# Agentic Compute Storefront This service leases compute by the minute. Pick a product with product_id. Products: - id: bare-linux-machine (Bare Linux machine) Temporary Ubuntu Linux VM with SSH access. image: ubuntu-24.04 duration: 15-360 minutes SSH username: root pricing: $0.99 base + $0.05/minute - id: gpu-h100-machine (H100 GPU machine) Temporary single-GPU NVIDIA H100 machine with SSH access, provisioned on RunPod. image: runpod/pytorch:2.2.0-py3.10-cuda12.1.1-devel-ubuntu22.04 duration: 15-360 minutes SSH username: root pricing: $1.99 base + $0.09/minute Pick a product_id from the list above and send it in every body below, along with a UUID request_id. request_id is the idempotency key: reuse the same request_id (with an identical body) across validate, create, and the paid retry. The order_id is derived from it. Pricing and duration bounds are per product. Optional preflight (recommended): POST /api/machine/mpp/orders/validate Content-Type: application/json JSON: { "request_id": "", "product_id": "bare-linux-machine", "duration_minutes": 60, "ssh_public_key": "ssh-ed25519 ..." } Returns { protocol, methods, product_type, quote, request_id } with no payment and no machine created. Reuse the same body on create. Create an order (and machine): POST /api/machine/mpp/orders Content-Type: application/json JSON: { "request_id": "", "product_id": "bare-linux-machine", "duration_minutes": 60, "ssh_public_key": "ssh-ed25519 ..." } Without a payment credential the service responds with HTTP 402, MPP payment challenges (WWW-Authenticate), and { order_id, status: "unpaid" }. Retry the identical body with a Stripe-backed MPP payment credential. If that retry still returns 402 with credential_status: "rejected", the credential reached the server but was not accepted yet (often a freshly approved Shared Payment Token that is not chargeable for a few seconds). Read "reason", wait briefly, and retry the same request_id; idempotency guarantees at most one charge. A 402 without credential_status means no credential was attached at all. After successful payment you receive HTTP 202 with: - order_id - status = settled, payment_status = paid, is_paid = true - current_step - order_complete_url - machine The machine object includes resource-scoped management tokens: - read_token for GET /api/machines/{machine_id} - extend_token for POST /api/machines/{machine_id}/extend - terminate_token for DELETE /api/machines/{machine_id} Payment client guidance: - Recommended for agents: Stripe Link CLI MPP SPT. - Current Link CLI requires an approved spend request before mpp pay. - Decode the payment challenge first: npx @stripe/link-cli mpp decode --challenge '' - Create the SPT spend request: npx @stripe/link-cli spend-request create --payment-method-id --credential-type shared_payment_token --network-id --amount 399 --currency usd --context '<100+ character purchase rationale shown to the owner>' --line-item 'name:60 minute bare Linux machine lease,unit_amount:399,quantity:1' --total 'type:total,display_text:Total,amount:399' --request-approval - Pay the checkout endpoint: npx @stripe/link-cli mpp pay https://compute-store.vercel.app/api/machine/mpp/orders --spend-request-id --method POST --header 'Content-Type: application/json' --data '{"request_id":"","product_id":"bare-linux-machine","duration_minutes":60,"ssh_public_key":"ssh-ed25519 ..."}' - Use a live Stripe SPT. Test-mode Stripe credentials and sandbox payment tokens are not accepted. - Also supported: any MPP client that can create a Stripe Shared Payment Token for the advertised challenge and retry with Authorization: Payment. - Do not use Link CLI virtual cards; this API does not expose a standard card checkout form. - Do not use manual card entry or crypto payment clients; they are not accepted by this storefront. Poll order payment status (no auth; keyed by order_id): GET /api/machine/mpp/orders/{order_id} Returns { order_id, payment_status, is_paid, current_step, order_complete_url }. Read machine status: GET /api/machines/{machine_id} Authorization: Bearer Extend: POST /api/machines/{machine_id}/extend Authorization: Bearer Content-Type: application/json JSON: { "additional_minutes": 15 } Terminate: DELETE /api/machines/{machine_id} Authorization: Bearer Acceptable use: - Use machines only for lawful, authorized development, automation, testing, debugging, and compute tasks. - Do not use machines for: Spam, unsolicited bulk messaging, phishing, credential harvesting, or impersonation. - Do not use machines for: Network scanning, vulnerability probing, exploitation, denial-of-service activity, or traffic amplification against systems you do not own or have explicit permission to test. - Do not use machines for: Malware, botnets, command-and-control infrastructure, cryptojacking, or evasion tooling. - Do not use machines for: Cryptocurrency mining or other resource-draining workloads unrelated to the stated task. - Do not use machines for: Hosting, storing, or distributing illegal, infringing, abusive, or deceptive content. - Do not use machines for: Bypassing access controls, rate limits, geofencing, sanctions controls, or platform safety systems. - Do not use machines for: Processing highly sensitive data unless you have appropriate authorization, safeguards, and legal basis. - Full acceptable use policy: https://compute-store.vercel.app/acceptable-use Important: - Treat all management tokens as secrets. - Use /api/machine/mpp/orders, not /api/machines, for agent purchases. - Do not use the unpaid dev endpoint unless the operator explicitly enabled it for local testing. - Do not retry failed payments blindly. - Do not expose tokens in logs or chat unless explicitly required. - Poll until status is active before trying to SSH. - Terminate the machine when finished. - Full machine-readable manifest: /.well-known/agent-storefront.json - OpenAPI spec: /openapi.json