An open SDK for agentic payments. Let AI agents make payments, hold funds, and move money across chains with policy enforcement and human approval built in.
agentpay-sdk is a widely-adopted Rust project in the AI payments / x402 ecosystem, focused on agentic-payments, ai-agents, stablecoin. It currently has 526 GitHub stars and 21 forks, and sits alongside related tools like sample-agentic-serverless-payments, routex, x402-client.
AgentPay SDK gives agents two payment paths:
The main entrypoint is the agentpay CLI, which manages Link fiat onboarding, the local daemon, wallet access, balances, policy, transfers, and approvals.
The fastest operator path is the interactive bootstrap script:
curl -fsSL https://wlfi.sh | bash
Documentation: https://docs.worldlibertyfinancial.com/agentpay-sdk
The script can:
agentpay into a dedicated AGENTPAY_HOME~/.config/agents, legacy ~/.agents, and matching workspace skill directoriesAGENTS.md, CLAUDE.md, GEMINI.md, .github/copilot-instructions.md, .clinerules/agentpay-sdk.md, and the Cursor rule packAGENTPAY_SETUP_CURSOR_WORKSPACE is setagentpay link onboard for Fiat setup or agentpay admin setup for Crypto setup when selectedlaunchd and on Linux with system systemdNon-interactive installs can choose the payment path explicitly:
curl -fsSL https://wlfi.sh | AGENTPAY_SETUP_PAYMENT_METHOD=fiat bash
curl -fsSL https://wlfi.sh | AGENTPAY_SETUP_PAYMENT_METHOD=crypto bash
curl -fsSL https://wlfi.sh | AGENTPAY_SETUP_PAYMENT_METHOD=none bash
The legacy AGENTPAY_SETUP_RUN_ADMIN_SETUP=yes option still maps to the Crypto wallet setup path.
If you only want the AI skill pack and adapters, without installing the local AgentPay SDK runtime:
curl -fsSL https://wlfi.sh | bash -s -- --skills-only
That mode:
.agents, Cursor, and workspace adapters like AGENTS.md, CLAUDE.md, GEMINI.md, and Copilot instructionsAGENTPAY_SETUP_CURSOR_WORKSPACE is set or the current directory is already a Cursor workspaceagentpay, Node.js, shell PATH exports, or wallet runtime files20+--skills-only: network access plus a writable home directory or Cursor workspace targetThe full one-click installer does not require local Cargo, pnpm, or a preinstalled Node runtime. It still installs Node 20+ locally when the machine does not already have a compatible Node available, because the agentpay launcher runs on Node.
On macOS and Linux, the packaged installer can install the precompiled runtime first and then hand off Fiat setup to agentpay link onboard or Crypto wallet bootstrap to agentpay admin setup.
Source installs build and install the CLI/runtime binaries on macOS and Linux. Windows does not yet support the Rust daemon/runtime from source in this repo. If you only need the JavaScript workspace on Windows, install with AGENTPAY_SKIP_RUST_INSTALL=1 pnpm install.
pnpm install
pnpm run build
pnpm run install:cli-launcher
pnpm run install:rust-binaries
On macOS, add export PATH="$HOME/.agentpay/bin:$PATH" to ~/.zshrc, then reload your shell with source ~/.zshrc.
On Linux, add export PATH="$HOME/.agentpay/bin:$PATH" to your shell startup file such as ~/.bashrc, ~/.zshrc, or ~/.profile, then reload that file or open a new shell.
npm run install:cli-launcher installs the agentpay launcher into ~/.agentpay/bin, and npm run install:rust-binaries installs the Rust runtime into the same directory.
Managed wallet bootstrap commands such as agentpay admin setup, agentpay admin tui, agentpay admin reset, and agentpay admin uninstall are supported on macOS and Linux. The managed daemon uses launchd on macOS and system systemd on Linux. Agent auth storage uses macOS Keychain on macOS and Linux Secret Service on Linux.
curl -fsSL https://wlfi.sh | bashpnpm install
pnpm run build
pnpm run install:cli-launcher
pnpm run install:rust-binaries
agentpay admin setup --reuse-existing-walletIf you update Rust daemon code from a source checkout, rerun npm run install:rust-binaries so the root-managed daemon uses the new installed binaries under ~/.agentpay/bin.
