tdm-integration-kit
Health Pass
- License — License: MIT
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Community trust — 13 GitHub stars
Code Fail
- child_process — Shell command execution capability in client/dist/index.cjs
- process.env — Environment variable access in client/dist/index.cjs
- process.env — Environment variable access in client/dist/index.js
Permissions Pass
- Permissions — No dangerous permissions requested
This toolkit provides developers with a CLI, MCP server, and code examples to integrate TDM payment functionality into AI agents, applications, and workflows.
Security Assessment
Overall risk: Medium. The tool allows shell command execution (`child_process`) and accesses environment variables within its compiled client code. The environment variable access is standard practice for managing local configurations, API keys, and wallet information, but the shell execution capability requires careful scrutiny. Because it handles financial transactions and local cryptographic wallet signing, it inevitably deals with highly sensitive data. There are no hardcoded secrets present in the repository. As it operates as a payment integration tool, network requests to external services are a fundamental requirement.
Quality Assessment
The project is actively maintained, with repository updates pushed as recently as today. It uses the permissive and widely accepted MIT license. However, community trust and adoption remain in the very early stages, evidenced by a low audience of only 13 GitHub stars. The documentation is clear, detailing the local-first architecture and providing straightforward setup instructions for developers.
Verdict
Use with caution. The package is open, recently updated, and properly licensed, but its low community adoption, access to environment variables, and inherent shell execution capabilities mean you should thoroughly inspect the financial and wallet-handling logic before integrating it into production environments.
Developer integration tools for adding TDM payments to AI agents, apps, and workflows. CLI, MCP server, and copy-paste examples.
TDM Agent Integration Kit
Developer Integration Tools for TDM DaOS
Reference implementations and copy-paste building blocks for teams integrating with TDM DaOS contracts, payments, and agent runtime surfaces.
Documentation • API Reference • GitHub • X/Twitter
████████╗ ██████╗ ███╗ ███╗ ╚══██╔══╝ ██╔══██╗ ████╗ ████║ ██║ ██║ ██║ ██╔████╔██║ ██║ ██║ ██║ ██║╚██╔╝██║ ██║ ██████╔╝ ██║ ╚═╝ ██║ ╚═╝ ╚═════╝ ╚═╝ ╚═╝ TDM Integration Kit [V0.1.0] DaOS Contracts + Client + MCP Mode: local-first | Docs: todealmarket.com/docs
What is this?
Reference implementations and copy-paste building blocks for integrating with TDM DaOS (Decentralized Agent Operating System). This kit provides:
- A thin JavaScript client (
@tdm/client) for CLI + local signer workflows - A standalone MCP server (
@tdm/mcp-server) with 19 tools for agent runtimes - Examples for Express, Next.js, FastAPI, and Telegram bots
The canonical TDM SDK (npm install -g tdm-sdk) is the full operator surface. This kit documents the integration contracts exposed by that SDK and provides reference building blocks for advanced integrations.
Quick Start
npm install -g tdm-sdk
tdm connect
tdm status
Pick a recipe from examples or use @tdm/client.
What's Inside
| Component | Package | Purpose |
|---|---|---|
mcp-server/ |
@tdm/mcp-server |
MCP stdio server with 19 tools for agent runtimes |
client/ |
@tdm/client |
Thin JS wrapper for CLI + local signer HTTP |
examples/ |
-- | Copy-paste integration recipes |
MCP Server (@tdm/mcp-server)
A standalone MCP stdio server exposing TDM session state, capabilities, plugins, memory, and budget context to agent runtimes.
Available Tools
| Tool | Description |
|---|---|
tdm_get_session_state |
Read local wallet, balance, setup hints |
tdm_capability_list |
List machine-readable capabilities |
tdm_agent_status |
Agent readiness, runtime, storage, gateway status |
tdm_agent_readiness |
Short agent checklist for handoff |
tdm_agent_runtime_report |
Wide bounded runtime surface |
tdm_plugin_list |
List registered contour plugins |
tdm_plugin_get |
Read single plugin card |
tdm_hub_catalog_list |
List Hub catalog entries (filterable, paginated) |
tdm_hub_install_plan |
Read Hub install plan (governance-aware) |
tdm_contour_run_list |
List recent contour run metadata |
tdm_contour_run_latest |
Read latest contour run summary |
tdm_checkpoint_list |
List checkpoint metadata |
tdm_budget_status |
Read budget/scope status |
tdm_memory_health |
Read TDM Agent Memory health |
tdm_memory_recall |
Search scoped memory records |
tdm_memory_save |
Save scoped memory record (with redaction) |
tdm_memory_slots |
List pinned memory slots |
tdm_memory_slot_update |
Create/replace pinned memory slot |
tdm_memory_forget |
Tombstone memory record with audit |
Setup via CLI:
tdm mcp # writes .mcp.json pointing to tdm mcp serve
Examples
| Example | Stack | What It Demonstrates |
|---|---|---|
express-paywall/ |
Express.js | chargeExpressHandler() with $0.05 paywall |
nextjs-gated/ |
Next.js App Router | chargeFetchHandler() in POST route handler |
python-fastapi/ |
Python / FastAPI | Local signer HTTP integration from Python |
telegram-bot/ |
Python | Subprocess tdm make payable for bot workflows |
Choosing the Right Surface
| Surface | When to Use |
|---|---|
| CLI | Your stack can shell out; need connect, make payable, balance, payout, unlock |
| Local signer HTTP | Language-agnostic signing from Python, Go, Ruby, Node; no key export |
| MCP | Runtime speaks MCP; need session state, plugins, memory, budget context |
| SDK direct | chargeFetchHandler(), chargeExpressHandler(), createGatewayClients() for live gateway in JS |
SDK Integration Surface
For JavaScript/TypeScript integrations, the public tdm-sdk provides:
| Export | Purpose |
|---|---|
makePayable() |
Wrap any async function with payment hooks |
chargeFetchHandler() |
Protect a fetch handler (Cloudflare Workers, Deno) |
chargeExpressHandler() |
Protect an Express route |
chargeHonoHandler() |
Protect a Hono route |
createFetchHookClient() |
Live gateway authorize + telemetry hooks |
createGatewayClients() |
Composed client: authorize + sessionTanks + checkout |
createAuthorizeClient() |
Direct payment authorization |
createSessionTanksClient() |
Session gas tank management |
createCheckoutClient() |
Buyer-facing checkout flows |
Vault and Agent Binding
Agent isolation is vault-first:
--vault <name>orTDM_VAULTselects the active vault- Each vault has its own credentials under
~/.tdm/vaults/<name>/ - Agents are scoped to one vault at a time
- MCP follows the same resolution order
tdm vault create photos --use
tdm agent spawn worker-1 --type DISCRETE --limit 5
tdm agent boot worker-1
Optional Route Policy
Layered allowlist for stricter outbound control:
tdm trust verify domain --target api.example.com --resource res_demo123
tdm allowlist add api.example.com --scope vault --vault seller-bot --verified
tdm allowlist check https://api.example.com/private/route --vault seller-bot
Security Notes
- No private keys in this repo -- this is reference code and guidance
- OS keyring required -- CLI stores keys securely
- Local signer is localhost-only -- advanced users only
- Review local automations carefully -- especially when using advanced signer flows
- Keep wallet credentials under your control -- never export private keys
Contributing
- Fork the repository
- Create a feature branch
- Update documentation
- Add examples
- Submit a pull request
Documentation
License
MIT License - see LICENSE for details
Built by the TDM team
Website • Documentation • GitHub • X/Twitter
Reviews (0)
Sign in to leave a review.
Leave a reviewNo results found