npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@steamlink/server

v0.0.1

Published

> x402 payment middleware for Nexus game endpoints — monetize HTTP routes, settle on Base.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

philosanjayphilosanjay

Keywords

Readme

@steamlink/server

x402 payment middleware for Nexus game endpoints — monetize HTTP routes, settle on Base.

What it is

@steamlink/server puts an x402 paywall in front of your HTTP endpoints. Use it to charge entry fees, paid actions, or any monetized route: a request with no payment gets a 402 challenge; a request carrying a valid redemption is verified on-chain and allowed through.

The verification work sits behind a FacilitatorAdapter port, so your route code never touches a concrete provider. The default DelegationFacilitator is delegation-aware: instead of demanding a fresh payment signature, it redeems the player's existing session delegation — the single ERC-7710 grant they signed once at joinRoom(), bounded by their on-chain budget caveats. Payments settle in USDC on Base, and the token address is resolved from relayer capabilities (never hardcoded).

The middleware is framework-agnostic at its core, with thin adapters for Express and Hono.

Install

npm install @steamlink/server

Key exports

Monetize middleware

  • monetize — the canonical middleware factory (defaults to the Express adapter).
  • monetizeExpress(opts, runtime?) — Express middleware: 402 on missing/invalid payment, attaches req.settlement and calls next() on success.
  • monetizeHono(opts, runtime?) — Hono middleware: returns the 402 JSON, or stashes the settlement via c.set("settlement", …) and calls next() on success.
  • createMonetizeHandler(opts, runtime?) — the framework-agnostic handler the adapters wrap; returns (req) => Promise<MonetizeResult>.
  • statusForError(err) — maps a NexusError to the HTTP status the middleware uses.
  • PAYMENT_HEADER ("x-payment"), PAYER_HEADER ("x-payer") — header names by convention.

Types: MonetizeOptions, MonetizeRuntime, MonetizeRequest, MonetizeResult (Challenge402Result | RejectResult | PassResult), and the per-framework types ExpressMiddleware / ExpressRequestLike / ExpressResponseLike / ExpressNext and HonoMiddleware / HonoContextLike / HonoNext.

Facilitator (the x402 seller side)

  • FacilitatorAdapter — the port: challenge(req) builds the 402 body and mints a single-use nonce; verify(redemption) confirms settlement on Base (idempotent on the nonce).
  • DelegationFacilitator — the default delegation-aware adapter.
  • DelegationFacilitatorConfig — its config (capabilities resolver, Base public client, nonce store, TTL, min confirmations, recipient authorization).
  • DEFAULT_MIN_CONFIRMATIONS.
  • Port data types: PaymentRequest, Challenge402, Redemption, Settlement.

Settlement verification

  • verifyTransferOnChain(params) — reads the receipt and confirms the ERC-20 transfer.
  • Types: ReceiptReaderClient, TransactionReceiptLike, LogLike, VerifyTransferParams.

Nonce store (replay protection)

  • InMemoryNonceStore, randomNonce, DEFAULT_NONCE_TTL_MS.
  • Types: NonceStore, NonceRecord.

Usage

monetize() returns Express middleware. The runtime supplies the default facilitator selected by facilitator: "nexus". The price/asset config is set per-route:

import express from "express";
import { monetize, DelegationFacilitator } from "@steamlink/server";

const facilitator = new DelegationFacilitator({
  // capabilities are the source of truth for the token address + targetAddress
  capabilities: () => relayer.getCapabilities(),
  publicClient, // a viem public client on Base
});

const app = express();
app.use(express.json());

app.post(
  "/rooms/:id/join",
  monetize(
    {
      price: "5", // human units, e.g. 5 USDC
      token: "USDC", // resolved to an address from capabilities
      chain: "base", // Base only
      recipient: "0xPotOrSeller", // must be in the payer's budget caveat
      facilitator: "nexus", // use the default DelegationFacilitator from runtime
      reason: "Room entry fee",
    },
    { defaultFacilitator: facilitator },
  ),
  (req, res) => {
    // Payment verified — req.settlement holds the on-chain Settlement.
    res.json({ joined: true, txHash: req.settlement!.txHash });
  },
);

For Hono, use monetizeHono(...) with the same MonetizeOptions; the verified settlement is read with c.get("settlement"). You can also pass a concrete FacilitatorAdapter directly as facilitator instead of the "nexus" literal.

The middleware expects an authenticated payer (the player's smart account), resolved from req.payer or the x-payer header set by the gateway's auth layer. A redemption is bound to that payer before any settlement is accepted — it is not a bearer token.

Part of Nexus

This is the library for putting x402 in front of your endpoints. It pairs with:

  • @steamlink/core — game definition, ECS, client, and the delegation engine.
  • @steamlink/relayer — the 1Shot relayer client whose capabilities supply the payment token address and targetAddress.

Base only. chain is strictly "base" and settlement happens in USDC on Base.