x402 Payment Integration
Seamless micropayments for AI-powered smart contract audits
ZIP Upload: $0.10Address-Based: $0.05
Overview
Veridex offers two methods for professional AI-powered smart contract audits via x402 micropayments:
ZIP Upload
$0.10 USDC- Upload your own Foundry/Hardhat project
- Supports unverified & private contracts
- Full Slither + Claude analysis
Address-Based
$0.05 USDC50% CHEAPER- Just provide contract address
- Auto-fetches from Etherscan
- Requires verified contract on Etherscan
Methods Comparison
| Feature | ZIP Upload | Address-Based |
|---|---|---|
| Price | $0.10 USDC | $0.05 USDC |
| API Endpoint | /ai-audit-pro | /ai-audit-address |
| Input | .zip file (FormData) | Contract address (JSON) |
| Verified Contract Required | ||
| Private/Unverified Contracts | ||
| Supported Networks | Any EVM | Ethereum (more coming) |
| AI Model | Claude Sonnet 4.5 | Claude Sonnet 4.5 |
| Best For | Pre-deployment audits | Deployed contract analysis |
Prerequisites
Node.js & npm
Version 16.x or higher
Wallet with USDC on Base Sepolia
Get testnet USDC from Circle Faucet
Private Key (for programmatic access)
Store securely in environment variables. Never commit!
Installation
npm install x402-fetch viemZIP Upload Audit
Endpoint: POST /ai-audit-pro ā¢ Price: $0.10 USDC
When to use:
- ā¢ Pre-deployment audits for private contracts
- ā¢ Projects not yet deployed on mainnet
- ā¢ Full Foundry/Hardhat project analysis
- ā¢ Contracts not verified on block explorers
1import { wrapFetchWithPayment, decodeXPaymentResponse } from "x402-fetch";
2import { privateKeyToAccount } from "viem/accounts";
3import fs from 'fs';
4
5// ====================================
6// 1. Setup Wallet
7// ====================================
8const PRIVATE_KEY = "0xYourPrivateKey";
9const account = privateKeyToAccount(PRIVATE_KEY);
10
11console.log("ā
Wallet Address:", account.address);
12
13// ====================================
14// 2. Wrap Fetch with Payment
15// ====================================
16const fetchWithPayment = wrapFetchWithPayment(fetch, account);
17
18// ====================================
19// 3. Upload ZIP for Professional Audit
20// ====================================
21async function auditByZip() {
22 try {
23 console.log("\nš Starting ZIP-Based Audit with x402 Payment...");
24 console.log("š° Price: $0.10 USDC");
25
26 // Read your contract ZIP file
27 const zipFile = fs.readFileSync('./my-contract.zip');
28 const formData = new FormData();
29 const blob = new Blob([zipFile], { type: 'application/zip' });
30 formData.append('file', blob, 'my-contract.zip');
31
32 console.log("š¤ Uploading contract and processing payment...");
33
34 const response = await fetchWithPayment('https://api.veridex.space/ai-audit-pro', {
35 method: 'POST',
36 body: formData,
37 });
38
39 console.log("ā
Response Status:", response.status);
40
41 if (!response.ok) {
42 const errorText = await response.text();
43 console.error("ā Server Error:", errorText);
44 return;
45 }
46
47 // Check payment details
48 const xPaymentHeader = response.headers.get("x-payment-response");
49 if (xPaymentHeader) {
50 const paymentResponse = decodeXPaymentResponse(xPaymentHeader);
51 console.log("\nš³ Payment Details:");
52 console.log(paymentResponse);
53 }
54
55 const result = await response.json();
56
57 console.log("\nš Audit Results:");
58 console.log("Analysis ID:", result.analysis_id);
59 console.log("AI Model:", result.ai_model);
60 console.log("Cost:", result.cost_usd, "USD");
61 console.log("\nš Detailed Audit Report:");
62 console.log(result.detailed_audit);
63
64 // Save report to file
65 if (result.detailed_audit) {
66 const filename = `audit-report-${result.analysis_id}.txt`;
67 fs.writeFileSync(filename, result.detailed_audit);
68 console.log("\nā
Report saved to:", filename);
69 }
70
71 } catch (error) {
72 console.error("ā Error:", error.message);
73 }
74}
75
76// ====================================
77// 4. Run Audit
78// ====================================
79auditByZip();ā ļø ZIP Requirements:
- ā¢ Maximum file size: 100MB
- ā¢ Must contain .sol files
- ā¢ Include foundry.toml or hardhat.config.js for best results
Address-Based Audit
Endpoint: POST /ai-audit-address ā¢ Price: $0.05 USDC
When to use:
- ā¢ Auditing already-deployed contracts
- ā¢ Analyzing third-party contracts
- ā¢ Quick security checks on any verified contract
- ā¢ 50% cheaper than ZIP upload!
