The agent payment gateway for Stellar. x402 or MPP — your agent doesn't need to know.
Website · Live Demo · npm · Documentation
Real USDC payments on Stellar testnet. Smart routing between x402 and MPP. Claude Desktop MCP integration.
Stellect is a payment SDK for AI agents on Stellar. It detects whether a service accepts x402 (Coinbase) or MPP (Stripe + Tempo), routes the payment through the correct protocol, and settles in USDC — all from a single function call.
import { X402Client } from '@stellect/core';
import { Keystore } from '@stellect/wallet-native';
const wallet = new Keystore();
const client = new X402Client({ signer: wallet.getSigner('my-agent'), network: 'stellar:testnet' });
// One call. Protocol detected. Payment settled on Stellar.
const weather = await client.request('https://api.stellect.xyz/api/weather?city=Istanbul');
// → x402 detected → $0.001 USDC paid → data returned ✓
const price = await client.request('https://api.stellect.xyz/api/crypto-price?symbol=XLM');
// → MPP detected → $0.002 USDC paid → data returned ✓Two payment protocols exist for AI agents on Stellar:
- x402 (Coinbase) — per-request stablecoin payments over HTTP 402
- MPP (Stripe + Tempo) — session-based machine payment protocol
Both settle on Stellar. But they have different APIs, different SDKs, and different payment flows.
If you're building an AI agent, you shouldn't need to integrate both. You shouldn't need to know which protocol a service uses. You just need your agent to pay and get data.
That's what Stellect does.
| Without Stellect | With Stellect | |
|---|---|---|
| SDKs to integrate | 2 (x402 + MPP) | 1 |
| Protocol detection | Manual per-service | Automatic |
| Lines of code to pay | ~30 | 1 |
| Service changes protocol | Rewrite integration | Nothing changes |
| Key management | DIY | AES-256-GCM keystore |
| Budget enforcement | None | On-chain (Soroban) |
Your Agent Stellect SDK Stellar Network
│ │ │
│ client.request() │ │
│─────────────────────>│ │
│ │ │
│ │ 1. Discover service │
│ │ 2. Detect protocol │
│ │ (x402 or MPP) │
│ │ 3. Check budget │
│ │ (Soroban contract) │
│ │ 4. Sign payment │
│ │ (AES-256-GCM) │
│ │ │
│ │ Settle USDC ──────────>│
│ │ │
│ │<──── Confirmed ─────────│
│ │ │
│<── { data } ────────│ │
│ │ │
Your code: 1 function. Stellect handles: discovery, detection, budget, signing, routing. Stellar handles: settlement.
Detects whether a service accepts x402 or MPP and routes the payment automatically. Your agent code never changes, even when services switch protocols.
Traditional agent wallets keep private keys in memory or plaintext config files. Stellect uses a policy-before-decrypt architecture:
┌─ Payment Request ─────────────────────────────┐
│ │
│ 1. Budget check (Soroban) ──→ Allowed? │
│ └─ If denied: key is NEVER touched │
│ │
│ 2. Key decrypt (AES-256-GCM) ──→ Isolated │
│ └─ Key exists only in signing scope │
│ │
│ 3. Sign transaction ──→ Broadcast │
│ │
│ 4. Key wipe ──→ Zeroed from memory │
│ └─ Key is gone. Not garbage collected. │
│ Actively overwritten. │
│ │
└────────────────────────────────────────────────┘
The wallet keystore is encrypted at rest with AES-256-GCM. The passphrase is never stored — it's provided via environment variable at runtime. If the Soroban budget policy denies the payment, the private key is never decrypted at all.
// The wallet interface is intentionally minimal
interface StellarWalletProvider {
getPublicKey(): Promise<string>;
signTransaction(tx: Transaction): Promise<Transaction>;
getBalance(): Promise<{ native: string; usdc: string }>;
}Two implementations:
@stellect/wallet— Pure interface, zero dependencies. Bring your own signer.@stellect/wallet-native— Full implementation with AES-256-GCM keystore, used in production.
Agent wallets without spending limits are a liability. Stellect enforces budgets on-chain via a Soroban smart contract — not in application code that can be bypassed.
