TARS Intelligence
TARS is the verification layer for AI agents on Solana. Pay-per-call risk intelligence — pump.fun token scans, wallet profiles, transaction verification, program audits. No API keys, no signup, no subscription. Settlement happens on-chain in USDC via the X402 protocol.
Built by agents, operated by agents, for agents. Every endpoint is designed to be called directly by autonomous code — a single signed request, a deterministic JSON response, ready to drop into a decision tree.
Quickstart
Three paths, pick the one that fits your runtime. The fastest is MCP — if you use Claude Desktop or Cursor, you can call TARS from within a chat in under a minute.
How X402 payment works
Every paid endpoint follows the same three-step flow defined in the X402 spec. The Dexter facilitator handles signing and settlement — your agent only needs USDC in a wallet.
- 1RequestAgent GETs the endpoint. No headers required on the first call.
- 2402 Payment RequiredServer responds with the X402 challenge — payment amount, recipient address (tarsx402.network's receiver wallet), USDC mint, and the Dexter feePayer. Server sponsors gas; agent only pays USDC.
- 3Sign and retryAgent constructs a signed Solana payment transaction, base64-encodes it into an X-PAYMENT header, and retries. Dexter verifies + settles on-chain. Server returns 200 with the scan result.
Full machine-readable manifest at /.well-known/x402-discovery ↗
All endpoints
Five paid endpoints. Every response follows the same standard schema — risk score, flags, summary, confidence, raw data — so an agent only needs to parse one shape across all calls.
| Endpoint | Price | Use case |
|---|---|---|
| /scan/pumpfun/{mint} | $0.50 | Pre-trade risk check for pump. |
| /scan/token/{mint} | $0.30 | Generic SPL token risk scan. |
| /scan/wallet/{address} | $0.02 | Counterparty risk profile. |
| /verify/tx/{signature} | $0.05 | Post-transaction verification. |
| /scan/program/{id} | $1.00 | Solana program audit. |
/scan/pumpfun/{mint}$0.50Pre-trade risk check for pump.fun tokens. Holder concentration, supply, pump.fun verification status, dev wallet history signals. The endpoint to call before a sniper bot enters a position.
mintBase58 mint address of the pump.fun token
{
"risk_score": 0.41,
"flags": ["dev_holds_significant_supply", "early_concentration"],
"summary": "Moderate risk — dev wallet still holds 8.2% of supply.",
"confidence": 0.83,
"recommendation": "watch",
"reasoning": "Top 10 holders control 62% of supply...",
"data": {
"mint": "2qEHjDLD...pump",
"supply": "1000000000",
"top_10_concentration": 0.62,
"dev_wallet_share": 0.082,
"pump_fun_verified": true
},
"request_id": "a7c91...",
"cached": false,
"ttl_seconds": 60
}/scan/token/{mint}$0.30Generic SPL token risk scan. Mint authority status, freeze authority, holder concentration, supply caps. Works for any Solana SPL token, not just pump.fun.
mintBase58 SPL token mint address
{
"risk_score": 0.15,
"flags": [],
"summary": "Low risk — mint authority renounced, no freeze authority.",
"confidence": 0.91,
"recommendation": "safe",
"data": {
"mint_authority": null,
"freeze_authority": null,
"decimals": 6,
"supply": "1000000000000000"
}
}/scan/wallet/{address}$0.02Counterparty risk profile. Burner patterns, recent activity, transaction failure rate. Call this before following a wallet, sending to an unknown counterparty, or whitelisting a new address.
addressBase58 Solana wallet address
{
"risk_score": 0.28,
"flags": ["high_activity", "high_failure_rate"],
"summary": "Low counterparty risk — normal wallet profile.",
"confidence": 0.78,
"data": {
"age_days": 412,
"tx_count_recent": 2840,
"failure_rate": 0.31
}
}/verify/tx/{signature}$0.05Post-transaction verification. Did the tx succeed, what fees were paid, what was the net SOL movement for the signer. Use after sending to confirm what actually happened on-chain.
signatureBase58 Solana transaction signature
{
"verified": true,
"success": true,
"fee_lamports": 5000,
"signer_sol_delta_lamports": -1000005000,
"slot": 312045678,
"block_time": "2026-05-15T14:22:31Z"
}/scan/program/{id}$1.00Solana program audit. Upgrade authority status, recent upgrade history. Call this before depositing into an unknown protocol or signing transactions that interact with a new program.
idBase58 program ID
{
"risk_score": 0.55,
"flags": ["upgrade_authority_active"],
"summary": "Caution — upgrade authority not renounced. Program code can change.",
"confidence": 0.95,
"data": {
"upgrade_authority": "9xQe...",
"upgrades_last_30d": 2,
"last_upgrade_slot": 311892450
}
}Use TARS from Claude Desktop or Cursor
The tars-mcp package wraps every endpoint as an MCP tool. Once installed, your AI assistant can call TARS scans autonomously during a conversation.
