[Feature Request] Add spending controls / circuit breakers for agent payments #32
Description
Hey @microchipgnu — love what you're building with MCPay.
One gap I keep running into with x402 MCP payment flows: there's no guardrail layer between an agent deciding to pay and the payment executing. In production, this means:
- Agent retries a failed request 50 times → 50 charges
- Prompt injection tricks agent into paying a drainer address
- Daily spend blows past budget with no alert
- No way to enforce per-endpoint spending policies across MCP servers
I'm building PaySentry — a control plane that sits between the agent and the payment protocol. It adds:
- Per-agent spending limits (daily/hourly/per-tx)
- Endpoint whitelisting
- Circuit breakers on anomalous patterns
- Full audit trail
The @paysentry/x402 adapter wraps any x402 facilitator client with policy enforcement:
import { PaySentryX402Adapter } from '@paysentry/x402';
const adapter = new PaySentryX402Adapter(
{ policyEngine, spendTracker },
{ circuitBreaker: { failureThreshold: 5, recoveryTimeoutMs: 30_000 } }
);
adapter.withLifecycleHooks(yourX402Server);Integration Points
I see a few natural touch points with MCPay:
- Monetizer Proxy Layer: Add optional PaySentry middleware before payment execution
- Client SDK: Wrap the wallet adapter with spending policy enforcement
- Registry: Flag MCP servers that support PaySentry-compatible policies
This would address common pain points I've seen:
- Agents running wild on Base/Avalanche with no spending cap
- No way to block suspicious payment patterns in real-time
- Per-token pricing blowing up when agents loop on bad responses
Would love to build an integration with MCPay. Happy to do the work and submit a PR. Would that be welcome?
Context: