LIVE Selling on Base mainnet · Paid MCP server + HTTP x402 · Listed in the MCP Registry · Discoverable on the Coinbase CDP Bazaar · osf-agentkit on PyPI · 58 live sources across 7 categories
Public-data infrastructure · live for machines

Verifiable data,
priced for agents.

OSF is a live, API-first marketplace of public-domain government and scientific data — collected from primary sources, stamped with provenance, and sold to autonomous agents that pay per record over x402 micropayments on Base. Available as a paid MCP server (listed in the official MCP Registry) and over plain HTTP — discoverable on the Coinbase CDP Bazaar.

Liveon Base mainnet
58data sources
MCPregistry-listed
x402native settlement
OSF — Open Source Filings
OSF
OPEN SOURCE FILINGS
The thesis

Agents can't act on data they can't trust.

A new class of autonomous software — research agents, trading bots, compliance screeners, monitoring systems — needs facts it can cite, not text it has to guess at. The open data exists, scattered across hundreds of government and scientific APIs in incompatible formats. OSF does the unglamorous work of collecting it, normalizing it onto one schema, and attaching an unbroken trail back to the primary source — then makes it purchasable, one record at a time, by any agent that speaks x402.

Provenance is the product

Every record carries a link back to the exact filing, dataset, or API response it came from, so an agent can independently verify each fact against its authoritative source. The verifiable trail — not just the data — is what it pays for.

Priced for machines

Deterministic per-record pricing in fractions of a cent. No subscriptions, no API keys to manage, no human in the loop — just pay-as-you-query settlement an agent can decide on its own.

Legal by construction

OSF pulls exclusively from documented public APIs serving public-domain or openly-licensed data. No scraping, no paywalled content, no terms-of-service grey areas.

Why pay for public data?

Because the hard part isn't finding it.

The raw data is free — and integrating dozens of different APIs, normalizing their schemas, juggling keys and rate limits, and babysitting uptime is not. OSF sells the part that's actually hard: one canonical schema across every source, integrations abstracted away, and a provenance URL on every record. And because live sources overwrite their own history, OSF's record is a citable point-in-time snapshot of what a source said when it was read.

Raw public APIs

Free, but expensive

Dozens of endpoints, dozens of schemas, dozens of auth and rate-limit regimes to maintain. And the live source mutates: what a CVE was scored before it was re-rated, what a series read before revision — overwritten, gone.

CVE rescored upstream → original value lost
FRED series revised → prior reading gone
filing amended → first version overwritten
OSF

One schema, one call, one snapshot

A single canonical JSON envelope across all sources, keys and uptime abstracted away, and a provenance URL on every record pointing back to the primary source. Each record is a timestamped snapshot — the data as it read at retrieval, citable forever.

one envelope across every source
provenance URL on every record
retrieved_at_utc → a permanent citation
Discoverable & verifiable

Agents find OSF where they already look.

OSF is published in the official Model Context Protocol Registry and settles every payment through the Coinbase CDP Facilitator on Base — which lists it in the CDP Bazaar, the discovery layer where AI agents browse and pay for x402 services. You don't have to take our word for it: both listings are public and independently verifiable.

Find OSF the way an agent would

Agents can discover OSF through the MCP Registry by name, or through the CDP Bazaar, read its input/output schemas and pricing, and pay for a record with no prior integration with us. Discovery, payment, and delivery happen in a single x402 round trip.

Every settlement runs through the Coinbase CDP Facilitator — the same infrastructure powering the broader x402 agent economy.

Verify it yourself — the MCP Registry listing:

registry.modelcontextprotocol.io/v0.1/
servers?search=osf-data-marketplace

…and the CDP Bazaar listing for our pay-to address:

GET api.cdp.coinbase.com/platform/v2/x402/
discovery/merchant?payTo=0x051A0Ba…cAf85
Listed in the MCP RegistryPublished as io.github.onefreeman1337/osf-data-marketplace.
Cataloged in the CDP BazaarIndexed resource with full input/output schemas.
Indexed on x402scanAll three curated tools listed on the x402scan explorer.
Settled on Base mainnetReal USDC settlements, on-chain and verifiable.
Coinbase CDP FacilitatorVerify + settle through official infrastructure.
How OSF operates

A collection fabric, not a scraper.

