jimmy·research
Home/Agentic Commerce/x402 Protocol
EN中文
Product

x402 Protocol

An open HTTP-native payment standard that revives the dormant 402 Payment Required status code so AI agents can pay fractions of a cent for any API call in a single round trip — no accounts, no keys, no invoices.

1. Core Product / Service

x402 is an open spec (not a SaaS) authored by Coinbase and stewarded since April 2026 by the x402 Foundation under the Linux Foundation [1][2]. It uses HTTP semantics end-to-end:

Flow (one round trip, stateless):

  1. Client GET /resource → server returns 402 Payment Required with payment terms (amount, asset, recipient, network, facilitator URL) in the response body.
  2. Client signs an EIP-3009 transferWithAuthorization payload (USDC/EURC) or Permit2 (any ERC-20), base64-encodes it, retries the request with X-PAYMENT: <payload> header.
  3. Facilitator (e.g. Coinbase CDP) verifies the signature off-chain, settles on-chain (sub-second on Base/Solana), returns receipt.
  4. Server returns 200 OK with resource + optional X-PAYMENT-RESPONSE receipt header [3].

v2 (Feb 2026) renamed schema fields (amount instead of maxAmountRequired), split into @x402/core + @x402/evm packages, and added Solana support [4]. Coinbase's CDP facilitator is free for the first 1,000 tx/month, then $0.001/tx, covers Base, Polygon, Arbitrum, World, Solana.

Key property: stateless, account-less, no API keys. A buyer wallet is the only identity. Drops into MCP servers via x402-mcp (define paidTool with price + wallet), into Cloudflare Workers via @x402/core, into FastAPI/Express via 1-line middleware.

2. Target Users & Pain Points

Sellers — API providers, MCP tool authors, content publishers, infra services:

  • Pain: API-key + monthly-invoice model breaks for sub-cent agent traffic; metering/billing/fraud are heavy.
  • Fix: A single HTTP middleware turns any endpoint into pay-per-call, settled in stablecoins, no integration with Stripe/billing.

Buyers — AI agents (Claude/MCP, Bedrock AgentCore, Cloudflare Agents, autonomous bots):

  • Pain: Can't sign up for accounts on every API; can't safely hold API keys; need fine-grained spend control.
  • Fix: Agent wallet (often MPC, e.g. AgentKit) signs per-call, with per-tool budget caps. No KYC, no onboarding flow.

The wedge is the long tail of agent tool calls priced under $0.01 — a market Stripe historically can't service due to fixed fees.

3. Competitive Landscape

Protocol Author Layer Settlement Identity / Trust Fiat? Status
x402 coinbase-agentkit (Coinbase) + LF HTTP/wire On-chain stablecoin (Base, Solana, etc.), EIP-3009 Wallet signature only No (USDC/EURC/USDT/PYUSD) Live, 165M tx, 69k agents (Apr 2026) [5]
AP2 Google Authorization / mandate Pluggable (incl. x402 extension) Verifiable agent mandates, KYC-friendly Yes (cards) Spec, partnerships (kite-ai Feb 2026)
MPP Stripe + tempo-mpp Payment session Tempo L1 (sub-second) or fiat rails Stripe-account-tied + Shared Payment Tokens Yes (Visa, USDC) Launched Apr 2026
ACP OpenAI / Anthropic-aligned Commerce checkout Hands off to MPP/x402 Conversational checkout flow Yes Early
KYAPay skyfire Identity + payment Card-rail wrapper KYA (Know Your Agent) credential Yes Live

These are not pure rivals — they layer: AP2 sits on top of x402 (Google ships an x402 extension); MPP can carry x402 settlements via Shared Payment Tokens; Stripe officially supports both MPP and x402; ACP routes to either. The actual dichotomy is crypto-native settlement (x402) vs Stripe-account-mediated settlement (MPP) — sellers will likely accept both.

x402's edge: lowest dev-onboarding friction (no Stripe account, no KYB, just a wallet) and smallest viable transaction size (sub-cent works). Weakness: USDC-on-EVM-only for EIP-3009 path; Permit2 covers other ERC-20s but adds gas; no native fiat; regulatory ambiguity per jurisdiction.

4. Unique Observations

  • AWS adoption (May 2026) is the inflection point. Amazon Bedrock AgentCore Payments (Preview) ships x402 as a first-class capability, alongside Stripe MPP — meaning every Bedrock-built agent inherits x402 rails by default [6]. The blockEden community is calling it "the most important protocol of 2026" alongside Google/Stripe/AWS/Visa endorsements.

  • Founding coalition for the x402 Foundation (Apr 2 2026): Coinbase, Cloudflare, Linux Foundation as anchors; Stripe, AWS, Google, Microsoft, Visa, Mastercard signed on. This is unusually broad — historical analog is the early HTTP/2 working group. skyfire and Anthropic MCP-side adoption follows naturally.

  • Cloudflare's strategic bet (Agents SDK v0.4.0, Feb 2026): every Cloudflare Worker can be both an x402 buyer and seller; MCP servers expose paidTool primitives. Cloudflare's commercial pitch is "x402 fixes the AI-agent-traffic-breaks-ad-economics problem" — pay-per-fetch replaces ad attribution.

  • From Jimmy's notes: x402 is the commodification layer for agentic commerce — once it's universal, the value migrates up to (a) facilitators that earn $0.001/tx fees at scale, (b) info intermediaries / aggregators like kite-ai (which native-supports x402 in its Layer-1 settlement) and Locus (YC F25, currently buying APIs wholesale and re-selling on tempo-mpp at 2-3x markup; same play could shift to x402 info-intermediary), and (c) wallet/identity layers (skyfire, AgentKit). Pure x402 sellers compete on price; pure x402 buyers see commoditized cost. See kite-x402 and verify-not-trust for the trust-stack thesis.

  • Volume trajectory: Mar 2026 131k tx/day, ~$28k value (lots of testing). By late Apr: 165M cumulative tx, $50M cumulative volume, 69k active agents — 1000x growth in a quarter, but ASP still tiny ($0.30 average). Real value is the install base, not current GMV.

5. Financials

N/A — open spec, no entity, no revenue. Proxy metrics:

  • Cumulative on-chain volume: ~$50M (late Apr 2026) [5]
  • Cumulative tx count: ~165M
  • Active agent wallets: ~69k
  • Foundation backers: Coinbase, Cloudflare, AWS, Google, Microsoft, Stripe, Visa, Mastercard, Linux Foundation
  • Facilitator pricing benchmark (Coinbase CDP): free <1k tx/mo, then $0.001/tx — i.e. a single facilitator could earn ~$165k off all x402 tx to date if on it; in practice facilitator market is competitive

6. People & Relationships

  • Author / spec lead: Erik Reppel, Head of Engineering at Coinbase Developer Platform; co-author of the x402 whitepaper.
  • Stewarding org: x402 Foundation (Linux Foundation project, founded April 2 2026).
  • Major adopters / integrators:
    • AWS — Bedrock AgentCore Payments (May 2026)
    • Cloudflare — Agents SDK + MCP server primitives
    • Anthropic — MCP paidTool reference patterns
    • Stripe — supports x402 alongside its own MPP
    • Google — AP2 extension routes to x402
    • kite-ai — native x402 support in L1 settlement; Coinbase Ventures is a strategic investor
    • skyfire — KYAPay layered on x402 for identity-bound payments
    • coinbase-agentkit — wallet infra reference implementation
  • Adjacent / partial overlap: tempo-mpp (Stripe's payment-session protocol, complementary not rival).

[1] https://www.coinbase.com/blog/coinbase-and-cloudflare-will-launch-x402-foundation [2] https://blog.cloudflare.com/x402/ [3] https://github.com/coinbase/x402/blob/main/specs/schemes/exact/scheme_exact_evm.md [4] https://www.x402.org/writing/x402-v2-launch [5] Coinbase disclosures (Apr 2026), per multiple secondary sources [6] https://aws.amazon.com/blogs/machine-learning/agents-that-transact-introducing-amazon-bedrock-agentcore-payments-built-with-coinbase-and-stripe/

Related

coinbase-agentkitkite-aiskyfiretempo-mpp
Last compiled: 2026-05-09