Metar
v1.0.0 Public Beta

One Line of Code.
Instant API Monetization.

A production-ready SDK for pay-per-call APIs using USDC micropayments. Perfect for AI agents, microservices, and any programmatic client that needs simple, automatic payments.

provider.ts
import { createX402Middleware } from "@metar/metar-provider";

app.post("/api/generate",
  createX402Middleware({
    price: 0.03, // 0.03 USDC
    payTo: "YOUR_WALLET...",
    chain: "solana-mainnet"
  }),
  async (req, res) => {
    // Payment verified!
    res.json({ result: "..." });
  }
);
client.ts
import { MetarClient } from "@metar/metar-client";

const client = new MetarClient({
  agentKey: process.env.TAP_KEY,
  wallet: mySolanaWallet
});

// Auto-handles 402 & payment
const res = await client.request("generate", {
  method: "POST",
  body: JSON.stringify({ prompt: "Hello world" })
});

Payments should be simple.

Metar is a production-ready SDK that enables pay-per-call monetization for any API. It allows AI agents, microservices, and programmatic clients to pay for resources instantly using USDC on Solana.

For API Providers

Monetize your API endpoints instantly. No subscription management, no invoicing, just direct USDC deposits for every valid request.

For Programmatic Clients

Access premium APIs without credit cards or signups. Just fund a wallet and start making requests. Perfect for AI agents and microservices.

For Developers

Integrate in minutes with a simple Express middleware and a type-safe client SDK. Built on standard HTTP 402 status codes.

The Problem with Subscriptions

Inefficient for Agents

AI agents can't fill out credit card forms or manage monthly subscriptions. They need a programmatic way to pay for what they use.

High Overhead

Managing Stripe integration, webhooks, and invoicing for micro-transactions is expensive and complex.

API Key Leakage

Static API keys are a security risk. If leaked, you're liable for the bill. Metar uses cryptographic signatures for every request.

The Metar Solution

Metar standardizes the HTTP 402 Payment Required status code. When a client makes a request, the provider responds with a 402 and a payment invoice. The client SDK automatically signs and sends the payment, and the provider fulfills the request.

Standard HTTP Status Codes
Instant USDC Settlement on Solana
Cryptographic Request Signing
No Centralized Intermediary

Technical Architecture

Metar orchestrates a secure, stateless payment flow between AI agents and API providers, verified on the Solana blockchain.

Client (AI Agent)

  • Price Lookup
  • USDC Transfer
  • TAP Signature

Provider (API)

  • Verify Headers
  • Check On-Chain
  • Log Usage

Solana Blockchain

  • Confirm Tx
  • USDC Settlement
  • Immutable Record

Payment Flow

1. Price Discovery

Client requests price from GET /.meter/price. Returns price (USDC), recipient, and token mint.

2. Payment Transaction

Client creates and sends USDC transfer on Solana with a memo containing the route ID and nonce.

3. TAP Signature

Client generates HTTP Signature (RFC 9421) using Ed25519 to prove agent identity cryptographically.

4. API Request

Client makes request with x-meter-* headers and Authorization signature.

5. Verification

Provider middleware verifies timestamp, nonce, signature, and on-chain payment confirmation.

Secure Headers Example
POST /api/generate HTTP/1.1
Host: api.provider.com
x-meter-tx: 5Kj3...9zXy
x-meter-route: summarize:v1
x-meter-amt: 0.03
x-meter-currency: USDC
x-meter-nonce: 018b...7f2a
x-meter-ts: 1709...8821
Authorization: Signature keyId="agent-1",...

Everything you need to monetize your API.

Metar provides a complete toolkit for building pay-per-call APIs. From the middleware that verifies payments to the client SDK that handles them automatically.

Provider Middleware

Monetize in minutes. One-line middleware protects any Express route. Automatic on-chain verification and usage analytics included.

Client SDK

Zero human intervention. SDK handles price lookup, USDC payments, and TAP signatures automatically.

Enterprise Security

Built on Visa's Trusted Agent Protocol. Ed25519 signatures, replay protection, and timestamp validation.

Solana Speed

Sub-second finality and low fees. Built for high-frequency machine-to-machine transactions.

Usage Analytics

Built-in SQLite tracking for payments and usage. Visualize revenue and request metrics in real-time.

Replay Protection

Nonces tracked per agent. Transaction signatures prevent double-spending and ensure idempotency.

Built on modern standards.

Metar is a monorepo designed for modularity and type safety. It leverages the best-in-class tools for Solana development and Node.js services.

Core Technologies

Node.js & TypeScript

Robust, type-safe runtime for high-performance API services.

Solana Blockchain

High-throughput, low-latency L1 for instant settlement.

USDC Stablecoin

Digital dollar for stable, predictable pricing.

Ed25519 Signatures

Cryptographic verification for secure authentication.

Package Structure

@metar/metar-client

Client SDK for agents to discover prices and make payments.

@metar/metar-provider

Express middleware for payment verification and replay protection.

@metar/agent-registry

Agent key registry and price service for centralized management.

@metar/dashboard

React/Vite dashboard for analytics and revenue tracking.

@metar/shared-types

TypeScript definitions for the TAP protocol and payment interfaces.

@metar/shared-config

Shared configuration constants (Solana networks, USDC mints).

@metar/facilitator

Facilitator mode for delegated payment verification (optional).

Documentation & Integration

Detailed API specifications and security requirements for integrating Metar.

API Specifications

GET/.meter/price

{
  "price": 0.03,
  "currency": "USDC",
  "mint": "EPjFWdd5...",
  "payTo": "7xKXtg2...",
  "routeId": "summarize:v1",
  "chain": "solana-devnet"
}

Required Payment Headers

{
  "x-meter-tx": "Solana transaction signature",
  "x-meter-route": "Route identifier",
  "x-meter-amt": "Payment amount",
  "x-meter-currency": "USDC",
  "x-meter-nonce": "Unique UUID v7",
  "x-meter-ts": "Unix timestamp (ms)",
  "x-meter-agent-kid": "Agent key ID",
  "Authorization": "TAP signature"
}

Security Requirements

Private Key Management

Never expose private keys in client-side code. Use secure key storage and rotation policies.

HTTPS Only

All production endpoints must use HTTPS. Payment headers contain sensitive information.

Nonce Management

Nonces must be unique per agent. Implement proper storage (Redis/DB) to prevent replay attacks.

POST /api/generate HTTP/1.1 Host: api.provider.com x-meter-tx: 5Kj3...9zXy x-meter-route: summarize:v1 x-meter-amt: 0.03 x-meter-currency: USDC x-meter-nonce: 018b...7f2a x-meter-ts: 1709...8821 Authorization: Signature keyId="agent-1",...

Ready to monetize your APIs?

Join the first payment protocol built for the programmatic economy. Start integrating Metar today.

Get StartedRead the Docs