Clawallex

Pay for anything with USDC. Clawallex converts your stablecoin balance into virtual cards that work at any online checkout.

Features

• - Flash Cards — one-time use virtual cards for single payments
• Stream Cards — reloadable cards for subscriptions, top up with INLINECODE0
• Mode A — pay from your USDC wallet balance
• Mode B — on-chain x402 payment for callers with self-custody wallets (agent or user) — signing is performed by the caller
• Zero dependencies — Python 3.9+ stdlib only

Quick Start

1. Set Up Account

New user — browser signup (recommended):

python3 {baseDir}/scripts/clawallex.py signup

Returns a URL and token. Show the URL to the user, ask them to open it and click Authorize.
The command polls automatically. If polling fails, retry with the token:
CODEBLOCK1

Existing user — connect with API keys:

Get your API Key and Secret at app.clawallex.com/dashboard/settings, then run:
CODEBLOCK2

2. Verify

CODEBLOCK3

Hard Rules

1. 1. Setup first — Run setup --action status before any payment. If not configured: use signup for new accounts, or setup --action connect if the user already has API keys.
2. Check balance first — Run wallet before pay or subscribe to verify sufficient funds (Mode A only).
3. Never expose card secrets — Decrypted PAN/CVV are STRICTLY for filling checkout forms. NEVER display to the user. Show only masked_pan from card-details.
4. Confirm before paying — Echo amount and description back to user before creating a card.
5. One command at a time — Run each command, check output, then proceed.

Typical Flows

Payment Flow (Mode A — Wallet Balance)

CODEBLOCK4

Subscription Flow

CODEBLOCK5

Command Reference

All commands:

CODEBLOCK6

Setup & Identity

User Intent	Command
Quick signup — browser-based new account creation (recommended for first-time setup)	INLINECODE9
Check signup result with existing token

signup-check --token TOKEN | | Connect account | setup --action connect --api-key KEY --api-secret SECRET | | Check config status | setup --action status | | Get sign-up link | setup --action register | | Check API Key binding | whoami | | Bind client_id | bootstrap or bootstrap --preferred-client-id MY_ID |

Payments

User Intent	Command
Pay for something	INLINECODE17
Pay with custom expiry

pay --amount N --description "X" --ttl SECONDS — flash card only; default 86400 (24 h) | | Start subscription | subscribe --amount N --description "X" | | Top up card | refill --card-id CID --amount N |

Wallet & Cards

User Intent	Command
Check balance	INLINECODE21
Deposit funds

recharge-addresses --wallet-id WID | | List cards | cards — returns mode_code (100=Mode A, 200=Mode B) to determine refill path | | Check card balance | card-balance --card-id CID | | Batch check balances | batch-balances --card-ids CID1,CID2 — multiple cards in one call | | Update card controls | update-card --card-id CID --client-request-id UUID [--tx-limit] [--allowed-mcc] [--blocked-mcc] | | Get card details | card-details --card-id CID — returns maskedpan, expiry, balance, firstname, lastname, txlimit, allowedmcc, blockedmcc, encrypted PAN/CVV | | View transactions | transactions |

Advanced (x402 On-Chain)

User Intent	Command
Get x402 payee address	INLINECODE29 — MUST call before Mode B Refill

Setup Flow

When the user wants to use Clawallex for the first time:

1. 1. Run setup --action status to check current configuration.
2. If not configured, ask: "Do you have a Clawallex account?"

- Yes, have API keys: Ask for API Key and Secret, then run:

     setup --action connect --api-key KEY --api-secret SECRET
     

This automatically verifies credentials, binds client_id, and saves locally. - No account yet: Run the browser signup flow:

     signup
     

This generates a URL and a token — show the URL to the user and ask them to open it and click Authorize. The command polls automatically. If polling fails or times out, use the token to retry manually:

     signup-check --token <token from signup output>
     

1. 3. Verify with wallet to confirm connection works.

Signup result statuses — all returned as success: true:

• - pending — user hasn't authorized yet, call signup-check again
• INLINECODE35 — credentials saved, ready to use
• INLINECODE36 — user cancelled, ask if they want to try again
• INLINECODE37 — account already has API keys, switch to INLINECODE38

Mode B Flow (x402 On-Chain, Two-Stage)

Mode B is for callers with self-custody wallets (agent or user) (DeFi bots, autonomous purchasing agents). The agent signs on-chain transactions using its own signing system — no human intervention needed.

