Developer Integration Tools
Reference implementations and copy-paste building blocks for teams that need to add TDM payments into existing projects.
Documentation • API Reference • GitHub • X/Twitter
████████╗ ██████╗ ███╗ ███╗
╚══██╔══╝ ██╔══██╗ ████╗ ████║
██║ ██║ ██║ ██╔████╔██║
██║ ██║ ██║ ██║╚██╔╝██║
██║ ██████╔╝ ██║ ╚═╝ ██║
╚═╝ ╚═════╝ ╚═╝ ╚═╝
TDM Integration Kit [V0.1]
CLI + Client + MCP
Mode: local-first | Docs: todealmarket.com/docs
This kit gives developers three public integration surfaces they can use from almost any stack:
tdmCLI for shellable flows- local signer HTTP on
127.0.0.1for advanced local agents - MCP for agent runtimes that already speak MCP
The public GitHub repo for tdm-sdk shows the open contract-facing SDK
surface: https://github.com/ToDealMarket/tdm-sdk
The current tdm-sdk npm beta used throughout this kit remains broader and
includes the CLI and operator flows referenced below.
It also now covers the local catalog and runtime-ops path:
- named storage roots
- folder import and sync
- watch loops for long-lived operator machines
- local or tunnel publish flows for stored assets and folders
- optional
tdm workspaceorchestration for reusable vault + storage + agent contours tdm status,tdm where, andtdm workspace statusfor the main operator view
client: tiny@tdm/clientwrapper for CLI + local signerexamples: copy-paste recipes for common stacksmcp-server: standalone@tdm/mcp-serverreference package
- Install and connect TDM.
npm install -g tdm-sdk
tdm connect
tdm statustdm connect now stores your primary wallet locally. In the current
multi-wallet MVP, you can keep one wallet per supported network for local
signing and seller payouts, and tdm connect also attempts a safe default
payout sync for the same network when that payout slot is still empty.
- it does not overwrite an already saved payout wallet automatically
- use
tdm connect --no-sync-payout-walletif you want a local-only connect - if your account requires step-up for a new payout destination, run
tdm security totp enroll, thentdm security totp verify, and reruntdm connector usetdm payout wallets set - you can save payout wallets per network, so for example one wallet can be
used for
Solanaand another forBase/EVM without replacing the other
tdm security totp enroll now opens a local setup page with a QR by default.
Use --no-browser when you want terminal-only setup with the secret or
otpauth:// URL.
If an operator jumps straight into a live command such as tdm make payable,
tdm payout request, or tdm unlock, the interactive CLI can now auto-start the same Live TDM
setup instead of leaving the runtime half-configured.
Agent isolation is vault-first, not fuzzy session magic:
- the selected vault comes from
--vault <name>, orTDM_VAULT, or the active vault marker written bytdm vault use - each named vault has its own credentials file under
~/.tdm/vaults/<name>/credentials.json - keyring refs are namespaced per vault, so the same agent name in two vaults does not collide
- agents are stored under that vault's local
credentials.agentsmap and are registered live from that same vault contour - MCP follows the same resolution order, so it reads one explicit vault context instead of merging multiple vaults together
In practice, one agent belongs to one selected vault at a time. Workspaces can attach agents for orchestration, but they do not replace vault ownership.
- Start the local signer if your integration needs local signatures.
tdm signer serveBy default, TDM now asks the OS for a random free localhost port and prints the exact base URL plus signer token.
- Save the printed signer token and signer URL.
TDM_SIGNER_TOKEN=...
TDM_SIGNER_URL=http://127.0.0.1:<printed-port>If you want a fixed port for local development examples, start it explicitly with one:
tdm signer serve --port 41001- Smoke test the local signer.
curl http://127.0.0.1:<printed-port>/v1/health- Pick a recipe from
examplesor use@tdm/client.
If the operator wants to keep files on their own machine or server instead of moving everything into external hosting first, the public CLI path is now:
tdm storage add media ./seller-storage --use
tdm storage import-dir ./products/docs --storage media
tdm storage publish ./products/docs --storage media --mode tunnel
tdm workspace create seller-lab --storage media --use
tdm workspace attach-agent seller-lab worker-1
tdm status
tdm workspace status
tdm make payable --asset <asset-id> --storage media --price 0.05That flow keeps the catalog local-first while still allowing public delivery through a tunnel or other operator-managed hostname.
