NVIDIA · plagtech · Mar 22, 2026
diff --git a/sandboxes/spraay/Dockerfile b/sandboxes/spraay/Dockerfile
@@ -0,0 +1,43 @@
+ARG BASE_IMAGE=ghcr.io/nvidia/openshell-community/sandboxes/base:latest
+FROM ${BASE_IMAGE}
+
+# ── Spraay x402 Payment Toolkit ──────────────────────────────────────────────
+# Pre-configured sandbox for AI agent crypto payments via the x402 protocol.
+# Supports 13 blockchains, 76+ gateway endpoints, batch payments, escrow,
+# payroll, token swaps, and Robot Task Protocol (RTP).
+
+# Install Node.js (required for ethers.js wallet operations)
+USER root
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    curl \
+    jq \
+    && curl -fsSL https://deb.nodesource.com/setup_22.x | bash - \
+    && apt-get install -y --no-install-recommends nodejs \
+    && npm install -g ethers@6 \
+    && apt-get clean && rm -rf /var/lib/apt/lists/*
+
+# Install Python dependencies for wallet and signing operations
+USER sandbox
+RUN pip install --no-cache-dir \
+    httpx \
+    eth-account \
+    web3 \
+    pynacl \
+    base58
+
+# ── Spraay CLI wrapper ──────────────────────────────────────────────────────
+COPY spraay.sh /usr/local/bin/spraay
+USER root
+RUN chmod +x /usr/local/bin/spraay
+USER sandbox
+
+# ── Agent skills ─────────────────────────────────────────────────────────────
+COPY skills/ /sandbox/.agents/skills/
+
+# ── Default environment ──────────────────────────────────────────────────────
+ENV SPRAAY_GATEWAY_URL=https://gateway.spraay.app
+ENV SPRAAY_CHAIN=base
+
+# ── Healthcheck ──────────────────────────────────────────────────────────────
+HEALTHCHECK --interval=30s --timeout=5s --retries=3 \
+    CMD curl -sf ${SPRAAY_GATEWAY_URL}/health || exit 1
diff --git a/sandboxes/spraay/README.md b/sandboxes/spraay/README.md
@@ -0,0 +1,92 @@
+# Spraay — Crypto Payment Sandbox for OpenShell
+
+OpenShell sandbox image pre-configured with [Spraay](https://spraay.app) for AI agent crypto payments via the x402 protocol.
+
+## What's Included
+
+| Component | Description |
+|-----------|-------------|
+| **Spraay CLI** | Shell wrapper for 76+ paid gateway endpoints across 13 blockchains |
+| **x402 Protocol** | HTTP 402-based micropayment protocol — agents pay per request with USDC |
+| **Agent Skills** | Pre-built skills for batch payments, escrow, payroll, token swaps, and Robot Task Protocol (RTP) |
+| **Multi-Chain** | Base, Ethereum, Arbitrum, Polygon, BNB, Avalanche, Solana, Bitcoin, Stacks, Unichain, Plasma, BOB, Bittensor |
+
+## Quick Start
+
+### Using the pre-built image
+
+```bash
+openshell sandbox create --from spraay -- claude
+```
+
+### Building locally
+
+```bash
+docker build -t openshell-spraay \
+  --build-arg BASE_IMAGE=ghcr.io/nvidia/openshell-community/sandboxes/base:latest .
+```
+
+Then launch:
+
+```bash
+openshell sandbox create --from openshell-spraay -- claude
+```
+
+## Environment Variables
+
+| Variable | Required | Description |
+|----------|----------|-------------|
+| `SPRAAY_GATEWAY_URL` | No | Gateway URL (default: `https://gateway.spraay.app`) |
+| `SPRAAY_PAYMENT_ADDRESS` | Yes | Your wallet address for x402 payments |
+| `SPRAAY_CHAIN` | No | Default chain (default: `base`) |
+
+## Skills
+
+The sandbox ships with agent skills in `.agents/skills/`:
+
+| Skill | Description |
+|-------|-------------|
+| `spraay-payments` | Batch send tokens to multiple recipients on any supported chain |
+| `spraay-escrow` | Create and manage escrow contracts with milestone-based releases |
+| `spraay-rtp` | Robot Task Protocol — hire robots and IoT devices via x402 micropayments |
+| `spraay-gateway` | Query gateway endpoints, check pricing, discover available routes |
+
+## Network Policy
+
+The default network policy allows egress to:
+
+- `gateway.spraay.app` — Spraay x402 gateway (HTTPS)
+- `*.infura.io` — RPC provider (HTTPS)
+- `*.alchemy.com` — RPC provider (HTTPS)
+- `*.base.org` — Base chain RPC (HTTPS)
+
+All other egress is denied by default. Customize via OpenShell policy overrides.
