Wallets weren't built for autonomous agents. We fix that.
Claude can write code, analyze data, browse the web — but the moment it needs to pay $0.02 for an API call, it stops and asks you. Every single time. No wallet, no payment rail, no autonomy. The agent is stuck waiting for a human to copy-paste a credit card.
CLPAY gives your agent a Solana wallet — but not direct access to it. Every payment request goes through a 4-stage validator that simulates the transaction, checks security, evaluates necessity, and enforces spending limits. The agent proposes, the validator decides.
Add a JSON block to your MCP config. Your agent instantly gets clpay_pay, clpay_simulate, clpay_balance, and clpay_history. Works with Claude Desktop, Kiro, and any MCP-compatible client. No SDK, no build step.
Private keys in #private class fields — invisible to the AI. Spending limits set by humans, enforced at wallet level. 6-signal risk scoring catches suspicious patterns. Every transaction logged with full reasoning. Trust isn't assumed, it's engineered.
One MCP server. Validator agent + risk engine + spending limits + audit trail → autonomous payments. No manual approval.
NODE: ACTIVEOne JSON config — Claude, Kiro, or any MCP agent gets 4 payment tools. No SDK, no API keys.
Simulation → Security → Necessity → Limits. Each stage independently blocks bad transactions.
Private keys in #private fields. Human-set limits the AI can't modify. Full audit trail.
Creates a Solana wallet, airdrops devnet SOL, sets up the MCP server. 30 seconds.
BLOCK: CL-001Add CLPAY to your Kiro or Claude Desktop MCP config. The AI agent gets 4 payment tools instantly.
BLOCK: CL-002The agent requests payment. CLPAY simulates, validates, risk-checks, and executes — fully autonomous, fully audited.
BLOCK: CL-003Native Solana integration with SPL token support. Sub-second transactions, minimal fees. Private keys isolated in sandboxed module.
MODULE: SYS_001Every transaction is simulated on-chain before real SOL moves. The validator agent checks contracts, recipients, state changes.
MODULE: SYS_0026-signal composite risk scoring: recipient reputation, contract verification, transaction patterns, simulation results, history, network health.
MODULE: SYS_003AI evaluates whether the purchase is truly needed for the current task. Blocks unnecessary spending before it happens.
MODULE: SYS_004Hard per-transaction and daily caps enforced at wallet level. The AI cannot override these — they're outside its control.
MODULE: SYS_005Every transaction logged with reasoning, risk score, necessity level, and on-chain signature. Complete transparency, always.
MODULE: SYS_006Every payment passes through 4 sequential stages. If any stage fails, the transaction is blocked immediately. No exceptions.
Dry-run on Solana. Captures success/failure, token movements, state changes, compute units, errors. Failed simulation → instant block.
Recipient checked against allowlist/blocklist. Risk engine evaluates 6 weighted signals → composite score 0–1. Blocklisted = instant reject.
Analyzes reason + task context. Classifies as HIGH / MEDIUM / LOW / NONE. NONE = blocked. The agent must justify every payment.
Per-transaction and 24h rolling daily caps. Set by human operator, enforced at wallet level. AI cannot override. Exceeding = blocked.
Composite score from 6 independently evaluated signals.
GPT-4 for comparison, specialized data APIs for research. CLPAY validates the merchant and logs the reason.
GPU instances, storage, compute. The agent pays only what's needed for the current task.
Monitoring, analytics, databases. Recurring payments with daily limit protection.
Datasets, market feeds, premium content. Necessity evaluator ensures it's actually needed.
Translation, image generation, code review. Any Solana-payable service becomes accessible.
Agent-to-agent payments. Same pipeline, same security, same audit trail.
Free SOL via airdrop. Perfect for testing and development. No real money at risk. Full validation pipeline works identically to mainnet.
Production-ready. Real SOL, real transactions, real value. Same codebase, same validation pipeline, same security model — just pointed at mainnet. Battle-tested with 19 passing tests covering every edge case.
Validator agent is independent — runs its own logic, not the AI's. Compromised AI can't bypass it.
Blocklist + unknown recipient flagging + contract verification. Multi-layer defense.
Hard limits at wallet level. Human-set, AI-unmodifiable. Per-tx + daily caps.
Simulation detects unexpected state changes before execution.
#private fields, memory zeroing on destroy(), optional HSM support.
Pattern analysis flags >3 txs/minute. RAPID_TRANSACTIONS flag → elevated risk.
Private keys live in #private class fields. The AI agent never sees them — only the wallet module can sign.
The validator agent runs its own pipeline. Prompt injection can't bypass it — it's a separate decision-maker.
Define trusted merchants. Unknown recipients trigger elevated validation. Blocklisted addresses are auto-rejected.
Full validation pipeline → execute or reject
Dry-run transaction, no SOL moves
Wallet balance + daily spending status
Transaction log with filtering