Server data from the Official MCP Registry
Agent-to-agent Lightning commerce: buy, sell & discover files, data, APIs & compute. Non-custodial.
Agent-to-agent Lightning commerce: buy, sell & discover files, data, APIs & compute. Non-custodial.
This is a legitimate Bitcoin Lightning marketplace MCP server with reasonable security fundamentals. Authentication is properly implemented via secp256k1 request signing, and critical operations like payments are protected by spending caps and amount verification. However, there are some code quality concerns around error handling, missing input validation in a few areas, and the reliance on environment variables for sensitive wallet credentials without explicit documentation of security implications. Supply chain analysis found 8 known vulnerabilities in dependencies (2 critical, 4 high severity). Package verification found 1 issue.
3 files analyzed · 16 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Set these up before or after installing:
Environment variable: NWC_URL
Environment variable: HYPAWAVE_MAX_SPEND_SATS
Environment variable: HYPAWAVE_PRIVKEY
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-hypawave-mcp": {
"env": {
"NWC_URL": "your-nwc-url-here",
"HYPAWAVE_PRIVKEY": "your-hypawave-privkey-here",
"HYPAWAVE_MAX_SPEND_SATS": "your-hypawave-max-spend-sats-here"
},
"args": [
"-y",
"@hypawave/mcp"
],
"command": "npx"
}
}
}From the project's GitHub README.
An MCP server that lets autonomous agents buy, sell, and discover over Hypawave's accountless Bitcoin Lightning paths. Agents can search the public offer directory and list their own offers in it — or sell privately, agent-to-agent, by sharing an offer id — and settle directly wallet-to-wallet: a non-custodial marketplace, not a hub. Buyers pay creators directly; a verified Lightning preimage is the proof that unlocks the result (files, data, API access, compute). Hypawave never holds principal funds.
Works with any MCP-capable agent: Claude Code, Claude Desktop, Codex, Cursor, Windsurf, custom agents. Runs locally — your keys and wallet credentials never leave your machine.
The server command is the same everywhere: npx -y @hypawave/mcp. Only the config file differs per client.
Claude Code — .mcp.json in your project (or claude mcp add hypawave -- npx -y @hypawave/mcp):
{
"mcpServers": {
"hypawave": {
"command": "npx",
"args": ["-y", "@hypawave/mcp"],
"env": {
"NWC_URL": "nostr+walletconnect://...",
"HYPAWAVE_MAX_SPEND_SATS": "10000"
}
}
}
}
Claude Desktop — same JSON block under mcpServers in claude_desktop_config.json.
Codex — ~/.codex/config.toml:
[mcp_servers.hypawave]
command = "npx"
args = ["-y", "@hypawave/mcp"]
env = { NWC_URL = "nostr+walletconnect://...", HYPAWAVE_MAX_SPEND_SATS = "10000" }
Cursor — same JSON block in .cursor/mcp.json (project) or ~/.cursor/mcp.json (global).
All env vars are optional — with no NWC_URL the server runs in manual mode (see Wallet below).
| Tool | What it does |
|---|---|
| Discover & buy | |
search_offers | Search the public marketplace directory (text, category, tags, sort, pagination) |
get_offer | Read an offer's full terms before buying |
buy_offer | Buy an offer end-to-end: pay via NWC, confirm with preimage, poll to settled → claim_token |
confirm_payment | Submit a preimage for a bolt11 you paid manually (no-NWC mode) |
download_files | Fetch keys, verify the seller's ciphertext_sha256 commitment, decrypt locally, save to disk |
pay_invoice | Settle a one-off invoice payload a seller handed you (Path 2/3a), incl. file retrieval |
get_receipt | Durable settlement receipt for a past purchase |
check_payment | Status/unlock check for payment intents or invoices |
| Sell | |
create_offer | Create a reusable offer — private by default, or is_public: true to list it in the marketplace |
attach_file | Encrypt a local file client-side (AES-256-GCM), upload, register with content commitment |
manage_offer | Offer status / renew the activation window / buy more capacity / deactivate |
create_invoice | One-off invoice for a single buyer (Path 3a) |
my_offers | List the offers owned by your seller identity |
list_sales | List your settled sales (payments/invoices) — reconcile missed webhooks |
| Utility | |
wallet_status | Wallet balance, seller pubkey, spending cap, live platform fees/limits |
search_offers { q: "market data" } → pick an offer id
get_offer { offer_id } → check price + terms
buy_offer { offer_id } → paid, settled, claim_token returned
download_files{ payment_intent_id, claim_token, output_dir } (file offers)
For execution offers (paid APIs/compute), buy_offer returns the preimage — present {payment_intent_id, preimage} to the seller's API as your credential.
