npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@forgemeshlabs/x402-notary-mcp

v0.1.6

Published

The notary of the x402 agent economy, by ForgeMesh Labs. Cryptographic receipts for AI outputs: notarize any model inference with a signed Ed25519 attestation, sha256 content hash, and Merkle chain-anchor on Base or Solana — $0.001 per call via x402 USDC

Readme

x402 Notary — Cryptographic Receipts for AI Outputs

A ForgeMesh Labs product — the notary of the x402 agent economy.

Prove what your AI said, when it said it, and which model said it.

Every AI output is just text. There's no proof a specific model produced a specific response at a specific time — and as agents start hiring other agents, that trust gap gets expensive. x402 Notary closes it: submit any inference, pay $0.001 in USDC (automatic, via x402 on Base or Solana — no API key, no account), and get back a signed, timestamped, chain-anchored receipt that anyone can verify, free, forever.

We notarize the hash, not your secrets. Your prompt and response are hashed and signed — never stored. Private signed receipts, publicly anchored by batch root.

Quick start: Base (Claude Desktop / Claude Code / any MCP client)

{
  "mcpServers": {
    "x402-notary": {
      "command": "npx",
      "args": ["-y", "@forgemeshlabs/x402-notary-mcp"],
      "env": {
        "WALLET_PRIVATE_KEY": "0x..."
      }
    }
  }
}

WALLET_PRIVATE_KEY is a dedicated low-balance Base wallet for x402 micropayments — never your primary wallet. $1 of USDC notarizes 1,000 outputs.

Quick start: Solana

{
  "mcpServers": {
    "x402-notary-solana": {
      "command": "npx",
      "args": ["-y", "@forgemeshlabs/x402-notary-mcp"],
      "env": {
        "NOTARY_RAIL": "solana",
        "NOTARY_BASE_URL": "https://notary-solana.forgemesh.io",
        "SOLANA_PRIVATE_KEY": "[1,2,...]"
      }
    }
  }
}

SOLANA_PRIVATE_KEY is a dedicated low-balance Solana keypair for x402 micropayments. It may be a JSON byte array, base58, base64, or hex-encoded 32/64-byte key. Never use your primary wallet.

Verification needs no wallet at all. Skip the env block entirely and you can still verify receipts, inspect attestations, and read live stats.

Tools

| Tool | Cost | What it does | |---|---|---| | notarize_inference | $0.001 | Signed receipt for one {prompt, response, model_id} | | notarize_batch | $0.005 | Up to 20 receipts in one call — built for audit trails | | verify_attestation | free | Check any receipt: signature, content hash, Merkle proof | | get_receipt | free | Fetch the public proof material for an attestation | | notary_stats | free | Live volume, top models, anchored batches | | notary_pubkey | free | The notary's Ed25519 key — verify receipts fully offline |

What a receipt proves

When you notarize an inference you get an attestation:

{
  "attestation_id": "att_64d22f5f5c95d0e759ad54dc",
  "content_hash": "sha256 of {prompt, response, model_id, timestamp}",
  "signature": "Ed25519 — verifiable offline against the public notary key",
  "notarized_at": "2026-07-03T02:47:11.000Z",
  "anchor": { "status": "sealed", "merkle_root": "…", "proof": ["…"] }
}

That's proof of three things:

  1. Existence — this exact content existed at this exact time.
  2. Integrity — change one character of the prompt or response and verification fails.
  3. Independence — signatures verify offline with the published key; Merkle roots anchor batches. You don't have to trust the notary's word after the fact.

Verify anything, free, from anywhere

Any agent (or human, or CI job) can check a receipt before acting on the output behind it:

curl -s https://notary.forgemesh.io/api/verify \
  -H 'content-type: application/json' \
  -d '{"attestation_id":"att_…","prompt":"…","response":"…","model_id":"openai/gpt-5"}'

"valid": true means the content matches the notarized hash and the notary's Ed25519 signature checks out. Tampered content is rejected with the exact failing check.

When should an agent notarize?

Not every call — the outputs that matter:

  • Agent-to-agent handoffs — prove what you passed downstream came from this model, unmodified
  • Paid deliverables — research, reports, recommendations someone is paying for
  • Compliance & audit trails — decisions that affect money, legal exposure, or reputation
  • Dispute prevention — "this is exactly what was generated, at exactly this time"
  • Marketplace reputation — build a public, verifiable reliability trail for your agent or service

Casual chat and scratchpad reasoning don't need receipts. Externalized outputs do.

Privacy, by design

  • Raw prompts, responses, and metadata are not persisted — the notary computes the hash, signs it, and discards the content.
  • Receipts contain proof material only: hash, signature, timestamps, model id, Merkle proof.
  • Only Merkle batch roots are anchored on-chain. Your content never touches a public chain.
  • Verification works by you supplying your original content — the notary can't reveal what it never kept.

How payment works

No signup, no API key, no subscription. The first request returns an HTTP 402 challenge; your MCP client signs a USDC payment authorization and retries. Base uses EIP-3009; Solana uses the x402 SVM exact rail. The receipt lands in the same response — including the payment transaction hash under _payment.

Direct API

Prefer raw HTTP? The full agent-readable surface:

  • https://notary.forgemesh.io/llms.txt — one-page summary for agents
  • https://notary.forgemesh.io/openapi.json — OpenAPI 3.1 with x402 payment metadata
  • https://notary.forgemesh.io/.well-known/x402.json — x402 discovery manifest
  • https://notary-solana.forgemesh.io/llms.txt — Solana rail summary
  • https://notary-solana.forgemesh.io/openapi.json — Solana OpenAPI 3.1 with x402 metadata
  • https://notary-solana.forgemesh.io/.well-known/x402.json — Solana x402 discovery manifest

FAQ

Is my prompt stored anywhere? No. The hash is computed, signed, and the raw text is discarded. This is the default and only mode.

Do I need an account or API key? No. x402 payments are the only credential.

What does verification cost? Nothing, for anyone, forever. Charging to verify would defeat the point of a trust primitive.

What chain and token? USDC on Base mainnet (eip155:8453) by default. Set NOTARY_RAIL=solana and NOTARY_BASE_URL=https://notary-solana.forgemesh.io for Solana mainnet USDC.

Can I verify receipts without contacting the notary? Yes — fetch the Ed25519 public key once (notary_pubkey) and verify signatures offline.

Why "x402 Notary"? x402 is the open protocol that lets AI agents pay for services in USDC over plain HTTP — and this is its notary: the attestation layer agents use to prove and verify each other's outputs before money or reputation moves on them.


Built by ForgeMesh Labs · Powered by the x402 protocol · MIT License