shack-payment-gateway
An MCP server that gates tool calls behind cryptographic micropayment authorization using Ethereum EIP-191 personal message signing.
It is part of the Shack suite of MCP servers and speaks JSON-RPC 2.0 over stdio (STDOUT carries only protocol messages; all diagnostic logs go to STDERR).
What it does
- Generates a unique EIP-191 challenge string (timestamp + nonce) that a client must sign with their Ethereum private key before calling a paid tool.
- Accepts the resulting signature, recovers the signer's Ethereum address via ECDSA key recovery, and compares it against the configured authorized wallet.
- Returns
verified: truewhen the recovered address matches,verified: falseotherwise. - In permissive mode (no wallet configured), any valid signature is accepted and the recovered address is returned as authorized.
MCP tools
| Tool | Description |
|---|---|
request_authorization |
Generates a cryptographic EIP-191 challenge string the client must sign with their Ethereum private key before calling a paid tool. |
verify_payment |
Verifies an EIP-191 signature against the challenge; returns the recovered signer address and whether it matches the authorized wallet. |
Build
Run
# With a specific authorized wallet (only that address is accepted):
# Via environment variable:
SHACK_AUTHORIZED_WALLET=0xYourWalletAddress
# Permissive mode (no wallet restriction — any valid signature is authorized):
The --authorized-wallet flag (or SHACK_AUTHORIZED_WALLET env var) sets the Ethereum address that verify_payment checks the recovered signer against. If omitted, the server runs in permissive mode.
Tests
Unit tests cover EIP-191 hashing, ECDSA recovery with known test vectors, v-byte normalization (0/1/27/28/EIP-155), and address validation. The integration test in tests/e2e.rs drives the compiled binary end-to-end over stdio, covering the MCP handshake, tool listing, challenge generation, invalid-signature rejection, and unknown-method error handling.