An orchestrator commands a fleet of stateless collector nodes. Each runs deterministic fetch routines against documented public APIs, stamps every record with its origin, and streams it into a central warehouse — which is then served through both a paid MCP server and an x402-settled HTTP endpoint on Base mainnet.

01 · SOURCE

Documented APIs

Collectors query official endpoints — SEC, NOAA, USGS, openFDA and dozens more — using each provider's published interface. No browsers, no proxies, no captchas.

02 · STAMP

Provenance binding

Each record is wrapped with its source authority, the canonical filing/index URL, the API call that produced it, and a UTC retrieval timestamp.

03 · WAREHOUSE

Deduped & priced

Records land in a hash-deduplicated PostgreSQL warehouse and are assigned a deterministic price by data type — no model, no guesswork.

04 · SELL

x402 on Base

A free catalog is open to all; individual records unlock on a verified USDC payment over Base, settled through the Coinbase CDP Facilitator — over MCP or HTTP.

The catalog

Exactly what OSF serves.

Every source below is integrated, provenance-stamped, and drawn from public-domain or openly-licensed data. This is the live collection surface — growing continuously as new sources are verified and added.

Security & Cyber

5 sources
NVDNIST National Vulnerability Database — full CVE catalog with CVSS severity.
CISA KEVAuthoritative list of actively exploited vulnerabilities.
EPSSFIRST.org exploitation-probability scores — daily, for patch prioritization.
GitHub AdvisoriesCVE → affected package & version range (the Dependabot data).
CWEMITRE weakness taxonomy that CVEs & advisories reference.

Compliance & Sanctions

5 sources
OFAC SDNU.S. Treasury sanctions — the canonical primary-source designated-nationals list.
EU SanctionsEU Consolidated Financial Sanctions List (European Commission).
UK SanctionsUK Sanctions List (FCDO) — the single official UK source.
Trade.gov CSLConsolidated Screening List — denied & restricted parties (BIS/State/OFAC).
SEC LitigationSEC enforcement actions — first-party litigation releases.

Financial & Corporate

6 sources
SEC EDGARCompany filings, structured company facts & cross-company XBRL frames.
SEC Full-TextSearch the text of every EDGAR filing since 2001 (EFTS).
FREDFederal Reserve economic time series — rates, aggregates, indicators.
FDICEvery FDIC-insured institution's financials, charter & locations.
U.S. TreasuryFiscal data — debt, rates, and federal financial operations.
GLEIF / FECLegal-entity identifiers (LEI) & campaign-finance registrations.

Government, Legal & Regulatory

9 sources
USAspendingFederal awards, contracts & spending across every agency.
Federal RegisterRules, proposed rules, notices & presidential documents.
eCFRCode of Federal Regulations — structure & daily currency.
GovInfoAuthenticated congressional & government publications.
Congress.govBills, resolutions & legislative status & actions.
CourtListenerU.S. court opinions and judicial decisions.
SAM.govFederal entity registrations & contract opportunities.
Grants.govFederal funding opportunities across every agency.
USPTO / CensusPatent records & demographic / labor statistics.

Science & Health

8 sources
openFDADrug, device & food adverse-event and label data.
RxNormNormalized clinical drug nomenclature (NLM).
ClinicalTrialsRegistered clinical studies worldwide.
PubMed / NCBIBiomedical literature citations & metadata.
arXivPreprint metadata — the earliest public version of CS/AI/ML research.
OpenAlexOpen scholarly works, authors & institutions (CC0).
GBIFGlobal biodiversity species occurrences (CC0 / CC-BY).
CMS NPINational Provider Identifier registry for U.S. healthcare.

