ProxyFox is a developer-grade monetization infrastructure for AI tools and MCP (Model Control Proxy) servers. It implements a pay-per-use on-chain payment gating mechanism over HTTP using a custom x402-like protocol enforced via Flow blockchain.proxyfox also work as mcp marketplace where user can explore the servers and mcp tools
This project was built for fully decentralized AI agent tooling, enabling anyone to run monetized MCP servers while safely handling payment verifications on-chain.
- Core Components
- Architecture & Payment Flow
- How 402 Payment Enforcement Works
- Installation
- Configuration
- Usage Examples
- Technical Highlights
- Advantages
- API Reference
- Troubleshooting
- Contributing
| Component | Tech | Description |
|---|---|---|
| ProxyFox | Next.js (API Routes) | Middleware HTTP proxy server enforcing 402-payments, verifying Flow blockchain transactions |
| MCPay-Client | Node.js CLI | Client-side payment handler for agents (like Curser CLI) that detects 402 responses, makes Flow payments, attaches payment proof |
| Flow chain | Flow blockchain | On-chain payment execution + transaction verification |
Request-Response flow overview from agent prompt to tool response
ββββββββββββββββ
β User/Agent β (Curser or CLI)
ββββββββ¬ββββββββ
β 1οΈβ£ prompt request
β (via MCPay-Client)
βΌ
ββββββββββββββββββββββ
β ProxyFox Server β
β - Checks for X-Payment header
β - 402 if missing
ββββββββ¬βββββββββββββββ
β 2οΈβ£ 402 Payment Required response
βΌ
ββββββββββββββββββββββ
β MCPay-Client (CLI) β
β - Parses 402 response
β - Makes on-chain payment via Flow RPC
β - Constructs X-Payment header with proof
ββββββββ¬βββββββββββββββ
β 3οΈβ£ Reattempt request w/ payment
βΌ
ββββββββββββββββββββββ
β ProxyFox Server β
β - Verifies payment proof on-chain
β - If valid β proxy to MCP server
ββββββββ¬βββββββββββββββ
β 4οΈβ£ MCP server response
βΌ
ββββββββββββββββββββββ
β MCPay-Client β
β Returns result to Curser/agent
ββββββββββββββββββββββ
When Curser sends a request to a monetized MCP tool via ProxyFox (with MCPay-Client forwarding), it reaches an API route like:
POST /api/proxy/<server-id>/<tool-name>
ProxyFox checks if the request carries a custom header:
X-Payment: <base64-encoded-payment-proof>
If absent, it responds:
HTTP 402 Payment Required
JSON body:
402 Payment Required.
{
"message": "π° Payment Required",
"recipient": "0x5567D2FFdF5A9c0bBb0B79B8cD99a3a87C45dAFb",
"amount": "10.0 FLOW",
"payTo": "0x5567D2FFdF5A9c0bBb0B79B8cD99a3a87C45dAFb",
"network": "flow-evm-testnet",
"tool": "weather",
"timestamp": 1720000123
}
MCPay-Client parses this response:
- Extracts price, recipient, tool, and expiry
- Uses the configured private key (CLI flag
--privateKey) to sign and broadcast a transaction on Flow blockchain using RPC.
The transaction is submitted using Flow RPC or a direct HTTP interface to a Flow node.
Once transaction confirmed, MCPay-Client encodes payment proof data into a base64 JSON string:
{
"txHash": "0xTransactionHash",
"amount": "1.5",
"currency": "FLOW",
"From": "0xUserWallet",
"to": "0xRecipientWallet",
"tool": "weather",
"timestamp": 1720000123
}And sends it as:
X-Payment: <base64-string>
Upon receiving a request with X-Payment:
- Decodes base64 JSON.
