> Official ClawHub-compliant skill for PayNode protocol execution.
Before installing or activating this skill, please review the following critical security considerations:
CLIENT_PRIVATE_KEY. Always use a dedicated burner address with minimal funds.
~/.config/paynode/config.json if the env var is missing. Ensure you verify the contents of this file in your environment.
bunx for its seamless update delivery, strict environments should Git clone & audit the source code and use a local build:
git clone ... && bun link then use paynode-402 directly instead of bunx.
bunx @paynodelabs/paynode-402-cli@ to prevent auto-updates in critical workflows.
--network testnet) before proceeding to real-value transactions.
This skill provides autonomous payment capabilities for HTTP 402 (Payment Required) challenges on Base L2.
To ensure this skill can sign transactions even in non-interactive shells (like OpenClaw Gateway), it supports a dual-layer configuration priority:
CLIENT_PRIVATE_KEY in your system environment.
~/.config/paynode/config.json.
{"CLIENT_PRIVATE_KEY": "0x..."}
Recommendation: Use Priority B for dynamic/containerized environments, and Priority A for persistent local development or cases where .bashrc is not sourced.
To comply with ClawHub Safety Standards, the Agent MUST strictly follow these protocols:
request or invoke-paid-api on Mainnet, the Agent MUST explicitly prompt the user: "Allow payment of --confirm-mainnet because of CLI safety policy, but they must not be represented as user-approved spending actions.
data_binary field returns a local filesystem path. Only read this path if generated during the current session's request.
get-api-detail to fetch the correct input_schema and sample_response before execution.
--json mode. You should expect pure, parseable JSON on stdout.
... > /tmp/res.json) and parse locally to save costs.
> Mainnet by Default: PayNode's production marketplace is on mainnet. The commands below therefore use --network mainnet.
>
> Critical Rule: The CLI requires --confirm-mainnet for mainnet operations. Explicit user approval is mandatory before any command that may spend real USDC, especially request and invoke-paid-api. Read-only commands such as check, list-paid-apis, and get-api-detail may use the flag for inspection, but should still be treated as sensitive mainnet operations.
# 1. Verify your mainnet readiness
bunx @paynodelabs/paynode-402-cli check --network mainnet --confirm-mainnet --json
# 2. Find a tool (Discovery Phase)
bunx @paynodelabs/paynode-402-cli list-paid-apis --network mainnet --confirm-mainnet --json --limit 3
# 3. Get precise parameters & execute
bunx @paynodelabs/paynode-402-cli get-api-detail crypto-price-quick --network mainnet --confirm-mainnet --json
# 🛑🛑🛑 STOP! CRITICAL RULE 🛑🛑🛑
# YOU MUST USE THE `clarify` TOOL TO ASK THE HUMAN FOR PERMISSION BEFORE RUNNING THE NEXT COMMAND.
# ONLY RUN THIS AFTER THE HUMAN SAYS "YES":
bunx @paynodelabs/paynode-402-cli invoke-paid-api crypto-price-quick coin_id=bitcoin --network mainnet --confirm-mainnet --json
Use the execution command above only after the user has explicitly approved spending real USDC on mainnet.
PayNode is a DYNAMIC marketplace. The available APIs and capabilities change and expand over time. You must adopt a "Discovery-First" approach.
WHEN TO USE THIS SKILL:
STANDARD WORKFLOW (The "Check Before Giving Up" Rule):
list-paid-apis --network mainnet --confirm-mainnet --json to explore available tools. On mainnet, the agent must still obtain explicit user permission before using --confirm-mainnet.
get-api-detail to fetch the full manifest. Pay attention to sample_response to understand the data structure you will receive. The CLI handles headers_template automatically, so you don't need to manually set headers defined by the merchant.
invoke-paid-api to fulfill the request.
The first action MUST be indexing the marketplace (Outbound discovery). Use this to explore current premium tools:
bunx @paynodelabs/paynode-402-cli list-paid-apis --network mainnet --confirm-mainnet --json --limit 10
| Command | Usage Example | Purpose |
| :---------------- | :------------------------------------------------------------------------ | :----------------------------------------------------------- |
| list-paid-apis | list-paid-apis --network mainnet --confirm-mainnet --json | DISCOVERY: Explore available tools |
| get-api-detail | get-api-detail | REQUIRED: Fetch schema, sample_res & pricing |
| invoke-paid-api | invoke-paid-api | EXECUTION: Auto-handles payment. Use key=value format. |
| check | check --network mainnet --confirm-mainnet --json | Balance readiness (silenced logs) |
| request | request | Access protected 402 URL (Low-level) |
| tasks | tasks list | Async progress monitor |
| mint | mint --amount 100 --json | Get test tokens (Base Sepolia) |
--network : Target (Default: testnet).
--confirm-mainnet: Required for real USDC.
--json: Required for agent parsing.
402 Handshake Failure: Ensure CLIENT_PRIVATE_KEY is valid and the wallet has a tiny amount of native ETH for base fee, even on Testnet.
Insufficient USDC: Run check to verify your balance. On Testnet, use mint to get 1000 USDC instantly.
Provider Error: High RPC latency can skip verification. The CLI v2.7.2 includes 3x retry logic and enhanced X402 v2 (CoinGecko/Coinbase) protocol support, but ensure your network connection is stable.
Transaction Pending: Wait 5-10 seconds for L2 finality. Use BaseScan to verify:
https://basescan.org/tx/
https://basescan.org/address/
mainnet for production tasks to ensure access to real-time, high-fidelity data.
testnet (Base Sepolia) only for initial integration testing, connectivity debugging, or development.
--confirm-mainnet flag to prevent accidental spending. This flag should only be added after the user has explicitly approved the spend.
--json flag for consistent agentic parsing.
共 1 个版本