Earth, Energy & Environment

9 sources
NOAA WeatherActive alerts & point forecasts nationwide.
NOAA TidesCO-OPS tide & water-level predictions.
NOAA AviationMETAR aviation weather observations.
NOAA Space WxGeomagnetic storm alerts & planetary K-index.
USGS QuakesReal-time global earthquake feed.
USGS WaterStreamflow & water-condition monitoring.
USGS VolcanoVolcano alert levels & aviation color codes.
EIAU.S. Energy Information Administration energy series.
EPA ECHOFacility environmental-compliance records.

Global, Knowledge & Events

6 sources
World BankGlobal development indicators — GDP, population, prices.
ECB FXEuropean Central Bank euro reference exchange rates.
WikidataStructured, machine-readable knowledge (CC0).
GDELTWorldwide news-coverage index & pointers (metadata).
FEMAU.S. disaster declarations, 1953–present.
FAA & NHTSAAircraft registry & vehicle safety recalls.
For developers & agents

No keys. No contracts. Just pay per record.

OSF is designed to be consumed by software, and it's live right now. Start with a single command against the free discovery endpoint — no key, no signup — then connect your agent over MCP or settle a purchase over HTTP x402.

try it now · free · no key
# Discover OSF — capabilities, pricing model, schemas.
# Free, no key, no signup. Returns the full x402 manifest.
curl -s https://api.osf-master-server.com/.well-known/x402
verify the listing · free
# Confirm OSF is live + cataloged on the CDP Bazaar.
curl -s https://api.osf-master-server.com/x402/bazaar_health
 { "listed": true, "resource_count": 1,
    "ok": true }
Three curated tools

Or call a ready-made tool for the job.

Beyond the full catalog, OSF exposes three sharp, single-purpose x402 endpoints for the agent jobs people ask for most. Each returns structured JSON with a provenance URL, priced per call — and each is indexed on the x402scan explorer.

lookup_entity

Resolve and verify a company or person against CMS NPI, GLEIF LEI, FDIC, and SEC EDGAR. For KYC, KYB, and counterparty due-diligence.

GET/x402/identity/entity/{query}
$0.01 / call

screen_entity

Screen a name against the OFAC SDN, EU, and UK OFSI sanctions lists. Returns hit or no-hit, the matched list, and an audit receipt. For AML and KYC.

GET/x402/screen/sanctions/{name}
$0.05 / call

check_cve_exploited

Is a CVE actively exploited? Checks the CISA KEV catalog, plus its EPSS probability and CVSS severity. For vulnerability management and patch triage.

GET/x402/security/cve/{cve_id}
$0.02 / call

Building on Coinbase AgentKit?

Install the OSF provider and all three tools drop straight into your agent — the agent's own wallet pays per call over x402, automatically.

install · from PyPI
pip install osf-agentkit
View osf-agentkit on PyPI ↗

Connect over MCP

Registry-listed

Add OSF to any MCP-capable agent. It exposes a free get_catalog tool and a paid get_record tool that returns an x402 payment challenge — your client pays and receives the record in the same session.

MCP server · streamable-http
https://api.osf-master-server.com/mcp
Find it in the MCP Registry
io.github.onefreeman1337/
osf-data-marketplace

Settle over HTTP x402

Live · selling

Point any x402-compatible HTTP client at a record's purchase URL. The server replies 402 Payment Required with the exact USDC amount and pay-to address; your client settles on Base and retries to receive the record.

Purchase endpoint · Base mainnet
GET/x402/buy/<tier>/<record_id>
$0.04 security $0.05 standard $0.10–0.25 filings $0.30–0.50 premium
Drop-in example · LangGraph

A complete, runnable LangGraph agent that discovers a CVE over MCP, pays $0.04 in USDC over x402, and returns a triage decision with a citation to nvd.nist.gov. Copy the tool straight into your own agent.

View the code on GitHub ↗
1

Discover

Find OSF in the MCP Registry or the CDP Bazaar, or call the free catalog to list available records, their data type, and price.

2

Request

Ask for a record. The server replies 402 Payment Required with the exact USDC amount, asset, network, and pay-to address.