+
+## How x402 Works Inside the Sandbox
+
+1. Agent calls a Spraay gateway endpoint (e.g., `/v1/batch-send`)
+2. Gateway returns HTTP `402 Payment Required` with a payment header
+3. Agent signs USDC payment using its configured wallet
+4. Gateway verifies payment on-chain and executes the request
+5. Agent receives the result
+
+The sandbox enforces that all payment signing happens within the isolated environment. Private keys never leave the sandbox boundary.
+
+## Use Cases
+
+- **Autonomous payroll**: Agent runs scheduled batch payments to employees/contractors
+- **Escrow automation**: Agent creates milestone-based escrow for freelance work
+- **Robot hiring**: Agent uses RTP to commission physical tasks from IoT devices
+- **Multi-chain treasury**: Agent manages token distributions across 13+ chains
+- **DCA/Scheduled swaps**: Agent executes dollar-cost averaging strategies
+
+## Resources
+
+- [Spraay Gateway Docs](https://docs.spraay.app)
+- [x402 Protocol Spec](https://www.x402.org)
+- [Spraay MCP Server](https://smithery.ai/server/@plagtech/spraay-x402-mcp)
+- [OpenShell Documentation](https://docs.nvidia.com/openshell/latest/index.html)
+
+## License
+
+Apache 2.0 — see [LICENSE](../../LICENSE).
diff --git a/sandboxes/spraay/policy.yaml b/sandboxes/spraay/policy.yaml
@@ -0,0 +1,92 @@
+# Spraay Sandbox Network Policy
+# This policy allows egress only to the Spraay gateway and required
+# blockchain RPC providers. All other egress is denied by default.
+#
+# Apply with: openshell policy set <sandbox-name> --policy policy.yaml --wait
+
+version: "1"
+
+# ── Spraay Gateway ───────────────────────────────────────────────────────────
+spraay_gateway:
+  destination: "gateway.spraay.app"
+  port: 443
+  protocol: tcp
+  action: allow
+  note: "Spraay x402 payment gateway — all API requests route here"
+
+spraay_docs:
+  destination: "docs.spraay.app"
+  port: 443
+  protocol: tcp
+  action: allow
+  note: "Spraay API documentation"
+
+# ── Blockchain RPC Providers ─────────────────────────────────────────────────
+infura_rpc:
+  destination: "*.infura.io"
+  port: 443
+  protocol: tcp
+  action: allow
+  note: "Infura — Ethereum, Polygon, Arbitrum, Optimism RPC"
+
+alchemy_rpc:
+  destination: "*.alchemy.com"
+  port: 443
+  protocol: tcp
+  action: allow
+  note: "Alchemy — multi-chain RPC provider"
+
+base_rpc:
+  destination: "*.base.org"
+  port: 443
+  protocol: tcp
+  action: allow
+  note: "Base chain public RPC"
+
+quicknode_rpc:
+  destination: "*.quiknode.pro"
+  port: 443
+  protocol: tcp
+  action: allow
+  note: "QuickNode — multi-chain RPC provider"
+
+# ── Coinbase (x402 payment verification) ─────────────────────────────────────
+coinbase_cdp:
+  destination: "*.coinbase.com"
+  port: 443
+  protocol: tcp
+  action: allow
+  note: "Coinbase CDP — x402 payment facilitation and verification"
+
+# ── Solana RPC ───────────────────────────────────────────────────────────────
+solana_rpc:
+  destination: "*.solana.com"
+  port: 443
+  protocol: tcp
+  action: allow
+  note: "Solana mainnet RPC"
+
+helius_rpc:
+  destination: "*.helius-rpc.com"
+  port: 443
+  protocol: tcp
+  action: allow
+  note: "Helius — Solana RPC provider"
+
+# ── Bitcoin / Stacks ─────────────────────────────────────────────────────────
+blockstream_api:
+  destination: "blockstream.info"
+  port: 443
+  protocol: tcp
+  action: allow
+  note: "Blockstream — Bitcoin block explorer API"
+
+stacks_api:
+  destination: "*.stacks.co"
+  port: 443
+  protocol: tcp
+  action: allow
+  note: "Stacks blockchain API"
+
+# ── Deny everything else ─────────────────────────────────────────────────────
+# OpenShell default policy denies all egress not explicitly allowed above.
diff --git a/sandboxes/spraay/skills/spraay-escrow.md b/sandboxes/spraay/skills/spraay-escrow.md
@@ -0,0 +1,60 @@
+# Spraay Escrow Skill
+
+Create and manage on-chain escrow contracts with milestone-based fund releases.
