Open-source building blocks for:
- sovereign commerce and machine-payable APIs
- spatial coordination and fair meeting points
- spoken-word, Nostr, and zero-knowledge identity primitives
- jurisdiction and professional-registry intelligence
Built on Nostr, Lightning, and zero-trust cryptography. The projects in this org are designed to work standalone or as composable parts of a larger stack.
Visual guides: Ecosystem overview | L402 pipeline | Identity stack
- toll-booth: charge for an HTTP API. Add toll-booth-announce, toll-booth-dvm, 402-announce, 402-indexer, and 402-pub for discovery and NIP-90 exposure.
- 402-mcp: let AI agents discover and buy paid APIs. Pair it with toll-booth and 402-pub.
- rendezvous-kit: build fair meeting-point or spatial apps. Add geohash-kit and rendezvous-mcp.
- spoken-token: add human-speakable rotating verification codes. Pair it with canary-kit.
- nsec-tree: derive deterministic, unlinkable Nostr sub-identities from one master secret. Use it when one seed needs separate identities for roles, apps, bots, or privacy boundaries. Add nsec-tree-cli for an offline-first CLI.
- canary-kit: build spoken verification, duress detection, or privacy-preserving identity flows. Add ring-sig, range-proof, and shamir-words.
- nostr-attestations: one Nostr event kind for all attestations — credentials, endorsements, vouches, provenance, licensing, and trust (NIP-VA, kind 31000).
- jurisdiction-kit: work with jurisdiction and professional-registry data. Pair it with canary-kit for identity-sensitive flows.
toll-booth -> toll-booth-announce -> 402-announce -> 402-indexer -> 402-pub -> 402-mcp: charge for an API, announce it on Nostr, index it, publish it in a directory, and let AI agents consume it.geohash-kit -> rendezvous-kit -> rendezvous-mcp: encode spatial data, compute fair meeting points, and expose the workflow to AI agents.nsec-tree -> spoken-token / canary-kit: derive purpose-specific Nostr identities, then attach spoken verification or higher-trust identity flows.nostr-attestations -> canary-kit / jurisdiction-kit: issue verifiable attestations on Nostr with identity verification and jurisdiction context.spoken-token -> canary-kit -> ring-sig / range-proof / shamir-words: combine spoken verification, privacy-preserving proofs, and human-recoverable secret handling.
Make APIs payable, discoverable, and consumable by people and agents.
Start with toll-booth to put a Lightning paywall in front of an API. Add announcement and indexing repos for discovery, then 402-mcp when the client is an AI agent.
| Repository | What it does |
|---|---|
| toll-booth | Any API becomes a Lightning toll booth in one line. L402 middleware for Express, Hono, Deno, Bun, and Workers. |
| 402-announce | Announce HTTP 402 services on Nostr for decentralised discovery using kind 31402 parameterised replaceable events. |
| 402-mcp | MCP client for AI agents to discover, pay for, and consume L402 and x402 APIs. |
| 402-pub | 402.pub ecosystem landing page and live directory for Lightning-paid APIs. |
| toll-booth-announce | Bridge between toll-booth and 402-announce so a toll-booth service can be announced on Nostr. |
| toll-booth-dvm | Expose any toll-booth-gated API as a NIP-90 Data Vending Machine on Nostr. |
| 402-indexer | Nostr-native crawler that discovers L402 and x402 paid APIs and publishes kind 31402 events. |
| aperture-phoenixd | Use Phoenixd as the Lightning backend for Aperture, with no LND required. Go |
| aperture-announce | Announce Aperture L402 services on Nostr for decentralised discovery. Go |
Build location-aware workflows and fair meeting-point tools.
Start with rendezvous-kit for meeting-point logic. Use geohash-kit for geospatial primitives and Nostr location filters. Use rendezvous-mcp when you want that flow exposed to agents.
| Repository | What it does |
|---|---|
| geohash-kit | Zero-dependency geohash toolkit for encoding, decoding, polygon coverage, and Nostr location filters. |
| rendezvous-kit | Find fair meeting points for N participants with isochrone intersection, venue search, and fairness scoring. |
| rendezvous-mcp | MCP server for AI-driven fair meeting-point discovery. |
Build spoken verification, anti-deepfake, deterministic Nostr identity trees, and privacy-preserving cryptographic workflows.
Start with spoken-token for human-speakable rotating codes, nsec-tree for deterministic unlinkable Nostr identities, or canary-kit for full spoken-verification flows with duress detection and group sync.
| Repository | What it does |
|---|---|
| spoken-token | TOTP, but you say it out loud. Derive time-rotating, human-speakable verification tokens from a shared secret. |
| nsec-tree | Deterministic Nostr sub-identity derivation. One master secret, unlimited unlinkable identities. |
| nsec-tree-cli | Offline-first CLI for nsec-tree with derivation, proofs, and Shamir recovery. |
| canary-kit | Deepfake-proof identity verification with per-member spoken words, silent duress detection, encrypted group sync, and an open protocol. |
| ring-sig | SAG and LSAG ring signatures on secp256k1 for proving group membership without revealing identity. |
| range-proof | Pedersen commitment range proofs on secp256k1 for proving a value is in range without revealing it. |
| shamir-words | Split secrets into human-readable BIP-39 word shares using Shamir's Secret Sharing over GF(256). |
| nostr-attestations | One Nostr event kind for all attestations — credentials, endorsements, vouches, provenance, licensing, and trust. NIP-VA (kind 31000). |
Work with jurisdiction and professional-registry intelligence for regulated or identity-sensitive flows.
| Repository | What it does |
|---|---|
| jurisdiction-kit | Professional body registries and jurisdiction intelligence for 30+ countries, including compliance, data protection, and mutual recognition contexts. |