Bind Link once:
agentpay link onboard
List Link payment methods:
agentpay link payment-methods --json
Create a one-time card for an agent purchase. Full card credentials are written to a local 0600 file; stdout stays redacted.
agentpay link card \
--payment-method-id csmrpd_xxx \
--merchant-name "Stripe Press" \
--merchant-url "https://press.stripe.com" \
--amount 3500 \
--context "The user asked this agent to buy Working in Public from Stripe Press. The user will approve this exact purchase in Link before any card credential can be used." \
--output-file ~/.agentpay/link-cards/stripe-press-card.json
Advanced Link passthrough is available under agentpay link, including agentpay link spend-request ..., agentpay link mpp ..., and agentpay link serve ....
Third-party programs can call the AgentPay Link facade directly:
import {
createLinkCard,
listLinkPaymentMethods,
onboardLinkAccount,
} from '@worldlibertyfinancial/agentpay-sdk/link';
await onboardLinkAccount({ clientName: 'My Agent' });
const methods = await listLinkPaymentMethods();
const card = await createLinkCard({
paymentMethodId: methods[0].id,
merchantName: 'Example Merchant',
merchantUrl: 'https://merchant.example',
amountCents: 2500,
context:
'The user asked this third-party agent to complete an approved purchase at Example Merchant using Link.',
});
For third-party agent developers, distribute a built npm package or installer bundle so the @worldlibertyfinancial/agentpay-sdk/link export resolves to dist/link.cjs.
To create a developer package tarball from this checkout:
npm run build
npm pack
npm pack runs the package prepack script, which rebuilds before writing the tarball. If you are cutting a new release, update package.json to the release version before packing:
npm version <version> --no-git-tag-version
npm pack
Developers can install the resulting tarball directly:
npm install ./worldlibertyfinancial-agentpay-sdk-<version>.tgz
Or install it from a release host, private registry, or GitHub Packages:
npm install https://your-release-host/worldlibertyfinancial-agentpay-sdk-<version>.tgz
Before handing off a tarball, verify that it contains the Link facade build output:
tar -tf worldlibertyfinancial-agentpay-sdk-<version>.tgz | grep 'dist/link.cjs'
tar -tf worldlibertyfinancial-agentpay-sdk-<version>.tgz | grep 'package.json'
Do not rely on an unbuilt source checkout for developer installation. The package export points at dist/link.cjs, and dist/ is generated build output.
The managed wallet bootstrap flow below is supported on macOS and Linux:
agentpay admin setupagentpay transfer, agentpay transfer-native, agentpay approve, agentpay broadcast, agentpay x402, or agentpay mppUser-facing examples below avoid shell env vars on purpose. Prefer prompts, config files, agentpay admin tui, and explicit command flags.
agentpay admin setup--reuse-existing-wallet reattaches the current local vault when you need to recover the daemon or refresh local credentials without creating a fresh walletlaunchd on macOS or system systemd on Linuxagentpay admin tuiCtrl+S saves that draft and reapplies wallet policies in one stepagentpay admin resetagentpay admin uninstallagentpay admin setup --reuse-existing-wallet before uninstalling when you want to keep the current walletagentpay admin ...agentpay transfer, agentpay transfer-native, agentpay approve, agentpay broadcast, agentpay x402, agentpay mppagentpay status--strict when you want CI or automation to fail on warningsagentpay repairagentAuthToken config storage--overwrite-keychain only when you have confirmed the plaintext config token is the credential you intend to keepagentpay daemonagentpay admin setup on macOS or Linuxagentpay link onboardagentpay link cardagentpay link ...agentpay admin token set-chain ... updates the local shared config in ~/.agentpay/config.json and, when reusable wallet metadata is present, immediately tries to refresh the live daemon policy attachment for the existing wallet. It prompts locally for the vault password unless you provide --vault-password-stdin; use --non-interactive only together with --vault-password-stdin.agentpay admin chain ..., agentpay admin token remove ..., and agentpay admin token remove-chain ... still change the saved draft only. Reapply those edits through agentpay admin tui or agentpay admin setup --reuse-existing-wallet on macOS or Linux, or through agentpay-admin bootstrap --from-shared-config when you are driving an existing daemon directly.agentpay config show --json prints that saved shared config snapshot. Treat it as your source-of-truth draft, not as proof that the current daemon policy attachment already changed.agentpay admin chain add <key> --chain-id <id> --name <name> --rpc-url <url>agentpay admin chain remove <key>agentpay admin token set-chain <tokenKey> <chainKey> --symbol <symbol> --native|--address <token> --decimals <count> --per-tx <amount> --daily <amount> --weekly <amount> [--vault-password-stdin]agentpay admin token remove-chain <tokenKey> <chainKey>agentpay admin token remove <tokenKey>eth, bsc, and tempo, plus built-in BNB, ETH, USD1, Tempo native USD, and pathUSD profiles.attachedPolicyIds, first read the ids from agentpay config show --json, then query the daemon policies directly with agentpay admin list-policies --policy-id <uuid>.agentpay admin tui.agentpay admin setup --reuse-existing-wallet on macOS or Linux, or use agentpay-admin bootstrap --from-shared-config when operating an existing daemon directly.agentpay admin token set-chain ... fails during the live apply step, the CLI restores the previous saved config and exits with the apply error.agentpay admin wallet-backup export --output ... is the supported backup command and remains available under the admin wallet-backup subcommand tree.Run this once:
agentpay admin setup
Preview the exact sanitized setup plan first:
agentpay admin setup --plan
The preview is read-only. It does not prompt for the vault password, does not touch sudo, and does not mutate wallet or policy state. It prints the planned Rust command, trust preflight results, overwrite risk, and the password transport mode that would be used for the real setup.
During a real agentpay admin setup, you may be prompted for two different secrets:
Vault password: the wallet password you choose for encrypted local state; local entry is confirmed twice to catch typosSystem admin password for sudo: your local admin password, used only when setup needs elevated privileges to install or recover the root-managed daemonOn a fresh wallet, interactive setup now skips the offline backup wizard by default so the first-run path stays short. If you want a backup during setup, pass --backup-output <path>. Otherwise export one afterward with agentpay admin wallet-backup export --output <path>.
If the local vault already exists and you only need to recover the managed daemon or refresh local setup state, reuse the current wallet instead of creating a fresh one:
agentpay admin setup --reuse-existing-wallet
This reuse path keeps the current vault address, prompts for REUSE in interactive mode, and still requires --yes in non-interactive mode.
After first-run setup, keep an encrypted offline backup of the wallet somewhere separate from the machine itself.
Export a backup:
agentpay admin wallet-backup export --output ~/agentpay-backups/agentpay-wallet-backup.json
Verify the file before you depend on it:
agentpay admin wallet-backup verify ~/agentpay-backups/agentpay-wallet-backup.json
If you are moving to a new machine or recovering after local wallet loss, restore the same wallet with:
agentpay admin setup --restore-wallet-from ~/agentpay-backups/agentpay-wallet-backup.json
That restore flow keeps the wallet address the same, prompts for the backup password locally, and re-establishes the managed daemon plus fresh local agent credentials on the new machine.
After that, the command:
By default, setup keeps the freshly issued agent auth token in the local credential store and redacts it from CLI output. On macOS that store is macOS Keychain. On Linux it is Linux Secret Service. Only use --print-agent-auth-token when you intentionally need to export that secret.
For a headless Linux container, run setup from an interactive shell inside the container after starting a temporary user D-Bus and Secret Service session:
export XDG_RUNTIME_DIR="${XDG_RUNTIME_DIR:-$HOME/.xdg-run}"
mkdir -p "$XDG_RUNTIME_DIR"
chmod 700 "$XDG_RUNTIME_DIR"
dbus-run-session -- bash -lc '
printf "%s\n" "container-login-pass" | gnome-keyring-daemon --login --components=secrets >/tmp/gk-login.out 2>/tmp/gk-login.err || true
eval "$(gnome-keyring-daemon --start --components=secrets)"
agentpay admin setup
'
This assumes the container already has systemd, sudo, dbus-user-session, gnome-keyring, and libsecret-tools installed, and that you entered the container with a real TTY such as docker exec -it <container> bash.
