Facilitator

Production-ready x402 payment protocol facilitator — verifies payment signatures and settles transactions on-chain over HTTP 402.

The facilitator is a trusted third party that acts on behalf of resource servers. It does not hold funds — it only validates payment payloads and broadcasts settlement transactions to the blockchain.

Built on r402, the modular Rust SDK for x402.

[!WARNING] This software has not been audited. See Security before using in production.

Quick Start

# Install from crates.io
cargo install facilitator

# Generate a commented config template
facilitator init

# Edit config.toml with your RPC URLs and signer keys, then start
facilitator serve

Docker

# Using pre-built image
docker run -p 8080:8080 -v ./config.toml:/app/config.toml ghcr.io/qntx/facilitator

# Or build from source
docker build -t facilitator .
docker build -t facilitator --build-arg FEATURES=chain-eip155 .   # EVM only
docker run -p 8080:8080 -v ./config.toml:/app/config.toml facilitator

API

CLI

facilitator <COMMAND>

Commands:
  init   Generate a default TOML configuration file
  serve  Start the facilitator HTTP server

Options:
  -h, --help     Print help
  -V, --version  Print version

init

facilitator init [OPTIONS]

Options:
  -o, --output <PATH>  Output path [default: config.toml]
      --force          Overwrite existing file

serve

facilitator serve [OPTIONS]

Options:
  -c, --config <PATH>  Path to TOML config file [default: config.toml]

Configuration

The server loads configuration from a TOML file (default: config.toml). Run facilitator init to generate a fully commented template.

host = "0.0.0.0"
port = 8080

# Global signers — shared across all chains of the same type.
# Env-var references ("$VAR" or "${VAR}") are resolved at startup.
[signers]
evm    = ["$EVM_SIGNER_PRIVATE_KEY"]       # hex, 0x-prefixed
solana = "$SOLANA_SIGNER_PRIVATE_KEY"       # base58, 64-byte keypair

# EVM chains (CAIP-2 key format: "eip155:<chain_id>")
[chains."eip155:8453"]
rpc = [{ http = "https://mainnet.base.org" }]

[chains."eip155:84532"]
rpc = [{ http = "https://sepolia.base.org" }]

# Solana chains
[chains."solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp"]
rpc = "https://api.mainnet-beta.solana.com"

# Scheme registrations (optional — auto-generated from configured chains)
# [[schemes]]
# id = "v2-eip155-exact"
# chains = "eip155:{8453,84532}"

Environment Variables

Supported Chains

Feature Flags

Disable unused chains to reduce binary size and compile time:

cargo install facilitator --no-default-features --features chain-eip155

Security

[!CAUTION] This software has NOT been audited by any independent security firm.

This service interacts with blockchain networks and processes real financial transactions. Bugs or vulnerabilities may result in irreversible loss of funds.

• No warranty. Provided "AS IS" without warranty of any kind, express or implied.
• Unaudited. The codebase has not undergone a formal security audit.
• Testnet first. Always validate on testnets before deploying to mainnet.
• Key management. Users are solely responsible for the secure handling of private keys and signing credentials. Never commit secrets to version control — use environment variable references in your config.

To report a vulnerability, please open a GitHub Security Advisory — do not file a public issue.

Acknowledgments

• r402 — modular Rust SDK for the x402 payment protocol
• x402 Protocol Specification — protocol design by Coinbase
• coinbase/x402 — official reference implementations (TypeScript, Python, Go)

License

Licensed under either of:

• Apache License, Version 2.0 (LICENSE-APACHE or https://www.apache.org/licenses/LICENSE-2.0)
• MIT License (LICENSE-MIT or https://opensource.org/licenses/MIT)

at your option.

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in this project shall be dual-licensed as above, without any additional terms or conditions.