If an integration needs a stricter outbound policy, TDM now supports an optional layered allowlist:
- project allowlist for shared defaults across the repo
- vault allowlist for one isolated contour and the agents inside it
This layer is optional. If you do not configure it, the runtime keeps the broader flexible behavior instead of blocking routes by default.
tdm trust verify domain --target api.example.com --resource res_demo123
tdm allowlist add api.example.com
tdm allowlist add api.example.com --scope vault --vault seller-bot --verified
tdm allowlist check https://api.example.com/private/route --vault seller-bot
tdm allowlist list --vault seller-botStart with the smallest surface that solves the task:
- use
CLIwhen the host project can shell out and just needs payment setup or payable resource registration - use
@tdm/clientwhen you want one JavaScript entrypoint for CLI plus local signer access - use
chargeFetchHandler(...),chargeExpressHandler(...),tdm-sdk/authorize,tdm-sdk/checkout,tdm-sdk/session-tanks, orcreateGatewayClients(...)when you want a direct live gateway integration in JavaScript without building a fake monolithic SDK wrapper - use
Local signer HTTPwhen the host project is Python, Go, Ruby, or mixed-stack - use
MCPwhen the runtime already speaks MCP and only needs session checks or payment guidance
Treat the examples as reference implementations, not as plugins that must be installed exactly as-is.
For recovery and sweep-style flows, the current public SDK behavior is:
- Solana Jupiter:
- with
JUPITER_API_KEY, usehttps://api.jup.ag/swap/v1 - without a key, the SDK keeps a compatibility fallback to
https://lite-api.jup.ag/swap/v1
- with
- Base Odos:
- without
ODOS_API_KEY, usehttps://api.odos.xyz - with
ODOS_API_KEY, usehttps://enterprise-api.odos.xyz
- without
These details matter for builders wiring local recovery helpers or copying SDK examples into their own stack.
This kit is for:
- coding agents integrating TDM into existing apps
- developers adding paid access to APIs, routes, tools, bots, and local workflows
- teams that want a practical starting point instead of building every integration piece from scratch
This kit is not the buyer-facing checkout product.
End buyers should not need to install npm or run local TDM tooling just to pay. For broad buyer adoption, the right path is a hosted or embedded checkout surface on top of TDM, while this kit remains the integration layer for builders.
Public payable resources can also be exposed through shareable discovery and checkout entry points:
- x402/Bazaar-style listing feed:
GET /api/v1/bridge/x402/resources - MPP-style service feed:
GET /api/v1/bridge/mpp/services - MPP-oriented discovery text feed:
GET /api/v1/bridge/mpp/llms.txt - buyer entry redirect:
GET /api/v1/bridge/buy/:resourceId - programmatic checkout-session entry:
POST /api/v1/bridge/purchase
These endpoints do not replace TDM checkout or authorization. They help external tools, directories, and lightweight clients find a resource and enter the normal purchase flow.
|
Best when:
|
Best when:
|
|
Best when:
|
Available in
|
@tdm/clientis intentionally thin; it keeps the public integration path explicit@tdm/clientis for CLI plus local signer workflows; it is not the new live gateway facade layer- local signer mode is for advanced users and custom integrations
- review what your app signs and keep wallet credentials in your local environment
- for paid files, prefer short-lived links or inline payloads over permanent public redirects
- use
examples/express-paywallorexamples/nextjs-gatedfor agent or API paths - use
examples/python-fastapiwhen the host stack is Python - use
examples/telegram-botfor bot-style creator or agent delivery
TDM-Agent-Integration-Kit/
├── README.md ← You are here
├── LICENSE ← MIT License
├── client/
│ ├── src/ ← Client source code
│ ├── dist/ ← Built distribution
│ ├── test/ ← Client tests
│ ├── package.json ← Client package config
│ ├── tsconfig.json ← TypeScript config
│ └── README.md ← Client documentation
├── mcp-server/
│ ├── src/ ← MCP server source
│ ├── dist/ ← Built distribution
│ ├── test/ ← MCP server tests
│ ├── package.json ← MCP package config
│ ├── tsconfig.json ← TypeScript config
│ └── README.md ← MCP documentation
└── examples/
├── express-paywall/ ← Express.js integration
├── nextjs-gated/ ← Next.js integration
├── python-fastapi/ ← Python FastAPI integration
├── telegram-bot/ ← Telegram bot integration
└── README.md ← Examples overview
- No private keys in this repo - This is guidance only
- OS keyring required - CLI stores keys securely
- Local signer is localhost-only - Advanced users only
- Review local automations carefully - especially when using advanced local signer flows
- Keep wallet credentials under your control - Never export private keys
Contributions welcome! Please:
- Fork the repository
- Create a feature branch
- Update documentation
- Add examples
- Submit a pull request
MIT License - see LICENSE for details
Built by the TDM team
Website • Documentation • GitHub • X/Twitter