Example with explicit chain config:
agentpay admin setup \
--network 11155111 \
--chain-name sepolia \
--rpc-url https://rpc.sepolia.example \
--allow-native-eth \
--per-tx-max-wei 1000000000000000000 \
--daily-max-wei 5000000000000000000 \
--weekly-max-wei 20000000000000000000
Typical output ends with:
setup complete
address: 0x...
vault key id: ...
agent key id: ...
daemon socket: /Library/AgentPay/run/daemon.sock
state file: /var/db/agentpay/daemon-state.enc
There are three practical policy layers:
agentpay admin tuiUse the TUI when you want the easiest way to define:
Run:
agentpay admin tui
Like admin setup, the TUI stores the new agent auth token in the local credential store by default and does not print it unless you pass --print-agent-auth-token.
The TUI starts on the token list, lets you add new tokens or networks, fetches token name/symbol/decimals from the selected network RPC, and bootstraps every saved token across its selected networks.
In the Network Multi-Select field, first save the networks you want in the Networks view, then use ←/→ or h/l (also a/d) to move the focus marker across those saved networks and press Space or Enter to toggle the focused network into the token.
There is no separate "save only" step for dirty token/network drafts in the TUI. Ctrl+S persists the draft and reapplies the wallet together.
Important rule: destination overrides can only tighten the matching token policy; they cannot relax it.
Spend window policies are signing-budget controls, not post-settlement accounting. A request counts against daily/weekly usage once the daemon successfully approves and signs it, including completed manual approvals, even if the signed transaction is broadcast later or ultimately fails on-chain.
If you prefer direct flags over the TUI, agentpay admin setup already passes through the common policy and wallet-setup options shown above.
Useful direct flags include:
--per-tx-max-wei--daily-max-wei--weekly-max-wei--max-gas-per-chain-wei--daily-max-tx-count--per-tx-max-fee-per-gas-wei--per-tx-max-priority-fee-per-gas-wei--per-tx-max-calldata-bytes--network--token--allow-native-eth--recipientManual approval is an overlay policy: matching requests are held until an operator approves or rejects them.
Create one with direct flags:
agentpay admin add-manual-approval-policy \
--network 11155111 \
--recipient 0x1111111111111111111111111111111111111111 \
--allow-native-eth \
--min-amount-wei 1000000000000000 \
--max-amount-wei 2000000000000000
ERC-20 example:
agentpay admin add-manual-approval-policy \
--network 11155111 \
--recipient 0x2222222222222222222222222222222222222222 \
--token 0x3333333333333333333333333333333333333333 \
--min-amount-wei 1000000 \
--max-amount-wei 5000000
The policy matches all transactions of the requested type that fall inside the destination / token / amount range.
Manual approval is still an overlay, not an override. Matching transfers must continue to satisfy every stricter hard limit such as per-tx, daily, weekly, gas, fee, and calldata caps before they can reach the approval flow.
agentpay admin list-manual-approval-requests
Approve locally:
agentpay admin approve-manual-approval-request \
--approval-request-id <REQUEST_ID>
Resume an already-approved broadcast-backed request on this machine:
agentpay admin resume-manual-approval-request \
--approval-request-id <REQUEST_ID>
Reject locally:
agentpay admin reject-manual-approval-request \
--approval-request-id <REQUEST_ID>
Top-level signing commands always go through the daemon.
After agentpay admin setup, the normal path is to rely on the configured agent key id plus the token already stored in the local credential store. You only need --agent-key-id or --agent-auth-token-stdin when overriding that default.
Native transfer:
agentpay transfer-native \
--network 11155111 \
--to 0x1111111111111111111111111111111111111111 \
--amount-wei 1500000000000000
ERC-20 transfer:
agentpay transfer \
--network 11155111 \
--token 0x3333333333333333333333333333333333333333 \
--to 0x2222222222222222222222222222222222222222 \
--amount-wei 1000000
Approve allowance:
agentpay approve \
--network 11155111 \
--token 0x3333333333333333333333333333333333333333 \
--spender 0x4444444444444444444444444444444444444444 \
--amount-wei 1000000
Raw policy-checked transaction request:
agentpay broadcast \
--network 11155111 \
--to 0x1111111111111111111111111111111111111111 \
--gas-limit 21000 \
--max-fee-per-gas-wei 2000000000 \
--value-wei 1500000000000000
x402-protected HTTP request:
agentpay x402 \
https://api.example.com/paid
MPP request:
agentpay mpp \
https://api.example.com/tempo \
--header 'X-Client-Test: 1' \
--json-body '{"prompt":"hello"}'
agentpay x402 currently targets exact/EIP-3009 payment requirements. agentpay mpp now supports one-shot tempo/charge and one-shot tempo/session HTTP challenges, supports --method, repeatable --header, --data, and --json-body, and uses --amount to confirm the expected token-unit amount before it signs or broadcasts. For tempo/session, --deposit optionally overrides the initial channel deposit, --session-state-file persists and reuses a session channel across CLI invocations, and --close-session closes a persisted session after the paid response. Without a session state file, tempo/session stays in one-shot open/request/close mode. In --json mode, successful MPP responses include any decoded Payment-Receipt header under payment.receipt, and tempo/session responses also include payment.closeReceipt when the close step returns one.