How it works:
- 1.You provide a contract address + network
- 2.We fetch verified source code from Etherscan API
- 3.Slither analyzes the code for vulnerabilities
- 4.Claude provides detailed audit report
1import { wrapFetchWithPayment, decodeXPaymentResponse } from "x402-fetch";
2import { privateKeyToAccount } from "viem/accounts";
3import fs from 'fs';
4
5// ====================================
6// 1. Setup Wallet
7// ====================================
8const PRIVATE_KEY = "0xYourPrivateKey";
9const account = privateKeyToAccount(PRIVATE_KEY);
10
11console.log("ā
Wallet Address:", account.address);
12
13// ====================================
14// 2. Wrap Fetch with Payment
15// ====================================
16const fetchWithPayment = wrapFetchWithPayment(fetch, account);
17
18// ====================================
19// 3. Audit by Contract Address
20// ====================================
21async function auditByAddress() {
22 try {
23 console.log("\nš Starting Address-Based Audit with x402 Payment...");
24 console.log("š° Price: $0.05 USDC (50% cheaper!)");
25
26 // Example: USDT contract on Ethereum mainnet
27 const contractAddress = "0xdAC17F958D2ee523a2206206994597C13D831ec7";
28
29 console.log("š Contract Address:", contractAddress);
30 console.log("š Fetching verified source from Etherscan...");
31
32 const response = await fetchWithPayment('https://api.veridex.space/ai-audit-address', {
33 method: 'POST',
34 headers: { 'Content-Type': 'application/json' },
35 body: JSON.stringify({
36 contract_address: contractAddress,
37 network: "ethereum"
38 }),
39 });
40
41 console.log("ā
Response Status:", response.status);
42
43 if (!response.ok) {
44 const errorText = await response.text();
45 console.error("ā Server Error:", errorText);
46 return;
47 }
48
49 // Check payment details
50 const xPaymentHeader = response.headers.get("x-payment-response");
51 if (xPaymentHeader) {
52 const paymentResponse = decodeXPaymentResponse(xPaymentHeader);
53 console.log("\nš³ Payment Details:");
54 console.log(paymentResponse);
55 }
56
57 const result = await response.json();
58
59 console.log("\nš Audit Results:");
60 console.log("Analysis ID:", result.analysis_id);
61 console.log("Contract:", result.contract_name);
62 console.log("Address:", result.contract_address);
63 console.log("Network:", result.network);
64 console.log("Compiler:", result.compiler_version);
65 console.log("AI Model:", result.ai_model);
66 console.log("Cost:", result.cost_usd, "USD");
67 console.log("\nš Detailed Audit Report:");
68 console.log(result.detailed_audit);
69
70 // Save report to file
71 if (result.detailed_audit) {
72 const filename = `audit-${result.contract_name}-${result.analysis_id}.txt`;
73 fs.writeFileSync(filename, result.detailed_audit);
74 console.log("\nā
Report saved to:", filename);
75 }
76
77 } catch (error) {
78 console.error("ā Error:", error.message);
79 }
80}
81
82// ====================================
83// 4. Run Audit
84// ====================================
85auditByAddress();š Supported Networks:
ā
Ethereum Mainnetš Baseš Arbitrumš Polygon
API Reference
POST /ai-audit-pro
Upload a ZIP file containing your smart contract project.
Request
// Content-Type: multipart/form-data
const formData = new FormData();
formData.append('file', zipBlob, 'contract.zip');
await fetchWithPayment('https://api.veridex.space/ai-audit-pro', {
method: 'POST',
body: formData,
});Response Format
{
"success": true,
"analysis_id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"audit_type": "zip_upload",
"ai_model": "claude-sonnet-4-5",
"slither_results": {
"success": true,
"detectors": [
{
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium",
"description": "Reentrancy vulnerability found..."
}
]
},
"detailed_audit": "## Security Audit Report\n\n### Executive Summary...",
"timestamp": "2025-12-08T10:30:00.000Z",
"cost_usd": 0.10
}Troubleshooting
ā "Contract is not verified on Etherscan"
The address-based audit requires the contract to be verified on Etherscan.
Solution: Use ZIP upload method instead, or verify your contract on Etherscan first.
ā Insufficient USDC Balance
Your wallet needs USDC on Base Sepolia testnet.
Solution: Get testnet USDC from Circle Faucet
ā ļø "Invalid Ethereum address format"
Address must start with "0x" and be 42 characters long.
Example: 0xdAC17F958D2ee523a2206206994597C13D831ec7
ā ļø "Contract source code too large"
Address-based audits have a 500KB limit for source code.
Solution: For very large contracts, use ZIP upload method.
ā¹ļø Payment Transaction Failed
Check your wallet connection and ensure you have enough USDC + ETH for gas.
FAQ
Which method should I choose?
Use Address-Based ($0.05) for verified deployed contracts. Use ZIP Upload ($0.10) for private, unverified, or pre-deployment contracts.
Why is address-based audit cheaper?
Address-based audits fetch source code from Etherscan, reducing server-side processing. ZIP uploads require extraction, validation, and dependency resolution.
What networks are supported for address-based audits?
Currently Ethereum mainnet only. Base, Arbitrum, Polygon, and BSC coming soon!
What is x402?
x402 is a decentralized micropayment protocol enabling pay-per-use API access. Learn more at x402.org
Is my private key safe?
Your private key is only used locally to sign transactions. Never share it or commit it to version control. Use environment variables.