvmScheme(服务端)#
typescript
import { ExactEvmScheme } from "@okxweb3/x402-evm";
const scheme = new ExactEvmScheme(); // No constructor args for server-side
scheme.scheme; // "exact"
// Automatically handles price parsing, EIP-712 domain injection
AggrDeferredEvmScheme(服务端)#
typescript
import { AggrDeferredEvmScheme } from "@okxweb3/x402-evm/deferred/server";
const scheme = new AggrDeferredEvmScheme();
scheme.scheme; // "aggr_deferred"
// Delegates to ExactEvmScheme for price parsing
客户端 API(买方)#
买方包会自动处理 402 Payment Required 响应:解析支付要求 → 通过配置的 EVM scheme 签名支付 payload → 携带 PAYMENT 头重发请求。
按你已用的 HTTP 客户端选择对应包:
| 包 | 包装对象 | 适用场景 |
|---|---|---|
@okxweb3/x402-axios | AxiosInstance | 已有 Axios 代码库;需要使用拦截器 / 实例配置 |
@okxweb3/x402-fetch | globalThis.fetch | 基于 fetch 的运行时(浏览器、Edge、Node 18+) |
两者的 API 形态一致:wrapXxxWithPayment(client_or_fetch, x402Client) 与 wrapXxxWithPaymentFromConfig(client_or_fetch, config)。
Axios — @okxweb3/x402-axios#
bash
npm install @okxweb3/x402-axios @okxweb3/x402-evm @okxweb3/x402-core axios
typescript
import axios from "axios";
import { wrapAxiosWithPaymentFromConfig } from "@okxweb3/x402-axios";
import { ExactEvmScheme, toClientEvmSigner } from "@okxweb3/x402-evm";
import { createWalletClient, http } from "viem";
import { privateKeyToAccount } from "viem/accounts";
import { xLayer } from "viem/chains";
// 用买家私钥构造 viem signer
const signer = toClientEvmSigner(
createWalletClient({
account: privateKeyToAccount(process.env.EVM_PRIVATE_KEY as `0x${string}`),
chain: xLayer,
transport: http(),
}),
);
const api = wrapAxiosWithPaymentFromConfig(axios.create(), {
schemes: [
{
network: "eip155:196", // X Layer;用 "eip155:*" 可匹配任意 EVM 链
client: new ExactEvmScheme(signer),
},
],
});
// 402 → 签名 → 重发,对调用方完全透明
const response = await api.get("https://api.example.com/paid-endpoint");
Fetch — @okxweb3/x402-fetch#
bash
npm install @okxweb3/x402-fetch @okxweb3/x402-evm @okxweb3/x402-core
typescript
import { wrapFetchWithPaymentFromConfig } from "@okxweb3/x402-fetch";
import { ExactEvmScheme, toClientEvmSigner } from "@okxweb3/x402-evm";
import { createWalletClient, http } from "viem";
import { privateKeyToAccount } from "viem/accounts";
import { xLayer } from "viem/chains";
const signer = toClientEvmSigner(
createWalletClient({
account: privateKeyToAccount(process.env.EVM_PRIVATE_KEY as `0x${string}`),
chain: xLayer,
transport: http(),
}),
);
const fetchWithPayment = wrapFetchWithPaymentFromConfig(fetch, {
schemes: [
{
network: "eip155:196",
client: new ExactEvmScheme(signer),
},
],
});
const response = await fetchWithPayment("https://api.example.com/paid-endpoint");
使用 x402Client 的 builder 模式#
需要注册多个 scheme / 网络,或在多个 transport 间共享同一客户端时,使用显式 builder。
typescript
import axios from "axios";
import { wrapAxiosWithPayment, x402Client } from "@okxweb3/x402-axios";
import { ExactEvmScheme, toClientEvmSigner } from "@okxweb3/x402-evm";
const client = new x402Client()
.register("eip155:196", new ExactEvmScheme(signer));
const api = wrapAxiosWithPayment(axios.create(), client);
x402Client 也由 @okxweb3/x402-fetch 重新导出,同一实例可同时供两种 transport 使用。
读取支付回执#
请求重发成功后,服务端会在响应头返回 PAYMENT-RESPONSE,包含链上回执(txHash、实际结算金额等)。用 decodePaymentResponseHeader 解码:
typescript
import { decodePaymentResponseHeader } from "@okxweb3/x402-axios"; // 或 "@okxweb3/x402-fetch"
// Axios
const paymentResponse = response.headers["payment-response"];
// Fetch
// const paymentResponse = response.headers.get("PAYMENT-RESPONSE");
if (paymentResponse) {
const receipt = decodePaymentResponseHeader(paymentResponse);
console.log("支付回执:", receipt);
}
x402ClientConfig#
| 字段 | 类型 | 描述 |
|---|---|---|
schemes | SchemeRegistration[] | 必填。每一项把 network(如 "eip155:196"、"eip155:*")与 scheme 客户端(如 new ExactEvmScheme(signer))配对。 |
policies | PaymentPolicy[] | 可选。见下方 Policies,按顺序对 accepts 进行过滤 / 转换。 |
paymentRequirementsSelector | SelectPaymentRequirements | 可选。从过滤后的列表中挑选最终一项。默认 (version, accepts) => accepts[0]。 |
选择流水线(Selection Pipeline)#
收到 402 后,客户端按三步决定签哪一项:
- 按已注册的 scheme 过滤 —— 只保留
network+scheme都已通过register()注册的accepts。 - 按顺序应用 policies —— 每个
PaymentPolicy进一步过滤 / 转换列表。 - selector 选择 —— 从过滤后的列表中选出最终要签名的那一项。
第 1 或第 2 步留空数组时客户端直接抛错——不会发起签名。
Policies — PaymentPolicy#
typescript
type PaymentPolicy = (
x402Version: number,
paymentRequirements: PaymentRequirements[],
) => PaymentRequirements[];
policy 是个纯函数:拿当前 accepts,返回过滤后的子集(或转换后的副本)。常用场景:金额上限、网络白名单、scheme 偏好等。
typescript
import {
wrapAxiosWithPaymentFromConfig,
type PaymentPolicy,
} from "@okxweb3/x402-axios";
// 拒绝单笔超过 1 USDT(1_000_000 原子单位,6 位小数)的支付
const maxAmountPolicy: PaymentPolicy = (_version, reqs) =>
reqs.filter(r => BigInt(r.amount) <= 1_000_000n);
// 仅允许 X Layer 主网
const xLayerOnlyPolicy: PaymentPolicy = (_version, reqs) =>
reqs.filter(r => r.network === "eip155:196");
// 同时提供两种 scheme 时优先选 "exact"
const preferExactPolicy: PaymentPolicy = (_version, reqs) => {
const exact = reqs.filter(r => r.scheme === "exact");
return exact.length > 0 ? exact : reqs;
};
const api = wrapAxiosWithPaymentFromConfig(axios.create(), {
schemes: [{ network: "eip155:196", client: new ExactEvmScheme(signer) }],
policies: [maxAmountPolicy, xLayerOnlyPolicy, preferExactPolicy],
});
policies 按数组顺序运行,把"收紧"型 policy(金额上限、白名单)放前面,"偏好"型 policy 放后面。
自定义 selector — SelectPaymentRequirements#
typescript
type SelectPaymentRequirements = (
x402Version: number,
paymentRequirements: PaymentRequirements[],
) => PaymentRequirements;
selector 在 policies 之后运行。当过滤后仍剩多项需要明确的挑选逻辑(如选最便宜)时使用:
typescript
const cheapestFirst: SelectPaymentRequirements = (_version, reqs) =>
[...reqs].sort((a, b) => Number(BigInt(a.amount) - BigInt(b.amount)))[0];
const api = wrapAxiosWithPaymentFromConfig(axios.create(), {
schemes: [{ network: "eip155:*", client: new ExactEvmScheme(signer) }],
paymentRequirementsSelector: cheapestFirst,
});
生命周期钩子(Lifecycle Hooks)#
x402Client 提供三个生命周期钩子,用于埋点、最后一道闸门、错误恢复。用 builder 形式注册:
typescript
import { wrapAxiosWithPayment, x402Client } from "@okxweb3/x402-axios";
import { ExactEvmScheme } from "@okxweb3/x402-evm";
const client = new x402Client()
.register("eip155:196", new ExactEvmScheme(signer))
// 1. 签名前 —— 可整体中止支付
.onBeforePaymentCreation(async ({ paymentRequired, selectedRequirements }) => {
const tooExpensive = BigInt(selectedRequirements.amount) > 5_000_000n;
if (tooExpensive) {
return { abort: true, reason: "金额超出买家策略上限" };
}
})
// 2. 签名成功后 —— 仅观察(日志、埋点)
.onAfterPaymentCreation(async ({ paymentPayload }) => {
console.log("已签名 payload nonce:", paymentPayload.payload?.authorization?.nonce);
})
// 3. 签名失败时 —— 可返回手动构造的 payload 进行恢复
.onPaymentCreationFailure(async ({ error }) => {
console.error("payment 创建失败:", error.message);
// return { recovered: true, payload: fallbackPayload };
});
const api = wrapAxiosWithPayment(axios.create(), client);
| 钩子 | 触发时机 | 返回语义 |
|---|---|---|
onBeforePaymentCreation | 选择完成、scheme 签名前 | 返回 void 继续 · 返回 { abort: true, reason } 取消并 reject |
onAfterPaymentCreation | scheme 返回签名后的 payload 后 | 仅 void(仅观察,不可改) |
onPaymentCreationFailure | scheme 签名时抛错 | 返回 void 继续抛错 · 返回 { recovered: true, payload } 用替代 payload 恢复 |
同一阶段内的钩子按注册顺序执行。
客户端扩展 — registerExtension#
当 PaymentRequired 响应里带 extensions 字段、需要 scheme 相关的 payload 增强(如 Gas 代付的 permit 签名)时使用。enrichPaymentPayload 只会在 paymentRequired.extensions 中包含同名 key 时被触发。
typescript
client.registerExtension({
key: "eip2612GasSponsoring",
async enrichPaymentPayload(payload, paymentRequired) {
// 签 EIP-2612 permit,挂在 payload.extensions 上
return { ...payload, extensions: { ...payload.extensions, /* ... */ } };
},
});