For tempo/session event streams (text/event-stream), the CLI now handles payment-need-voucher control events in text mode, automatically topping up and posting fresh vouchers when needed. Streamed message payloads are written to stdout as they arrive. --json is still intended for non-streaming MPP responses.
If a request hits a manual-approval policy, the CLI prints:
Inspect the current machine state:
agentpay status
Strict mode is useful in automation:
agentpay status --strict
Repair local non-root issues such as lingering plaintext bootstrap files or legacy agentAuthToken config storage:
agentpay repair
If you intentionally want to keep bootstrap artifacts but redact them in place instead of deleting them:
agentpay repair --redact-bootstrap
Browser-based relay and web approval are unsupported in this release. Legacy relay config commands remain present only for compatibility and return unsupported.
When a request requires manual approval:
agentpay admin list-manual-approval-requests
agentpay admin approve-manual-approval-request --approval-request-id <UUID>
agentpay admin reject-manual-approval-request --approval-request-id <UUID> --rejection-reason "<TEXT>"
agentpay transfer --broadcast, agentpay transfer-native --broadcast, and agentpay approve --broadcast, the original CLI command keeps waiting on that same approval request and continues automatically after approvalagentpay admin resume-manual-approval-request --approval-request-id <UUID>For the auto-waiting broadcast flows above:
stderr; the final successful --json result still goes to stdoutApproved, use agentpay admin resume-manual-approval-request --approval-request-id <UUID> instead of rebuilding the transaction by hand/var/db/agentpay/daemon-state.enc on macOS or /var/lib/agentpay/daemon-state.enc on Linux, and is intended to be root-only./Library/AgentPay/run/daemon.sock on macOS or /run/agentpay/daemon.sock on Linux.setup says the daemon password does not unlock the stored state, use the original vault password or reset the managed state before setting up a fresh wallet.agentpay admin setup --restore-wallet-from <backup.json>.agentpay admin reset, then agentpay admin setup to create a new wallet.npm run install:rust-binaries and restart the managed daemon through agentpay admin setup.If you forgot the vault password and do not have a valid offline backup, there is no recovery path for the existing encrypted daemon state. Use reset only when you intentionally want to discard the old wallet and create a new wallet.
If you do have a wallet backup, do not reset. Use:
agentpay admin setup --restore-wallet-from <backup.json>
agentpay admin reset
For automation or CI-style local flows:
agentpay admin reset --yes
By default, reset keeps non-secret config like chain settings, but removes the managed daemon state, the daemon unlock secret, the local agent token, and lingering bootstrap artifacts.
If you want a totally clean local slate too:
agentpay admin reset --yes --delete-config
After reset, run agentpay admin setup to create a new wallet.
Use uninstall when you want a full local cleanup instead of preparing for another setup. It removes:
launchd on macOS, system systemd on Linux)/Library/AgentPay on macOS or /opt/agentpay on Linux/var/db/agentpay on macOS or /var/lib/agentpay on Linux/var/log/agentpay on macOS~/.agentpayagentpay admin uninstall removes the managed daemon and local AgentPay SDK files on that machine. If you are running from a repo checkout or another non-managed source path, the managed state is still removed but your current source checkout is left alone.
agentpay admin uninstall
For automation or CI-style local flows:
agentpay admin uninstall --yes
An open-source, serverless and agentic design for pay-per-use AI content generation using USDC stablecoin payments via x402, featuring browser wallet and autonomous agent flows on AWS.
Multi-chain settlement cost router for the x402 payment protocol. Selects the cheapest or fastest blockchain for each AI agent micropayment.
Client SDK for the Vybe x402 API. Pay-per-call USDC over HTTP and prepaid-credit WebSocket streaming for Vybe's Solana analytics API. Built for AI agents.