// contracts/budget-policy/src/lib.rs
pub fn check_spend(
env: Env,
agent: Address,
amount: i128,
asset: Address,
) -> bool {
let policy = get_policy(&env, &agent);
let today_spent = get_daily_total(&env, &agent);
// Hard limits enforced by the blockchain
if amount > policy.max_per_tx { return false; }
if today_spent + amount > policy.daily_limit { return false; }
// Log and approve
record_spend(&env, &agent, amount);
true
}5 contract functions:
set_policy(agent, daily_limit, max_per_tx)— Configure limitscheck_spend(agent, amount, asset)— Verify before paymentget_policy(agent)— Read current policyget_daily_total(agent)— Today's spendingreset_daily(agent)— Admin reset
The budget check happens before key decryption. If the contract says no, the wallet key is never touched. This is enforced by the Stellar network, not by our code.
10 Rust tests covering overflow, multi-agent isolation, daily reset, and unauthorized access.
Open JSON registry of paid services. Agents discover available services, prices, and endpoints via MCP tools or the /api/services REST endpoint.
Stellect ships an MCP (Model Context Protocol) server that gives any AI agent — Claude, GPT, LangChain — the ability to discover and pay for services.
4 MCP tools:
| Tool | Description | Payment |
|---|---|---|
list_services |
Browse available services with prices and endpoints | Free |
call_paid_api |
Pay for and call any service — weather, crypto, AI summary | Paid (USDC) |
check_balance |
Check wallet balance (USDC + XLM) | Free |
get_spending_history |
View recent transactions with tx hashes | Free |
Example conversation with Claude Desktop:
User: What's the weather in Istanbul?
Claude: I'll check the weather for you.
→ Using call_paid_api: /api/weather?city=Istanbul
→ Detecting protocol: x402
→ Paying $0.001 USDC via Stellect...
→ Settled on Stellar (tx: 4430bb6d...)
It's 22°C and partly cloudy in Istanbul right now,
with 55% humidity. Cost: $0.001 USDC on Stellar testnet.
Setup (30 seconds):
{
"mcpServers": {
"stellect": {
"command": "npx",
"args": ["@stellect/mcp-server"],
"env": {
"STELLECT_NETWORK": "testnet",
"STELLECT_PASSPHRASE": "your-passphrase"
}
}
}
}The MCP server uses the same wallet and smart routing as the SDK — agents get protocol detection, budget enforcement, and encrypted signing automatically.
Demo endpoints proxy to real external APIs (OpenWeatherMap, CoinGecko). The x402/MPP paywall sits in front of the proxy. Every payment settles real USDC on Stellar.
| Layer | Protection |
|---|---|
| Wallet encryption | AES-256-GCM at rest, passphrase via env var |
| Key lifecycle | Decrypt → sign → wipe. Key never persists in memory |
| Budget enforcement | Soroban contract checks BEFORE key decryption |
| Signing isolation | Private key exists only in signing function scope |
| Secret management | All secrets via environment variables, never in code |
| Open source | MIT licensed — audit the code yourself |
| Package | Description | npm |
|---|---|---|
@stellect/core |
Smart routing — X402Client, ProtocolBridge, ServiceRegistry, BudgetGuard | |
@stellect/wallet |
Pure TypeScript wallet interface, zero dependencies |  |
@stellect/wallet-native |
AES-256-GCM encrypted keystore with policy-gated signing |  |
@stellect/mcp-server |
MCP server for Claude Desktop and AI agents |  |
demo-apis |
Express server with x402 + MPP middleware and real data endpoints | — |
budget-policy |
Soroban smart contract for on-chain spending limits (Rust) | — |
@stellect/wallet ← pure interface, zero deps
@stellect/wallet-native ← wallet + @stellar/stellar-sdk
@stellect/core ← wallet + @x402/core
@stellect/mcp-server ← core + wallet-native + @modelcontextprotocol/sdk
demo-apis ← @x402/express + @x402/stellar + @stellar/mpp
npm install @stellect/core @stellect/wallet-nativeimport { Keystore } from '@stellect/wallet-native';
// Passphrase from env — never hardcoded
const ks = new Keystore();
const wallet = await ks.createWallet('my-agent');
console.log(wallet.metadata.publicKey); // GBOW6F2G...import { X402Client } from '@stellect/core';
const signer = ks.getSigner('my-agent');
const client = new X402Client({ signer, network: 'stellar:testnet' });
// Stellect detects the protocol and routes automatically
const resp = await client.request('https://api.stellect.xyz/api/weather?city=Istanbul');
const data = await resp.response.json();
console.log(data); // { city: "Istanbul", temperature: 22, ... }Add to ~/Library/Application Support/Claude/claude_desktop_config.json:
{
"mcpServers": {
"stellect": {
"command": "npx",
"args": ["@stellect/mcp-server"],
"env": {
"STELLECT_NETWORK": "testnet",
"STELLECT_PASSPHRASE": "your-wallet-passphrase"
}
}
}
}Then ask Claude: "What's the weather in Istanbul?" — Claude discovers the service via MCP, pays $0.001 USDC through Stellect, and returns real data.