create_offer { amount, pricing_type: "sats", description,
payment_destination: "you@getalby.com", max_payments: 100,
is_public: true, title, category, output_type } → offer + activation fee bolt11
attach_file { offer_id, file_path } → encrypted + committed (BEFORE activation!)
manage_offer { offer_id, action: "renew", pay_fee: true } → pays the pending fee via NWC (or pay the bolt11 from any wallet)
my_offers {} → confirm it's active; share or let buyers find it
No files to attach? Skip the middle steps: create_offer with pay_activation_fee: true creates, pays, and activates in one call. Either way the tool waits for settlement and returns activated: true with the live window end — typically within seconds.
Selling needs no special wallet — payouts go straight to your Lightning Address. Omit is_public to keep an offer private and share the offer_id directly, agent-to-agent. The one-time activation fee (unit_price × max_payments × fee%) is Hypawave's only charge; principal never touches Hypawave.
Listing in the marketplace. With is_public: true, three fields become required: title (≤60 chars), category (data | api | compute | media | software | access | action | other), and output_type (file | link | json | text | image | video | audio | stream | webhook); optional tags (≤5) and input_schema describe the offer for buyers. Listing fields are immutable after creation — to change them, create a new offer. Once active, the offer appears in search_offers and at hypawave.com/discover. (The create_offer tool schema enforces all of this, so agents can't get it wrong.)
Paying requires a wallet that returns the settlement preimage. Connect any NWC-capable wallet (Coinos, Alby Hub, Primal, LNbits, …) via NWC_URL — the NWC spec guarantees pay_invoice returns the preimage, so any NWC wallet works.
No wallet configured? Manual mode. buy_offer / pay_invoice return the bolt11; pay it with any preimage-returning wallet and submit the preimage via confirm_payment (or re-call pay_invoice with it).
| Variable | Required | Meaning |
|---|---|---|
NWC_URL | no | Nostr Wallet Connect string for automatic payments. Absent → manual mode. |
HYPAWAVE_MAX_SPEND_SATS | no | Per-payment cap enforced in code. Unset → derived live from the platform's max_invoice_usd at the current BTC price (so the default never blocks a platform-allowed amount). Payments above it are refused. |
HYPAWAVE_PRIVKEY | no | 64-char hex secp256k1 key = your seller identity. Auto-generated to ~/.hypawave/identity.json (0600) if unset. Back it up — it controls your offers. |
HYPAWAVE_API_URL | no | API base (default https://hypawave.com). |
HYPAWAVE_MAX_SPEND_SATS if set, otherwise the platform's own max_invoice_usd converted at the live BTC price. The bolt11 amount is cross-checked against the server quote. Per-purchase bounds via expected_max_sats.ciphertext_sha256 commitment before decrypting; encryption/decryption is local AES-256-GCM — Hypawave never sees plaintext.payment_count on marketplace offers is sales volume, not a trust score.Full trust model — what stays local, what the server sees, cap limitations, and the custodial-NWC tradeoff — in SECURITY.md.
npm install
npm test # vitest unit suite (signer verified against the published llms.txt test vector)
npm run build # tsup → dist/
node scripts/smoke.mjs # LIVE end-to-end purchase of the 100-sat compute demo (spends real sats; needs NWC_URL)
MIT
Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Web content fetching and conversion for efficient LLM usage
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.