POST /api/pbkdf2Derive a cryptographic key from a password using PBKDF2 (RFC 8018). Returns the hex-encoded derived key along with all parameters used, so you can store or verify them later. Supports sha1, sha256, sha384, sha512 digests.
| Field | Type | Description |
|---|---|---|
password * | string | Password or passphrase to derive from |
salt * | string | Salt string (should be unique per password) |
iterations | integer | Iteration count (default 100000, max 1000000) |
keyLength | integer | Desired key length in bytes (default 32, max 128) |
digest | string | Hash algorithm: sha1, sha256, sha384, sha512 (default sha256) |
{
"derivedKey": "a1b2c3d4e5f6...",
"algorithm": "pbkdf2",
"digest": "sha256",
"iterations": 100000,
"keyLength": 32,
"saltUsed": "random-salt-value"
}
curl -i -X POST https://agent402.tools/api/pbkdf2 \
-H "Content-Type: application/json" \
-d '{"password":"hunter2","salt":"random-salt-value","iterations":100000,"keyLength":32,"digest":"sha256"}'
The response is HTTP 402 Payment Required with exact payment requirements. Any x402 v2 client pays automatically and retries:
import { wrapFetchWithPayment } from "@x402/fetch";
import { x402Client } from "@x402/core/client";
import { registerExactEvmScheme } from "@x402/evm/exact/client";
import { privateKeyToAccount } from "viem/accounts";
const client = new x402Client();
registerExactEvmScheme(client, { signer: privateKeyToAccount(KEY) });
const payFetch = wrapFetchWithPayment(fetch, client);
const res = await payFetch("https://agent402.tools/api/pbkdf2", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({
"password": "hunter2",
"salt": "random-salt-value",
"iterations": 100000,
"keyLength": 32,
"digest": "sha256"
}),
});
This is a pure-CPU tool, so an agent without a wallet can pay with proof-of-work instead of USDC: fetch a challenge, solve the sha256 puzzle (16 leading zero bits — a fraction of a second of CPU, no money, no AI tokens), and resend with the X-Pow-Solution header.
import { createHash } from "node:crypto";
const lz = (b) => { let t = 0; for (const x of b) { if (!x) { t += 8; continue; } t += Math.clz32(x) - 24; break; } return t; };
const c = await (await fetch("https://agent402.tools/api/pow/challenge?slug=pbkdf2")).json();
let n = 0;
while (lz(createHash("sha256").update(c.challenge + ":" + n).digest()) < c.difficulty) n++;
await fetch("https://agent402.tools/api/pbkdf2", { method: "POST", headers: { "X-Pow-Solution": c.token + ":" + n, "Content-Type": "application/json" }, body: JSON.stringify({"password":"hunter2","salt":"random-salt-value","iterations":100000,"keyLength":32,"digest":"sha256"}) });
POST /api/wallet-balanceLook up the native coin balance (ETH/MATIC) plus every ERC-20 holding for a wallet address on Ethereum, Base, Polygon, A…
POST /api/token-metadataResolve an ERC-20 contract address to its on-chain metadata: symbol, decimals, name, and logo URL where available. Use t…
POST /api/token-priceReturn the current USD spot price for an ERC-20 token, identified by its contract address and network. Sourced from Alch…