The x402 Protocol: HTTP-Native Payments for the AI Agent Economy

The protocol’s elegance lies in its extension of the standard HTTP request-response loop to negotiate and complete a payment. This avoids cumbersome redirects to external checkout pages or reliance on pre-provisioned API keys, creating a self-contained, stateless transaction.

1. Client Request: A client, such as an AI agent or application, initiates a standard HTTP request for a protected resource.
2. Server Response (402 Payment Required): If payment is required, the server responds with an HTTP 402 Payment Required status. This response includes payment instructions in a PAYMENT-REQUIRED header, detailing the price, asset (e.g., USDC), network, and recipient wallet address.
3. Client Authorization: The client’s software or wallet parses the 402 response and uses its private key to cryptographically sign a payment authorization payload. This signature proves intent and control over the funds without exposing the key.
4. Client Retry with Payment: The client resends the original HTTP request, this time including the signed payment payload in a PAYMENT-SIGNATURE header.
5. Server Verification & Settlement: The server, either locally or via a facilitator, verifies the payment signature’s validity and settles the transaction on the blockchain.
6. Resource Delivery: Upon successful verification, the server returns an HTTP 200 OK status and provides the requested resource, often including a payment receipt in an X-PAYMENT-RESPONSE header.

• Client (Buyer): This can be a human developer, AI agent, or application. Its responsibilities include initiating requests, reading 402 responses, constructing valid payment payloads using its crypto wallet, and resubmitting requests with the PAYMENT-SIGNATURE header.
• Server (Seller): This is the API or service provider that wants to monetize a resource. Its responsibilities include responding with 402 Payment Required, providing payment requirements, verifying incoming payment payloads, and delivering the resource upon confirmation.
• Facilitator: An optional but recommended third party that simplifies the process for servers. Its function is to verify payment payloads and settle transactions on the blockchain. While Coinbase Developer Platform (CDP) operates the first production facilitator at https://x402.org/facilitator, the protocol is permissionless, allowing for community-run or private enterprise facilitators. This model is trust-minimized because every payment payload is signed by the buyer and settles directly on-chain; a facilitator that tampers with the transaction will fail signature checks.

The x402 protocol is built upon existing web standards and specific blockchain capabilities to ensure broad compatibility and efficiency.

The x402 protocol is designed to be blockchain-agnostic. The following table summarizes the networks and assets currently supported by the primary CDP Facilitator.

*Gas is paid on-chain; CDP’s x402 facilitator adds zero facilitator fee to buyers. ¹ While all SPL tokens are supported, USDC is the primary SPL token used in most x402 implementations.

• HTTP Native Design: x402 is built directly on existing HTTP standards. It extends web requests with custom headers like PAYMENT-REQUIRED and PAYMENT-SIGNATURE and does not require proprietary browsers or SDKs.
• Stateless Architecture: Servers do not need to manage client identities or session state, and clients only need their crypto wallet. This design makes the protocol highly scalable and simplifies implementation.
• EVM and EIP-3009: On EVM-compatible chains like Base, the protocol relies on the EIP-3009 “Transfer With Authorization” standard. This enables a gasless experience for the user, as it requires only a single signature to authorize a third party (the facilitator) to execute a token transfer and pay the associated gas fees.
• Solana and SPL Tokens: On Solana, the protocol supports all SPL (Solana Program Library) tokens. An alternative flow is possible where the client submits the transaction directly to the network with a memo instruction, then sends only the transaction signature to the server for verification. This prevents issues where a client pays but loses connection before receiving the resource.
• CAIP-2 Identifiers: The protocol uses CAIP-2 (Chain Agnostic Improvement Proposal 2) as the standard format for identifying blockchain networks. Examples include eip155:8453 for Base and solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp for Solana mainnet.
• Schemes: A “scheme” defines a logical way of moving money. The primary scheme is exact (pay a specific amount), with future schemes like upto (pay up to a certain amount based on usage) and deferred (delayed settlement) proposed.

Adopting the x402 protocol offers several key benefits over traditional payment systems.

A growing ecosystem of platforms, tools, and governing bodies is driving the adoption and standardization of the x402 protocol.

The x402 Foundation, a collaborative effort between Coinbase and Cloudflare, was launched to oversee governance, promote standardization, and drive global adoption of the protocol. Furthermore, x402 is included as part of the Agents Payment Protocol (AP2), a Google-led initiative aimed at standardizing payment flows for AI agents.

• Facilitators: Key facilitators include the Coinbase Developer Platform (CDP) Facilitator, PayAI, and Corbits. The CDP facilitator is a primary option that offers fee-free USDC settlement on Base and Solana.
• SDKs and Libraries: The ecosystem is supported by a robust set of SDKs for major frameworks. Key packages include @x402/express, @x402/next, @x402/hono for servers, @x402/axios for clients, the Go library github.com/coinbase/x402/go, and the Solana-first SDK Corbits.
• Wallet Solutions: Supports user-managed Externally Owned Accounts (MetaMask, Coinbase Wallet), Programmatic Server Wallets from CDP, and embedded wallet solutions like Privy.
• Discovery and Analytics: The x402 Bazaar serves as a machine-readable catalog for discovering payable APIs. x402scan is the ecosystem explorer, providing real-time analytics.

x402 enables granular, pay-per-call billing models for API providers. Instead of requiring monthly subscriptions, developers can charge a small fee for each request to a weather data API, AI model inference endpoint, or market data feed.

AI agents can leverage x402 to autonomously pay for the resources they need to complete tasks. For instance, an agent can pay for premium data from a web scraping service like Firecrawl, purchase compute resources like GPU minutes, or access specialized tools on a Model Context Protocol (MCP) Server.

Creators can monetize individual pieces of content without forcing users into subscriptions. Examples include charging a few cents per article read, per second of video streamed, or per download for a high-resolution image.

• Cloud Storage: Paying per gigabyte of storage or bandwidth consumed.
• VPN/Proxy Access: Per-GB bandwidth pricing for secure internet access.
• Spam Prevention: Requiring micro-payments to filter email or direct messages.

Developers can integrate x402 into their applications with minimal code using available middleware and client libraries.

For API providers, implementation typically involves adding middleware to an existing server framework. The following example uses the x402-express package to protect an endpoint:

Copy

For clients, libraries like x402-axios provide an interceptor that automates the payment handshake.

Copy

• Refunds: Payments are push-based and irreversible. Refunds must be handled at the business-logic layer.
• Compliance: Businesses must adhere to financial regulations. Facilitators can integrate KYT and OFAC screening.
• Wallet Onboarding: Onramp services like Transak and embedded wallet solutions like Privy are crucial for mainstream adoption.

The protocol is continuously evolving. Cloudflare has proposed a deferred payment scheme, which would allow for delayed settlement and the aggregation of micro-transactions.

x402’s most significant potential lies in enabling a “Machine Economy,” where autonomous AI agents become primary economic actors. These agents can use wallets linked to decentralized identities, such as ERC-8004 “Trustless Agents,” to transact, earn, and build on-chain reputations without human intervention.

• Official Website: x402.org
• Documentation: docs.cdp.coinbase.com/x402/welcome
• GitHub Repository: github.com/coinbase/x402
• Ecosystem Explorer: x402scan.com
• Cloudflare Demo Playground: A live environment to see the protocol in action. playground.x402.cloudflare.com