Stage 1 — Quote:

pay --amount 200 --description "GPU rental" --mode-code 200 --chain-code ETH --token-code USDC

The 402 response is EXPECTED — it is a quote, NOT an error. Returns:

• - client_request_id, payee_address, asset_address, INLINECODE42
• INLINECODE43, issue_fee_amount, fx_fee_amount, fee_amount, INLINECODE47

Fee structure:

• - flash card: INLINECODE48
• stream card: INLINECODE49

Agent signs — construct and sign an EIP-3009 transferWithAuthorization using your own wallet/signing library and the quote details. Only the resulting signature and your wallet address are needed for Stage 2.
EIP-3009 enables gasless USDC transfers via off-chain signatures. The authorization fields map to:

• - from: your wallet address (the payer)
• INLINECODE53: payee_address from Stage 1 (system receiving address)
• INLINECODE55: maxAmountRequired (payable_amount in token minimal units, USDC = 6 decimals)
• INLINECODE57 / validBefore: unix timestamps (seconds) defining the signature validity window
• INLINECODE59: random 32-byte hex, must be unique per authorization

Stage 2 — Settle (MUST use same clientrequestid):
CODEBLOCK11

Stage 2 constraints:

• - --client-request-id MUST be identical to Stage 1 — a different value creates a NEW order
• INLINECODE61 MUST equal payee_address from Stage 1
• INLINECODE63 MUST equal asset_address from Stage 1
• INLINECODE65 MUST equal payable_amount × 10^decimals (USDC = 6 decimals)
• INLINECODE67 MUST equal x402_reference_id from Stage 1
• INLINECODE69 MUST equal the INLINECODE70
• INLINECODE71 MUST equal payable_amount from Stage 1 (amount + fee_amount)
• INLINECODE74 MUST equal INLINECODE75
• INLINECODE76 MUST equal INLINECODE77
• INLINECODE78 MUST equal INLINECODE79
• Server will force-inject extra.mode=STANDARD — any client-provided value is ignored
• If settle is rejected, order stays pending_payment — fix params and retry with same INLINECODE82

Mode B Refill Flow (no 402 challenge)

Mode B refill goes directly to x402 settle — no 402 challenge stage. Caller signs the EIP-3009 authorization independently using their own wallet/signing library; only the resulting signature and wallet address are submitted. Must call x402-address first to get payee_address.

CODEBLOCK12

Mode B refill idempotency key is x402_reference_id (not client_request_id).
Check cards mode_code to determine which refill path the card uses.

How to Talk to the User

During setup

• - "I need your Clawallex API Key and Secret to get started. You can find them at app.clawallex.com/dashboard/settings."
• If no account: "No problem — I can get you a sign-up link."
• After connect: "You're all set! Want to check your balance?"

During payments

• - Always confirm: "I'll create a $50 card for OpenAI API credits, deducted from your wallet balance. Go ahead?"
• After card creation: "Card created! Let me get the card details for checkout."
• Never show PAN/CVV in conversation. Show only masked_pan if asked.

On errors

• - Don't blame the user. Be actionable: "Your wallet balance is $20 but this needs $50. You can deposit more USDC or try a smaller amount."
• 402 response (Mode B): This is expected — explain it's the first step of a two-stage payment, not an error.

Decrypting Card Sensitive Data

INLINECODE89 returns encrypted_sensitive_data with encrypted PAN/CVV:

1. 1. Derive key: INLINECODE91
2. Decode: nonce = base64_decode(nonce), INLINECODE93
3. Split: encrypted_data = raw[:-16], INLINECODE95
4. Decrypt: AES-256-GCM(key, nonce, encrypted_data, auth_tag) → JSON
5. Result: INLINECODE97

Error Recovery

Error	Cause	Action
"not configured"	No credentials saved	Run setup --action connect with valid credentials
"Invalid credentials"

Wrong API Key/Secret | Check at app.clawallex.com/dashboard/settings | | Insufficient balance | Wallet balance too low | Run recharge-addresses for deposit info, or use Mode B | | 402 response | Mode B Stage 1 (expected) | This is the quote — proceed to Stage 2 with same clientrequestid | | Settle rejected (Mode B) | Invalid x402 params | Order stays pending_payment — fix params and retry with same clientrequestid | | Card not found | Wrong card_id | Run cards to list valid card IDs | | Decryption failed | Bad data or apiSecret changed | Re-fetch via card-details, verify credentials |

Output Format

All commands return JSON:

• - success: true → data in data field, next steps in INLINECODE105
• INLINECODE106 → error message in error field

Key Concepts

• - Flash card: Created by pay. Single-use, auto-destroyed after one transaction. Cannot be refilled.
• Stream card: Created by subscribe. Reloadable, top up with refill.
• Wallet: Your USDC balance. Funds all Mode A operations.
• Mode A (modecode=100): Wallet balance deduction (default).
• Mode B (modecode=200): x402 on-chain USDC payment for callers with self-custody wallets (agent or user). Two-stage (quote → sign → settle). Agent signs EIP-3009 independently; only the signature and wallet address are passed to Stage 2.
• client_id: The agent's stable identity, separate from the API Key. An agent can have multiple API Keys (for rotation/revocation), but client_id never changes. Cards and transactions are isolated per client_id. When switching to a new API Key, keep using the same client_id — the new key auto-binds on first request. Once bound, it cannot be changed (TOFU). Stored locally at ~/.clawallex/credentials.json.