- Verifies via Flow RPC:
- Transaction exists
toaddress matches recipient configamountmatches required fee- Timestamp is within expiry
- Tool metadata matches request
Only if verified:
- Proxies original HTTP request to MCP server
- Returns MCP server response back to MCPay-Client
If invalid:
- 403 Forbidden or 402 again with updated expiry
# Clone the repository
git clone https://github.com/Oxkai/ProxyFox
cd ProxyFox
# Install dependencies
npm install
# Start ProxyFox server
npm run dev
# In another terminal, test with MCPay-Client
cd mcpay-client
npm install
node mcpay-client.mjs --privateKey <your-key> --proxyUrl <proxy-url>Inside your mcp.json config:
{
"weather_broad_server": {
"command": "node",
"args": [
"./mcpay-client.mjs",
"--privateKey",
"0xd395aea4aa82b49e5ab9e31277ff6559431896b775bfc8e6dcd2de8ed2dfd21c", //exmple private key
"--proxyUrl",
"http://localhost:3000/api/proxy/61f1b4b7-d495-48dd-b333-f84bb4a09ab1-weather_broad/weather" //monetised URL
]
}
}# Simple weather request
echo '{
"tool": "weather",
"input": {
"text": "Hello Ajay MCP!"
}
}' | \
node mcpay-client.mjs \
--privateKey <your-private-key> \
--proxyUrl <your-proxyfox-url># With custom timeout and verbose logging
node mcpay-client.mjs \
--privateKey <your-private-key> \
--proxyUrl <your-proxyfox-url> \
--timeout 30000 \
--verbose \
--input '{"tool": "weather", "input": {"text": "Weather in NYC"}}'-
Flow blockchain integration via raw RPC
- No SDK abstraction β transaction crafted manually
- Payment verification logic directly on middleware using RPC response validation
-
Custom x402-compatible payment negotiation
- 402 Payment Required response as negotiation primitive
- Base64-encoded JSON payment proofs
-
No dependency on Curser cloud or IDE
- MCPay-Client works standalone from terminal or agent automation
-
ProxyFox as Edge Layer
- Validates on-chain payments
- Proxies only verified requests
- Logs payment events for revenue analytics (dashboard-ready)
β Enables fully decentralized, permissionless pay-per-use access for AI tools.
β Non-custodial β funds sent directly to server operator wallet.
β Protocol-agnostic β while Flow is used here, architecture can adapt to EVM chains or Solana.
β Completely independent from cloud IDEs or agent marketplaces.
Proxies requests to MCP servers with payment verification.
Headers:
X-Payment: Base64-encoded payment proof (optional on first request)Content-Type:application/json
Request Body:
{
"tool": "weather",
"input": {
"text": "Weather query"
}
}Response (402 Payment Required):
{
"price": "1.5",
"currency": "FLOW",
"recipient": "0xRecipientWallet",
"tool": "weather",
"validUntil": "2024-01-01T00:00:00Z"
}| Option | Description | Required |
|---|---|---|
--privateKey |
Flow blockchain private key | Yes |
--proxyUrl |
ProxyFox server URL | Yes |
--timeout |
Request timeout in milliseconds | No (default: 30000) |
--verbose |
Enable verbose logging | No |
--input |
JSON input for the request | No |
Error: "Payment verification failed"
Cause: Invalid or expired payment proof
Solution: Ensure your private key has sufficient FLOW balance and the payment timestamp is current
Error: "Connection refused"
Cause: ProxyFox server is not running
Solution: Start the server with `npm run dev`
Error: "Invalid Flow RPC response"
Cause: Flow blockchain network issues
Solution: Check FLOW_RPC_URL in .env file or try switching networks
Enable debug logging by setting:
export DEBUG=proxyfox:*
npm run dev- Payment Verification: ~200ms average response time
- Transaction Confirmation: 1-3 seconds on Flow mainnet
- Concurrent Requests: Supports 1000+ concurrent payment verifications
- Memory Usage: ~50MB for basic operation
- Never commit private keys to version control
- Use environment variables or secure key management systems
- Consider using Flow's account abstraction for enhanced security
- Always use HTTPS in production
- Implement rate limiting on payment endpoints
- Monitor for suspicious payment patterns
- Support for EVM chains (Ethereum, Polygon)
- Solana blockchain integration
- Web dashboard for payment analytics
- Multi-signature wallet support
- Advanced rate limiting and DDoS protection
- Docker deployment configurations