x402station Guard

One line of code that stops your agent from paying dead, fake, zombie, or overpriced x402 endpoints. Runs preflight before every PAYMENT-SIGNATURE your agent signs. Fail-closed by default.

The whole integration

import { wrapFetchWithPaymentFromConfig } from "@x402/fetch";
import { wrapWithPreflight } from "x402station-middleware";

const x402Fetch = wrapFetchWithPaymentFromConfig(fetch, { schemes: [...] });
const safeFetch = wrapWithPreflight(x402Fetch);

// Use exactly like fetch — preflight runs before every payment.
await safeFetch("https://api.example.com/x402-endpoint", { method: "POST", ... });
// ↑ throws PreflightBlockedError if dead / zombie / decoy / never_paid_zombie.

Three ways to install

1. npm middleware (recommended)
```
npm install x402station-middleware @x402/fetch @x402/evm viem
```
Drop-in fetch wrapper. Pure ESM, works in Node 20+, Bun, and the Cloudflare Workers runtime. npm
2. MCP server (Claude Code / Cursor / Windsurf / Continue)
```
npx -y x402station-mcp
```
Ten tools (preflight, forensics, catalog_decoys, alternatives, whats_new, buy_credits, watch_subscribe, plus free status + unsubscribe). npm · MCP Registry
3. Bulk credits (cheapest at scale)
```
POST https://x402station.io/api/v1/credits  →  $0.50 USDC  →  1000 prepaid preflights
```
Effective rate: $0.0005 / call (50% off the $0.001 per-call rate). 90-day expiry. Pass the returned creditId on every preflight via X-Credit-Id; on exhaustion the middleware falls through to per-call x402 automatically.

What Guard blocks right now

Snapshot from the live catalog (refreshed on every probe pass, every 10 minutes):

74 endpoints listed at ≥ $1,000 USDC per call. Aggregate sticker price: $23.2M. Max single endpoint: $500,000.
~14 services 100% erroring in the last hour but still listed is_active: true.
87%of the catalog (~43k of 49k endpoints) sits inside two providers' billing namespaces — single-source risk surfaced via metadata.high_concentration.

Full breakdown: We probed 49,314 x402 endpoints. Here's what we blocked.

Framework recipes

5-minute copy-paste integration for the agent runtimes we've verified end-to-end:

Safe x402 agent with Coinbase AgentKit · EVMWalletProvider binding · 4 min setup
Safe x402 agent with Cloudflare Agents · Workers runtime + Durable Objects · 5 min setup
Safe x402 agent with LangChain / LangGraph · DynamicStructuredTool + MCP adapter · 5 min setup

For service operators

Run an x402 endpoint and want agents to prefer it when routing? Mint a $1 verified-badge cert — 30-day signed certificate that proves your endpoints aren't on the blacklist. Agents using Guard prefer verified endpoints when routing alternatives.