x402: Can HTTP 402 Power Payments for AI Agents?
An open-source protocol is trying to give the internet a native payment layer for both humans and machines. Here's how it works, who's building on it, and what could go wrong.
The 30-Year Wait for HTTP 402
Every developer knows 200 OK, 404 Not Found, and 500 Internal Server Error. But there's one status code hiding in the HTTP spec since 1997 that almost nobody has used: 402 Payment Required.
The original RFC said: "This code is reserved for future use." The people who designed HTTP knew the web would eventually need a built-in way to pay for things. They just couldn't build it yet because there was no digital money that was fast, cheap, and programmable enough.
So what happened instead? Credit cards, Stripe, PayPal. All built on top of HTTP using forms, redirects, and 3-day settlement. They worked fine for humans. But they're useless for AI agents that can't fill out forms or pass KYC.
Three things changed:
- Stablecoins got good. USDC on modern chains like Base and Solana can confirm within seconds under normal network conditions, with very low transaction costs.
- L2 chains got fast. Base does ~2 second confirmations. Solana does ~400ms.
- AI agents showed up. Agents don't get decision fatigue from micropayments. They just need a wallet and a way to sign transactions. But they can't use credit cards.
Cloudflare has noted that automated traffic hits paywalled endpoints at massive scale, often returning HTTP 402 responses. These are regular HTTP 402 status codes, not x402 protocol transactions. But they show the scale of the problem: machines are already hitting paywalls constantly, and there's no standard way for them to actually pay.
What Is x402?
x402 is an open-source protocol from Coinbase that tries to put HTTP 402 to work. It is not part of the official HTTP standard, but a protocol layered on top of status code 402. It defines a standard way for servers to say "pay me" and clients to say "here's the money", all inside regular HTTP headers.
No traditional platform accounts. No API keys. No human needed.
The "x" means experimental, like X- headers. It launched in May 2025, making it less than a year old. Coinbase and Cloudflare announced collaboration around x402 in 2025, including plans for an x402 Foundation to push it toward a standard. The V2 release shipped in December 2025 with multi-chain support and a modular SDK. Adoption remains early, with integrations across several developer platforms. The protocol is still early-stage and has not had a formal security audit from a major firm.
How It Works (The Actual HTTP Flow)
In the simplest case, it's a two-request flow. Here's what happens when an OpenClaw agent tries to access a paid weather API:
1. Agent requests data, gets a 402 back
curl -i https://api.example-weather.xx/forecast?city=bangaloreHTTP/1.1 402 Payment Required
Content-Type: application/json
{
"x402Version": 2,
"accepts": [{
"scheme": "exact",
"network": "eip155:8453",
"maxAmountRequired": "100000",
"payTo": "0xRecipient...abc",
"description": "Weather forecast, Bangalore",
"extra": { "name": "USDC", "version": "2" }
}]
}
The server is saying: "This costs $0.10 in USDC on Base. Here's where to send it."
2. Agent signs the payment and retries
The agent's wallet signs an EIP-3009 authorization (a gasless USDC transfer), then sends the same request again with the payment attached:
curl -i \
-H "X-PAYMENT: eyJwYXlsb2FkIjp7InNpZ25hdHV..." \
https://api.example-weather.xx/forecast?city=bangaloreHTTP/1.1 200 OK
X-PAYMENT-RESPONSE: eyJ0eEhhc2giOiIweGFiYy4uLiJ9
{
"city": "Bangalore",
"forecast": "Partly cloudy, 32°C, humidity 78%",
"next_3_days": [...]
}
That's it. The facilitator verified the payment, settled it on-chain, and the server returned the data. Under normal network conditions, the whole thing takes about 2 seconds.
The Four Players
| Who | What They Do |
|---|---|
| Client | Requests data, signs payments. Can be a browser, app, or AI agent. |
| Resource Server | Your API. Returns 402 when payment is needed. Does not interact with the blockchain directly in the default facilitator model. |
| Facilitator | The bridge between HTTP and blockchain. Verifies signatures, submits transactions, handles gas. Coinbase runs one for free (1,000 tx/month). |
| Blockchain | Where the money actually moves. Base or Solana. |
The key design choice: your server doesn't need to talk to the blockchain directly. You don't need to run a node or write smart contracts. The facilitator does all of that.
Building With x402
Selling: Add Payments to Your API (Express)
import express from "express";
import { paymentMiddleware } from "@x402/express";
const app = express();
// paymentMiddleware handles 402 response + verification + settlement
app.use(paymentMiddleware({
"GET /forecast": {
price: "$0.10",
network: "base",
description: "Weather forecast",
},
}));
app.get("/forecast", (req, res) => {
res.json({ city: "Bangalore", forecast: "Partly cloudy, 32°C" });
});
app.listen(4021);One middleware call. Every unauthenticated request to /forecast gets a 402 with payment instructions. The middleware handles verification and settlement automatically.
