# StablecoinX — Full reference > Extended reference for LLM retrieval. See [llms.txt](https://harness.stablecoinx.com/llms.txt) for the short summary. `harness.stablecoinx.com` is the public StablecoinX platform (sandbox + live, no VPN). ## Platform StablecoinX is a stablecoin payment platform built on ERC-4337 account abstraction. It has four public surfaces, all served under `*.harness.stablecoinx.com`: - **Checkout / Pay** (`harness.stablecoinx.com`) — hosted consumer payment page. Renders a payment session by id (`/session/:id`) and settles a stablecoin payment through the payer's ERC-4337 smart account with gas sponsored by the StablecoinX paymaster. - **Merchant dashboard** (`business.harness.stablecoinx.com`) — where merchants onboard, create payment sessions, mint API keys, configure webhooks, and manage paymaster clients + allowlists. See [business llms.txt](https://business.harness.stablecoinx.com/llms.txt). - **Treasury dashboard** (`treasury.harness.stablecoinx.com`) — non-custodial on-chain treasury: aggregated balances, yield positions, P&L, and sponsored deposits/withdrawals. See [treasury llms.txt](https://treasury.harness.stablecoinx.com/llms.txt). - **Paymaster test UI** (`paymaster-ui.harness.stablecoinx.com`) — developer surface to exercise sponsored UserOperations and ERC-20-paid gas. See [paymaster-ui llms.txt](https://paymaster-ui.harness.stablecoinx.com/llms.txt). ## Backends - **Merchant API** — `https://api.harness.stablecoinx.com`. Merchant account, payment sessions, API keys, webhooks, and paymaster-client management. Thirdweb-authenticated (email-OTP → JWT) or `sk_*` API keys for server-to-server. No public OpenAPI; the supported machine interface is the MCP server below. - **Paymaster** — `https://paymaster.harness.stablecoinx.com`. ERC-4337 / ERC-7677 paymaster RPC + REST. OpenAPI at `/openapi.json`, `/openapi.yaml`, `/openapi`. - **Treasury API** — `https://treasury-api.harness.stablecoinx.com`. Read aggregation, history, P&L, deposit/withdraw quotes. OpenAPI at `/openapi.json`, `/openapi.yaml`, `/openapi`. ## Networks The harness resolves chain selection (sandbox testnet vs live mainnet) server-side per the merchant account; nothing chain-related to configure on the client. ## StablecoinX MCP server Programmatic, agent-friendly control of a StablecoinX merchant account. Published to npm as [`@stablecoinx/mcp`](https://www.npmjs.com/package/@stablecoinx/mcp); source at https://github.com/e2xlabs/stablecoinx-mcp; registered in the MCP registry as `io.github.e2xlabs/stablecoinx-mcp`. - **Install (Claude Code and clients with an `mcp add` CLI):** `npx @stablecoinx/mcp setup` — installs the bundled `stablecoinx` skill into `~/.claude/skills` and registers the MCP (user scope) with a freshly generated state passphrase. Restart your MCP client afterwards. - **Manual registration:** ``` claude mcp add stablecoinx-mcp -s user \ -e SCX_STATE_PASSPHRASE="$(openssl rand -hex 16)" \ -- npx -y @stablecoinx/mcp ``` Requires Node.js 20+. `SCX_STATE_PASSPHRASE` (any string) is the only required input — the harness API, thirdweb client, origin and login chain are baked into the package. - **Transport:** local stdio server launched via `npx`; all credentials stay on the local machine, encrypted at rest. There is no hosted/remote MCP endpoint. - **Auth:** thirdweb email-OTP → 24h JWT cached in the encrypted local state file. Run `auth_send_otp` then `auth_verify_otp`; mint an `sk_*` with `api_key_create` for server-to-server session creation. - **Tools (27):** auth & onboarding (`auth_status`, `auth_send_otp`, `auth_verify_otp`, `auth_logout`, `api_key_create`, `session_key_create`); merchant profile (`merchant_get`, `merchant_update`); API keys (`api_keys_list`, `api_keys_revoke`); sessions (`sessions_list`, `sessions_get`, `sessions_create_dashboard`, `sessions_create_s2s`); paymaster clients (`paymaster_clients_list` / `_create` / `_update` / `_revoke`); paymaster allowlist (`paymaster_allowlist_list` / `_add` / `_remove`); paymaster usage (`paymaster_usage_get`); webhooks (`webhooks_create` / `_list` / `_delete` / `_rotate_secret` / `_deliveries`). ## Security - Vulnerability disclosure: `tech@e2xlabs.com` (see [/.well-known/security.txt](https://harness.stablecoinx.com/.well-known/security.txt), RFC 9116). - Non-custodial across all surfaces — every state-changing action is signed by the user's smart-account wallet. - Sandbox mode settles on testnets; live mode settles on mainnet. Use a sandbox merchant account for integration testing.