+
+## When to Use
+
+Use this skill when the user or agent needs to:
+
+- Hold funds in escrow between two parties
+- Release payments based on milestone completion
+- Create trustless payment agreements for freelance or contract work
+- Automate conditional fund releases
+
+## How It Works
+
+1. **Create**: Deposit tokens into an escrow smart contract with defined milestones
+2. **Monitor**: Check escrow status and milestone completion
+3. **Release**: Release funds when milestones are verified
+4. **Refund**: Return funds if conditions are not met
+
+## Commands
+
+### Create an escrow
+```bash
+spraay escrow-create '{
+  "depositor": "0xYourAddress",
+  "beneficiary": "0xFreelancerAddress",
+  "token": "USDC",
+  "totalAmount": "500.0",
+  "chain": "base",
+  "milestones": [
+    {"description": "Design mockups delivered", "amount": "150.0"},
+    {"description": "Frontend implementation", "amount": "200.0"},
+    {"description": "Testing and deployment", "amount": "150.0"}
+  ]
+}'
+```
+
+### Check escrow status
+```bash
+spraay escrow-status <escrow-id>
+```
+
+### Release milestone funds
+```bash
+spraay escrow-release <escrow-id>
+```
+
+## Important Notes
+
+- Escrow creation requires sufficient token balance plus the x402 gateway fee
+- Milestone releases are sequential by default
+- Both parties can view escrow status on-chain
+- Escrow contracts are non-custodial — funds are held by the smart contract, not by Spraay
+
+## Error Handling
+
+- HTTP 402: Payment required for gateway fee
+- HTTP 409: Escrow already exists or milestone already released
+- HTTP 404: Escrow ID not found
diff --git a/sandboxes/spraay/skills/spraay-gateway.md b/sandboxes/spraay/skills/spraay-gateway.md
@@ -0,0 +1,89 @@
+# Spraay Gateway Skill
+
+Query the Spraay x402 gateway to discover available endpoints, check pricing, and understand supported chains and tokens.
+
+## When to Use
+
+Use this skill when the user or agent needs to:
+
+- See all available Spraay gateway routes and their pricing
+- Check which chains and tokens are supported
+- Verify gateway health and connectivity
+- Understand x402 payment requirements before making a request
+
+## Commands
+
+### Check gateway health
+```bash
+spraay health
+```
+
+### Get gateway info
+```bash
+spraay info
+```
+
+### List all routes with pricing
+```bash
+spraay routes
+```
+
+### List supported chains
+```bash
+spraay chains
+```
+
+### Make a raw API call
+```bash
+spraay raw GET /v1/some-endpoint
+spraay raw POST /v1/some-endpoint '{"key": "value"}'
+```
+
+## Gateway Overview
+
+The Spraay gateway at `gateway.spraay.app` exposes 76+ paid endpoints across 16 categories:
+
+| Category | Description | Example Endpoints |
+|----------|-------------|-------------------|
+| 1. Batch Payments | Multi-recipient token sends | `/v1/batch-send` |
+| 2. Token Swaps | DEX aggregation | `/v1/swap`, `/v1/quote` |
+| 3. Escrow | Milestone-based contracts | `/v1/escrow/*` |
+| 4. Payroll | Recurring payment runs | `/v1/payroll/*` |
+| 5. Price Oracle | Token pricing data | `/v1/price` |
+| 6. Balance | Wallet balance queries | `/v1/balance` |
+| 7. NFT | Mint and transfer NFTs | `/v1/nft/*` |
+| 8. Bridge | Cross-chain transfers | `/v1/bridge/*` |
+| 9. Staking | Stake and unstake tokens | `/v1/staking/*` |
+| 10. Governance | DAO proposal tools | `/v1/governance/*` |
+| 11. Analytics | On-chain data queries | `/v1/analytics/*` |
+| 12. AI Inference | Proxy to AI models | `/v1/inference/*` |
+| 13. Wallet | Wallet management | `/v1/wallet/*` |
+| 14. Agent Wallet | Managed agent wallets | `/v1/agent-wallet/*` |
+| 15. RTP | Robot Task Protocol | `/v1/rtp/*` |
+| 16. Identity | On-chain identity | `/v1/identity/*` |
+
+## Pricing Tiers
+
+- **Free endpoints**: `/health`, `/v1/info`, `/v1/routes`, `/v1/chains` (11 total)
+- **Standard**: $0.01–$0.05 per request (most query endpoints)
+- **Premium**: $0.05–$0.25 per request (escrow, bridge, payroll execution)
+
+## x402 Payment Flow
+
+All paid endpoints use the HTTP 402 protocol:
+
+1. Client sends a request without payment
+2. Gateway responds with `402 Payment Required` + payment details header
+3. Client signs a USDC payment transaction
+4. Client resends request with the signed payment in the header
+5. Gateway verifies payment and processes the request
+
+The payment address for all gateway requests:
+`0xAd62f03C7514bb8c51f1eA70C2b75C37404695c8`
+
+## Important Notes
+
+- Free endpoints do not require x402 payment
+- The gateway is chain-agnostic — specify the target chain per request
+- Rate limiting applies: check `X-RateLimit-*` response headers
+- The Spraay MCP server (`@plagtech/spraay-x402-mcp`) wraps all these endpoints for LLM tool use