Add this to your claude_desktop_config.json or Cursor MCP settings:
{
"mcpServers": {
"tars": {
"command": "npx",
"args": ["-y", "tars-mcp"],
"env": {
"TARS_API_URL": "https://api.tarsx402.network"
}
}
}
}npm package: tars-mcp ↗. Exposes five tools, one per endpoint. The assistant decides which to call based on the user's question.
Pay from TypeScript / Node
The Dexter X402 SDK takes care of the entire challenge/response cycle. Pass it a Solana keypair, point it at any TARS endpoint, and it handles signing + retry automatically.
npm install @dexterai/x402 @solana/web3.jsimport { wrapFetch } from '@dexterai/x402/client';
import * as fs from 'node:fs';
const secretBytes = JSON.parse(
fs.readFileSync('./payer-keypair.json', 'utf8')
) as number[];
const paidFetch = wrapFetch(fetch, { walletPrivateKey: secretBytes });
const res = await paidFetch(
'https://api.tarsx402.network/scan/wallet/JUP6LkbZbjS1jKKwapdHNy74zcZ3tLUZoi5QNyVTaV4',
);
const scan = await res.json();
console.log(scan.risk_score, scan.summary);The payer wallet needs USDC on Solana mainnet and the Dexter facilitator sponsors gas — no SOL required for the payment itself, though you need a few thousand lamports of rent for the USDC ATA if it doesn't exist yet.
Raw HTTP / curl
If you need to integrate from a language without an X402 SDK, the protocol is plain HTTP. Construct and sign the payment yourself, base64-encode it into X-PAYMENT, and retry.
Step 1 — Request without payment, get the challenge:
curl https://api.tarsx402.network/scan/wallet/JUP6LkbZbjS1jKKwapdHNy74zcZ3tLUZoi5QNyVTaV4Response (402):
{
"error": "Payment required",
"accepts": [{
"scheme": "exact",
"network": "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp",
"amount": "20000",
"maxAmountRequired": "20000",
"asset": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
"payTo": "GoMUdxa3tyKhUuJKEwqF1bvPVUK8qv4VsCisJfRfYfLF",
"maxTimeoutSeconds": 60,
"extra": {
"feePayer": "DeXterR2kQm8AvRHnNPatWkE46TfAcMeBDjb6FySoAb8",
"decimals": 6
}
}]
}Step 2 — Build a signed Solana transfer for amount USDC atoms from your wallet to payTo, with extra.feePayer as fee payer. Serialize, base64 encode, send back:
curl -H "X-PAYMENT: <base64-payment-payload>" \
https://api.tarsx402.network/scan/wallet/JUP6LkbZbjS1jKKwapdHNy74zcZ3tLUZoi5QNyVTaV4Server verifies the signature, settles via Dexter, returns 200 with the scan result. The Dexter facilitator pays the SOL fee — agent only spends USDC.
Response schema
Every scan endpoint returns the same envelope. Numeric fields are stable across endpoint types so agents can route onrisk_score alone.
| Field | Type | Description |
|---|---|---|
| risk_score | number 0–1 | Aggregate risk. 0 = safe, 1 = avoid. Deterministic — derived from rules, not LLMs. |
| flags | string[] | Specific risk signals triggered (e.g. dev_holds_significant_supply). |
| summary | string | One-sentence human-readable verdict. |
| confidence | number 0–1 | How sure TARS is of the result based on data completeness. |
| recommendation | enum | safe · watch · caution · avoid. Drop straight into a decision tree. |
| data | object | Raw measurements — endpoint-specific. Use these to build your own scoring. |
| request_id | uuid | Unique ID for this scan. Cite in support requests. |
| cached | boolean | True if served from cache. Cache TTL is 1–60s by endpoint. |
Errors
| Status | Meaning | What to do |
|---|---|---|
| 200 | Scan succeeded, payment settled. | Parse the response. You can call again immediately. |
| 402 | Payment required. | Read the accepts array, sign a payment, retry with X-PAYMENT. |
| 400 | Bad request — invalid mint, signature, or address format. | Validate input on your side before retrying. |
| 404 | Resource not found — token, tx, or wallet not on Solana. | Don't retry. Treat as a real not-found. |
| 422 | Payment payload rejected by Dexter. | Inspect the body for the Dexter error. Often a stale blockhash — re-sign and retry. |
| 500 | Upstream Solana RPC issue. | Retry with exponential backoff. We auto-recover within seconds. |
Machine-readable discovery surfaces
TARS publishes the same metadata in every format an agent might ingest. Pick whichever your runtime supports.
OpenAPI 3.1 spec↗
Machine-readable definition of every endpoint. Use for auto-generated clients in any language.
Interactive API explorer↗
RapiDoc-rendered reference with request/response schemas and example payloads.
X402 discovery manifest↗
Native X402 service descriptor — accepted networks, prices, payment recipient, fee payer.
AI plugin manifest↗
OpenAI plugin descriptor for marketplaces that ingest this format.
llms.txt↗
Plain-markdown manifest for LLM crawlers (Anthropic, OpenAI, Perplexity).
ai.txt↗
Older plain-text agent directory format.
Contact
TARS runs autonomously, but one human stays available for integration questions and partnership inquiries.