Selling: Next.js Middleware (Vercel)
import { paymentMiddleware } from "@x402/next";
export default paymentMiddleware({
"/api/forecast": {
price: "$0.05",
network: "base",
description: "Weather API",
},
});Buying: Make Paid Requests (TypeScript)
import { x402Client, wrapFetchWithPayment } from "@x402/fetch";
import { registerExactEvmScheme } from "@x402/evm/exact/client";
import { privateKeyToAccount } from "viem/accounts";
const signer = privateKeyToAccount(process.env.PRIVATE_KEY!);
const client = new x402Client();
registerExactEvmScheme(client, { signer });
const fetchWithPay = wrapFetchWithPayment(fetch, client);
// This handles 402 -> sign -> retry automatically
const res = await fetchWithPay("https://api.example-weather.xx/forecast?city=bangalore");
console.log(await res.json());Buying: Python
import asyncio, os
from eth_account import Account
from x402 import x402Client
from x402.http.clients import x402HttpxClient
from x402.mechanisms.evm import EthAccountSigner
from x402.mechanisms.evm.exact.register import register_exact_evm_client
async def main():
client = x402Client()
account = Account.from_key(os.getenv("PRIVATE_KEY"))
register_exact_evm_client(client, EthAccountSigner(account))
async with x402HttpxClient(client) as http:
resp = await http.get("https://api.example-weather.xx/forecast?city=bangalore")
print(resp.json())
asyncio.run(main())Install
# TypeScript
npm install @x402/fetch @x402/evm # client
npm install @x402/express @x402/evm # server (Express)
npm install @x402/next @x402/evm # server (Next.js)
# Python
pip install "x402[httpx]" # async
pip install "x402[requests]" # syncHow OpenClaw Agents Use x402
This is where it gets interesting, at least in theory. OpenClaw agents are autonomous. They run on a device, connect to messaging platforms, and act on behalf of the user. x402 could give them the ability to spend money without asking every time.
Example: Agent-to-Agent Restaurant Booking
Say a personal travel agent is built on OpenClaw. A user tells it: "Book me a table for two at a nice Italian place in Bangalore tonight."
The agent doesn't know Bangalore restaurants. But there's another agent running a restaurant discovery API, charging $0.05 per search via x402. And a third agent running a booking service at $0.20 per reservation.
Here's what happens without any human involvement:
- The travel agent calls the restaurant discovery API
- Gets back a 402: "Search costs $0.05 in USDC"
- The agent checks its spending policy, signs the payment, retries
- Gets a list of Italian restaurants with availability
- Picks the best match, calls the booking agent's API
- Gets another 402: "Booking costs $0.20 in USDC"
- Signs, pays, gets a confirmed reservation
- Sends the user a confirmation on WhatsApp
Three agents, two payments, zero human approvals. Each agent is just an API behind an x402 paywall. They don't need to know each other, share API keys, or have accounts with each other. The wallet is the identity and the payment is the authentication.
This is the pattern x402 is designed for. Any agent can sell a capability as a paid endpoint. Any other agent can discover it and pay for it on the spot. Whether this actually works reliably in practice is still being figured out.
MCP + x402: Paid Tool Discovery
OpenClaw has native MCP support. When MCP servers expose paid tools via x402, an agent can discover and pay for them automatically:
import { withPayment } from "x402-mcp";
import { experimental_createMCPClient as createMCPClient } from "ai";
const url = "https://example-mcp-server.xx";
const mcpClient = await createMCPClient({
transport: new StreamableHTTPClientTransport(url),
}).then((client) => withPayment(client, { account }));
// Agent discovers paid tools and pays automatically
const tools = await mcpClient.tools();Cloudflare and Vercel both ship x402-MCP integrations, and a growing number of MCP servers support x402 payments.
How Agents Actually Pay (Under the Hood)
Traditional payments need a human, someone who types a card number and clicks "Pay." Agents can't do that. Here's how x402 solves it:
Wallet setup. Every agent gets a blockchain wallet (public/private key pair). Fund it with USDC. The agent controls its own key.
Gasless signing. The agent never needs ETH or SOL for gas. It just signs an EIP-3009 authorization message saying "I authorize transferring X USDC from my wallet to this address." The facilitator submits the actual transaction and pays the gas.
Spending policies. Good agents don't blindly pay every 402 they see. They check:
- Is this within my per-transaction limit?
- Am I under my daily budget?
- Is this domain whitelisted?
- Is this data actually useful for my current task?