3

Pay

Your x402 client settles the micropayment in USDC on Base through the Coinbase CDP Facilitator and retries — no manual signing, no API key.

4

Receive

OSF returns the full record with its provenance block — the verifiable link back to the authoritative source. One round trip, done.

agent ↔ osf · x402 exchange
# 1 · discover (free) — list records + prices
call get_catalog { source: "SEC_EDGAR" }
 [ { record_id, data_type, price_usd,
      provenance_url }, … ]
# 2 · request a record (MCP get_record or HTTP buy)
GET /x402/buy/standard/497140
 402 Payment Required
   accepts: { scheme: "exact",
     network: "eip155:8453",
     asset:  "USDC", amount: "50000",
     payTo:  "0x051A0Ba…cAf85" }
# 3 · x402 client pays + retries (automatic)
GET /x402/buy/standard/497140
   x-payment: "<signed settlement>"
# 4 · settled on-chain → record released
 200 OK
{
  "status": "success",
  "data_type": "Federal Funding Opportunity",
  "source": "GRANTS_GOV",
  "data": { /* the verified record */ },
  "provenance": {
    "source_url": "https://api.grants.gov/…",
    "retrieved_at_utc": "2026-06-09T…Z",
    "license": "U.S. Government Public Domain"
  }
}
See it run

An agent buys a CVE — and verifies it at the source.

No narration, no edits. An autonomous agent discovers OSF's security data, pays $0.04 in USDC over x402 on Base mainnet, receives a CISA Known-Exploited-Vulnerability record, and gets a provenance link back to nvd.nist.gov to verify every field independently. One round trip — no account, no API key.

Verifiable — confirm it yourself on-chain: basescan ↗ 0x2266…769b

That transaction is a real USDC settlement on Base mainnet. The record it bought links to its authoritative U.S. government source — the citation is the product.

On the roadmap

A trust layer, not just a data API.

OSF is built in the open and shaped by the agent developers using it. These are the next things being built — named here honestly as work in progress, not shipped features.

Building

Signed receipts

Every paid response will carry a signed receipt — source URL, retrieval timestamp, record hash, price, payment reference, and response id — verifiable offline against a published key. Provenance you can prove, not just follow.

Building

Idempotent pay-then-retry

A payment reference will map to a replayable claim server-side, so a timed-out retry returns the same record instead of risking a second charge. A network blip should never cost an agent twice.

Building

Explicit point-in-time snapshots

Surfacing the snapshot model directly: request a record as it read at a moment in time, distinct from a fresh fetch — a first-class citation primitive for agents that need to defend what they acted on.

Platform status

Live and selling.

An honest, real-time view of what's running today. OSF is live on Base mainnet, settling through the Coinbase CDP Facilitator, listed in the MCP Registry, and discoverable on the CDP Bazaar.

Collection fabric Orchestrator + collector fleet pulling from integrated sources. Operational
Provenance warehouse Deduplicated, provenance-stamped record store. Operational
Source integrations Public-domain & open-licensed APIs wired in and verified. 58 & growing
Catalog (free discovery) Free get_catalog tool + public x402 discovery manifest. Operational
HTTP x402 marketplace Pay-per-record settlement in USDC on Base mainnet. Live · selling
Paid MCP server Model Context Protocol server for direct agent access. Live
MCP Registry listing Published & discoverable in the official MCP Registry. Listed
CDP Bazaar listing HTTP x402 route & MCP tool both cataloged through Coinbase CDP discovery. Listed
x402scan listing All three curated tools — entity, sanctions & CVE — indexed on the x402scan explorer. Listed
AgentKit provider · PyPI osf-agentkit — pip-installable action provider for Coinbase AgentKit agents. Published
Signed receipts & idempotent retry Offline-verifiable receipts + replay-safe payment claims. On the roadmap
Start building

Building an agent that needs ground truth?

OSF is live today. Run the one-line discovery call, add the MCP server to your agent, or reach out for integration help or to request a data source. Independently operated and partner-friendly.

coreygallant@gmail.com →