Server Path
Lesson 4 of 8
20 min

Production-Ready Setup

Learning Objectives

  • Use environment variables for configuration
  • Implement error handling
  • Add rate limiting
  • Monitor wallet balance
  • Log transactions for accounting

Production Checklist

Before deploying to production:

Use environment variables for wallet addresses
Set up error handling for payment failures
Add rate limiting to prevent abuse
Monitor wallet balance (withdraw funds regularly)
Log all transactions for accounting
Set appropriate timeouts
Add health check endpoint (free, no payment)
typescript
import { paymentMiddleware } from '@x402/express';
import { x402ResourceServer, HTTPFacilitatorClient } from '@x402/core/server';
import { registerExactEvmScheme } from '@x402/evm/exact/server';
import { Ratelimit } from '@upstash/ratelimit';
import { Redis } from '@upstash/redis';
import express from 'express';

// Setup server
const facilitatorClient = new HTTPFacilitatorClient({
  url: 'https://api.cdp.coinbase.com/platform/v2/x402'
});
const server = new x402ResourceServer(facilitatorClient);
registerExactEvmScheme(server);
const app = express();

// Setup rate limiting
const ratelimit = new Ratelimit({
  redis: Redis.fromEnv(),
  limiter: Ratelimit.slidingWindow(10, '10 s'),
});

// Configure payment middleware
app.use(
  paymentMiddleware(
    {
      'GET /api/data': {
        accepts: [{
          scheme: 'exact',
          price: '$0.001',
          network: 'eip155:8453',
          payTo: process.env.RECEIVING_WALLET_ADDRESS!,
        }],
        description: 'Rate-limited data endpoint',
        mimeType: 'application/json',
      },
    },
    server
  )
);

// Handler with rate limiting
app.get('/api/data', async (req, res) => {
  const paymentHeader = req.headers['x-payment'];
  const payer = JSON.parse(Buffer.from(paymentHeader as string, 'base64').toString()).from;

  // Rate limit by payer address
  const { success } = await ratelimit.limit(payer);
  if (!success) {
    return res.status(429).json({ error: 'Rate limit exceeded' });
  }

  // Serve data
  res.json({ data: '...' });
});

Build a paid API that returns AI-generated content

Deploy a production-ready x402 API with all best practices

Requirements:

Requires payment

Returns 402 without payment

Rate limits payers

Rejects excessive requests

Returns AI content

Generates and returns content after payment

Your Solution
Previous
Verifying and Settling Payments
Next
Multi-Network Servers (EVM + Solana)