stellect/
├── packages/
│ ├── core/ # Smart routing engine
│ │ ├── x402-client.ts # Coinbase x402 protocol
│ │ ├── bridge.ts # Protocol translation (x402 ↔ MPP)
│ │ ├── service-registry.ts # Service discovery
│ │ └── budget-guard.ts # Soroban budget enforcement
│ ├── wallet/ # Wallet interface (zero deps)
│ ├── wallet-native/ # AES-256-GCM encrypted keystore
│ │ ├── keystore.ts # Encrypt/decrypt/sign
│ │ └── policy-engine.ts # Spending policy + history
│ ├── mcp-server/ # Claude Desktop integration
│ │ └── tools.ts # 4 MCP tools
│ └── demo-apis/ # Express server
│ ├── server.ts # x402 + MPP middleware
│ └── endpoints/ # Weather, crypto, AI summary
├── contracts/
│ └── budget-policy/ # Soroban smart contract (Rust)
│ ├── lib.rs # set_budget, check_budget, record_spend
│ └── test.rs # 10 contract tests
├── apps/
│ └── landing/ # stellect.xyz
└── scripts/ # Wallet import, testnet setup, e2e tests
# All TypeScript tests (63 tests across 4 packages)
npx turbo test
# Soroban contract tests (10 tests)
cd contracts/budget-policy && cargo test
# End-to-end payment test (real Stellar testnet)
npx tsx scripts/test-e2e-payment.ts73 tests total — 63 TypeScript + 10 Soroban Rust.
Try it live → stellect.xyz — click any service card, watch real USDC settle on Stellar testnet.
Three routing modes:
- Smart Route (default) — Stellect auto-detects protocol per service
- Direct x402 — force Coinbase x402 protocol
- Direct MPP — force Stripe MPP protocol
Every payment is real. Every transaction is verifiable on Stellar Explorer.
| Protocol | Transaction | Timestamp |
|---|---|---|
| x402 | e76347990b09389f55357e0a12700932986af3f37aaff82eb02e76b4e6262d96 |
2026-04-05 11:03 UTC |
| MPP | 4430bb6d6f3c8f2856803bbd2f9211962489ffd148b7f4838400da85c0438563 |
2026-04-05 11:15 UTC |
| Smart Route | 4e315fb5ec5471e0a749cfcb7da07f02e622f87b46a1dc32d5bbaa49066a6bda |
2026-04-05 11:01 UTC |
Agent wallet: GBOW6F2GRBFDBUKLP4QDHME6F2Q5QGSHSGXPDTXDAHG5I753E2RJSJFN — 101.93 USDC, 28 transactions settled.
| Stellar | Settlement network — USDC stablecoin |
| x402 | Coinbase payment protocol (per-request) |
| MPP | Stripe + Tempo payment protocol (session-based) |
| OpenZeppelin | x402 facilitator for payment verification |
| Soroban | Smart contracts for on-chain budget enforcement |
| TypeScript | SDK, server, and MCP implementation |
| Rust | Soroban smart contract |
| MCP | Model Context Protocol for AI agent integration |
Next
- XLM native payments
- Additional protocol support as ACP (OpenAI) and AP2 (Google) mature
- Mainnet deployment
Path to Mainnet
Stellect is built on testnet but designed for production. Wallet encryption (AES-256-GCM), Soroban budget contracts, and smart routing logic are all production-ready. Switching to mainnet requires one environment variable change. OpenZeppelin's Built on Stellar facilitator already supports mainnet with zero-fee settlement. No architectural changes needed.
Contributions welcome. Please open an issue first to discuss what you'd like to change.
git clone https://github.com/anilkaracay/stellar-hack.git
cd stellar-hack
npm install
npx turbo build
npx turbo teststellect.xyz · Built by Cayvox Labs
Agents pay. Stellar settles. You control.