deploy/monitor.py probes /health, /mcp/rpc initialize, /scan x402 challenge,
and reads USDC.balanceOf(wallet) on Base mainnet via public RPC. Appends one
JSON line per run to data/monitor.jsonl and persists state to detect:
- service_down / ingest_stale / mcp_transport_broken / x402_misconfig
- FIRST_PAYMENT_RECEIVED (when wallet balance crosses 0)
- balance_changed (delta vs previous run)
Installed as aegis402-monitor.{service,timer} on the VPS with hardened
systemd sandbox (NoNewPrivileges, ProtectSystem=strict, ReadWritePaths
limited to data/). Timer active, first run green: cves=500, mcp=ok,
x402 challenge returns 402 with payTo=0x3D1F...4ff6, balance=0 USDC.
Implements the real MCP transport per spec 2025-03-26 so Smithery/mcp.so/
glama auto-scanners actually recognize Aegis402 as an MCP server.
- src/mcp_rpc.py: stateless JSON-RPC handler with initialize, ping,
tools/list, tools/call, notifications, batches, Origin validation
- /mcp/rpc routes wired in src/server.py (POST + 405 GET)
- tools/call enforces x402 via the same middleware as /scan; payment
required is returned as JSON-RPC error -32001 with the full x402
challenge in the data field
- mcp_manifest + server-card + sitemap + landing all point to /mcp/rpc
- 9/9 in-process tests pass; prod smoke tests confirm initialize,
tools/list, paid tools/call, and 405 GET all behave per spec
- Add /.well-known/mcp/server-card.json (Smithery auto-scan endpoint)
- Sitemap.xml now lists both well-known endpoints
- JOURNAL.md: full audit of marketplace auth walls (mcpservers.org=$39, mcp.so/smithery/glama=login)
- JAOUAD_TODO.md: updated with concrete copy-paste instructions for the 3 directories
- STATE.md: phase 4 marked blocked by auth walls until human steps in
- deploy/inspect_*.py + submit_mcpservers.py: playwright probes (kept for re-runs)
Pay-per-call CVE intelligence MCP server.
x402 native USDC settlement on Base mainnet.
GHSA + CISA KEV data sources, refreshed hourly.
Built and deployed autonomously, zero capital.
Kaouani Jaouad