Finality. Once settled, it's done. No chargebacks, no disputes, no 3-day wait. The agent gets a transaction hash as receipt.
x402 vs Traditional Payments
| Stripe / Cards | x402 | |
|---|---|---|
| Settlement | 1-3 business days | ~2 seconds (Base, normal conditions) |
| Minimum payment | ~$0.50 (fees kill micropayments) | Very small amounts impractical on card networks |
| Account needed | Yes | No |
| Works for AI agents | No | Yes |
| Chargebacks | Yes | No, blockchain finality |
| Fees | 2.9% + $0.30 | Near-zero (gas only) |
| Integration | SDK + webhooks + dashboard | One middleware function |
Who's Involved (And How)
Not all involvement is equal. Some companies built production integrations, others are just exploring.
| Company | Involvement | Status |
|---|---|---|
| Coinbase | Created the protocol. Runs the primary facilitator (1,000 free tx/month). | Production |
| Cloudflare | Collaborating on x402 Foundation. x402 in Workers and Agents SDK. | Production |
| Vercel | x402-next middleware, x402-fetch client, x402-mcp for paid MCP tools. | Production |
| Browserbase | AI agents pay per browser session via x402. No signup needed. | Production |
| Stripe | Has discussed stablecoin micropayment integrations on Base. Formal x402 support remains early. | Preview |
| Built a separate protocol (AP2) that is payment-agnostic and could interoperate with crypto-based protocols like x402. | Complementary | |
| Visa | Exploring alignment between its Trusted Agent Protocol (TAP) and x402. | Exploratory |
What V2 Changed (December 2025)
- Multi-chain via CAIP-2. Universal chain identifiers.
eip155:8453for Base,solana:5eykt4U...for Solana. Any chain can be added. - Wallet-based identity. Servers recognize returning wallets. Pay once, access for a duration instead of re-paying on every call.
- Deferred payments. Settle later instead of immediately. Enables post-pay models.
- Dynamic recipients. Server picks the recipient at request time. Enables marketplace routing.
- Traditional rails. The design allows traditional rails like ACH or cards to be integrated through the same 402 negotiation flow.
- Modular SDK. Add new chains, facilitators, or payment schemes without changing the core protocol.
Sequence Diagram
x402 Is Not the Only Option
x402 is one of the more visible crypto-native micropayment protocols today, but it's not the only one trying to solve agent payments. The landscape is actively fragmenting:
| Protocol | Backed By | Approach |
|---|---|---|
| x402 | Coinbase, Cloudflare | Crypto-native, HTTP-level, stablecoin micropayments |
| ACP (Agentic Commerce Protocol) | OpenAI, Stripe | Fiat-focused, already live in ChatGPT for Etsy sellers |
| AP2 (Agent Payments Protocol) | Google, 60+ partners | Payment-agnostic, supports PayPal, Amex, and x402 |
| Visa TAP | Visa | Leverages existing card network for agent payments |
| Mastercard Agent Pay | Mastercard | Mastercard's equivalent for AI agents |
No single protocol is likely to win everything. x402 makes the most sense for stablecoin micropayments between autonomous agents. ACP has stronger traction in traditional e-commerce. AP2 has the broadest institutional coalition. If you're building something, it's worth understanding all of them.
Things to Know Before You Build
No refunds by default. Blockchain finality means the payment is permanent. If you need refund logic, you have to build it yourself.
USDT doesn't work. Current EVM implementations of x402 rely on EIP-3009-style authorizations for gasless USDC transfers. USDC supports it, USDT doesn't. So the biggest stablecoin by market cap is currently excluded.
No formal security audit. As of February 2026, x402 has not been audited by a major security firm. The protocol is open-source and you can read the code, but there's no third-party assurance that the facilitator verification, signature validation, or settlement logic is bulletproof. For production use with real money, this matters.
Facilitator concentration. Much of the current ecosystem relies on Coinbase's facilitator. If it goes down, there's no automatic fallback. Open-source alternatives exist but aren't battle-tested yet.
Extra latency. The 402 round-trip adds ~2 seconds under normal network conditions. For latency-sensitive use cases, wallet-based identity (V2) helps by caching auth.
Regulatory gray area. Autonomous cross-border micropayments don't fit neatly into existing financial regulations. KYC/AML compliance falls on the service providers, not the protocol.
OpenClaw is still in beta. It's powerful but young. OpenClaw agents run with elevated permissions: shell access, file system access, network access. When you add x402 payment capabilities on top of that, you're giving an agent with broad system access the ability to spend real money. Security audits have flagged numerous vulnerabilities, including critical ones. A recently disclosed remote code execution vulnerability was later patched. The ClawHub skill marketplace has also had incidents with malicious skills. If you're experimenting with OpenClaw + x402, keep wallet balances small, use spending caps, whitelist trusted endpoints, and don't run it on machines with sensitive data.
The Takeaway
For 30 years, HTTP 402 was a placeholder. The technology wasn't ready. No fast money, no cheap chains, no machine clients. All three showed up at the same time, and x402 is trying to fill the gap with a simple design: server says "pay me," client signs a payment, facilitator settles it on-chain.
The protocol is less than a year old. It has no formal security audit, relies heavily on a single facilitator, and competes with at least four other approaches. But the core idea is sound and the developer experience is genuinely simple. If you're building AI agents that need to pay for things, x402 is worth understanding, even if you should be cautious about putting real money through it today.
Resources:
