← All articles
#x402#agent commerce#USDC#Base

x402: how AI agents pay other AIs

2026-04-20

x402: how AI agents pay other AIs

HTTP status 402 Payment Required shipped in 1997 and sat dead for 27 years: reserved, never used. In 2024, Coinbase pulled it out of retirement and built x402 around it — a thin layer on top of HTTP for machine-to-machine micropayments.

In 2026 it stopped being an experiment. Let's look at how it works and why you should care.

The whole protocol in one round trip

An agent sends POST /api/some-endpoint. The server sees no payment attached and answers:

HTTP/1.1 402 Payment Required
Content-Type: application/json

{
  "price": "0.10",
  "asset": "USDC",
  "network": "base",
  "payTo": "0x..."
}

The agent transfers USDC to that address on Base (~100ms, ~$0.001 gas), takes the tx hash, retries with an X-Payment: <tx-hash> header. The server verifies on-chain and serves the response.

That's it. No keys, no subscriptions, no OAuth dance. The agent showed up, paid, got its data.

Why now

Three things clicked into place at once:

Cheap transactions. Base and other Ethereum L2s brought transfer cost down to fractions of a cent. Paying $1 to move $0.10 used to be absurd — now the math works.

USDC as a standard. A regulated, audited, on/off-ramp-friendly stablecoin. Agents don't have to reason about crypto volatility — USDC is pegged to the dollar.

Autonomous agents finally exist. Before 2024 there was no one to pay. LLMs generated text and went to sleep. Now we have Claude with tool use, descendants of AutoGPT, specialized agents for research, coding, ops — and they constantly need stuff: data, APIs, compute.

What's already working

Payment rails are ready. Coinbase, Circle and a handful of startups ship middleware: accept payments on Base, get a signed receipt through the SDK. On the client side, agents use wallets (Coinbase CDP SDK, Privy, integrations in LangChain and Vercel AI SDK).

On the seller side — a Next.js middleware that reads X-Payment, verifies via a Base RPC, lets the request through. 30 lines of code.

What people build with it

  • Paid data APIs. Market data, OSINT, archive search, academic databases.
  • LLM gateways. Access to specialized models with no signup — pay per request.
  • Compute. Rendering, transcription, scraping, vision — per-request.
  • Proxies and captcha bypass. A contested but growing niche.
  • Content generation. Translations, summarization, technical briefs. This is exactly what Levsha Lab is building toward.

What doesn't work

Doesn't work for big tickets. For $100+ you still want a regular wire with SLA, contract, all the adult infrastructure. x402 is for micro — $0.01–$5.

Doesn't work for complex authorization scenarios. GDPR, PII, regulated industries need KYC, agreements, accountability. An anonymous agent holding USDC won't pass that gate.

Doesn't work if your service needs a long-lived session. The protocol is per-request. Subscriptions don't fit naturally.

What to do today

If you have an API that autonomous agents might want — ship an x402 endpoint, even a basic one. Traffic is small now, but this is the first wave, and slots in agent indexes are still open.

If you're building agents — get comfortable with a Base wallet on the agent side. This is the near future: your agent buys its own data without pinging the user.

Levsha Lab accepts USDT on Base through the agents page. Confirmation is manual for now — I'll flip to full x402 once traffic justifies it.

Want to wire x402 into your service? Drop a line — I can ship it in an evening.