Author: Clow, Baihua Blockchain
An AI wrote a piece of code that requires data for verification.
It sent an HTTP request, and the server returned a number: 402.
Then, it paid $0.001 using USDC. The data returned in less than a second.
This transaction requires no account, no password, no bank card, and no KYC. No one is involved in the entire process.
This is no longer science fiction. By the end of 2025, the x402 protocol processed over 100 million such transactions; another 15 million were added in the first 30 days of this year.
The payment code that has been dormant for thirty years
In 1990, the designers of the HTTP protocol reserved a specific status code: 402, Payment Required.
It's straightforward—“you need to pay to get in here.”
But this status code has never been officially used. It has simply remained in the protocol documentation, sleeping for thirty-four years.
The reason is simple: the first builders of the internet never imagined that machines would one day be paying bills. Credit cards, bank accounts, KYC verification—these payment infrastructures were designed for humans and completely fail in the face of autonomously running code.
The AI agent needs to call APIs, purchase data, and acquire computing power at millisecond speeds; the account registration and fee barriers of traditional payments are a dead wall.
In 2025, all three conditions will be in place.
The total supply of stablecoins has surpassed $300 billion; L2s like Base have reduced per-transaction costs to sub-penny levels; the AI Agent ecosystem, led by OpenAI and Anthropic, is beginning large-scale commercialization; Coinbase engineers unearthed the long-dormant 402 and decided to activate it.
In May 2025, Coinbase, in collaboration with Cloudflare, officially launched the x402 protocol. In September, they partnered to announce the formation of the x402 Foundation. A long-forgotten status code has returned to the center of the internet. Cloudflare manages approximately 20% of global web traffic—meaning x402 had immediate access to infrastructure from day one.
The machine learned to pay for the first time.
The design of x402 is surprisingly simple.
The AI Agent initiates an HTTP request; the server responds with a 402 status code and includes payment requirements: the amount, the blockchain, and the token type. The Agent signs the payment details using EIP-712 encryption, embeds the payment information into the request header, and resends it. After verifying the signature, the server delivers the requested resource.
Less than a second total, no account, no subscription, no API key.
It turned "payment" into a part of the internet. Like GET and POST, it’s just an HTTP action—any service can charge machines by adding just one line of middleware.
Data proves this logic works. Seven months after the protocol’s launch, it has processed over 100 million transactions. According to the Cambrian Network Q1 2026 report, over 15 million transactions have occurred in the past 30 days, with more than 400,000 buyers and over 80,000 sellers. The AI Agent population on Virtuals Protocol is the largest single source of transactions, autonomously settling collaboration fees between Agents on the protocol.
On December 11, 2025, x402 V2 launched. This upgrade transformed the protocol from “functional” to “user-friendly”: it supports multi-chain parallelism including Base, Solana, and Avalanche; introduces a Session mechanism (turning wallets into identity credentials, eliminating the need for on-chain interactions on repeated visits); and integrates ACH bank transfers and credit card networks—connecting Web2 and Web3 payment systems for the first time within this protocol.
Google subsequently integrated x402 into the Agent2Agent (A2A) protocol and released the Agentic Payments Protocol (AP2); machines paying for goods and services is becoming an infrastructure consensus among major tech companies.
Trust is the first hurdle in the agent economy.
The payment issue is resolved, but there's still a more fundamental question without an answer.
Commerce can’t happen if people don’t trust each other.
Davide Crapis is the AI lead at the Ethereum Foundation and one of the co-authors of ERC-8004. His insight directly identifies the core challenge of the Agent economy: when an AI Agent needs to hire another Agent to complete a task, how does it know the other isn’t a fraud? Where is the transaction record? How is reputation transmitted?
ERC-8004 is Ethereum's response to this issue. Drafted in August 2025, it officially launched on the Ethereum mainnet on January 29, 2026. It establishes three lightweight registries on-chain:
- Identity Registry: Each Agent receives an on-chain ID based on an ERC-721 NFT that is portable, transferable, and cross-chain verifiable; the AgentCard (in JSON format) records capabilities, endpoints, and x402 payment support status;
- Reputation Registry: Feedback signals between agents are recorded on-chain—accuracy, timeliness, and reliability scores; only indices are stored on-chain, with data hashes pointing to off-chain storage to reduce gas costs;
- Verify the registry: After the task is completed, a request is made to chain the hash of the result data for verification, providing cryptographic proof of whether the task was genuinely completed.
The founding team spans four major crypto ecosystems: Marco De Rossi from MetaMask, Davide Crapis from the Ethereum Foundation, Jordan Ellis from Google, and Erik Reppel from Coinbase. EigenLayer, ENS, The Graph, and Taiko have all expressed support. Less than a month after mainnet launch, the number of registered agents on Ethereum mainnet exceeded 24,000, reaching approximately 49,000 across all EVM chains.
The typical workflow is this: Agent A discovers service providers through the ERC-8004 identity registry, filters the reputation registry to select high-scoring Agent B, completes payment via x402, and attaches reputation feedback along with the payment record after task completion—payment history becomes a credit anchor. This chain is what Cambrian Network calls the “Agent Economic Operating System”: payment, identity, and reputation, unified into three layers.
How deep is the water here?
The data looks good, but a few things need to be clarified.
Tokens and protocols are two different things.
The x402 ecosystem token once reached a market cap of over $9 billion on CoinGecko, with daily trading volume exceeding $230 million. However, many of the so-called "x402 concept tokens" are meme tokens with no substantive connection to the protocol itself. Buying x402-related tokens does not equate to investing in the growth of the x402 protocol. This market has always excelled at blending narrative with reality—and this time is no different.
The technical risks have not yet been resolved.
The EIP-712 signature mechanism for x402 requires ongoing security audits. The ERC-8004 reputation registry is vulnerable to Sybil attacks—bulk registration of fake identities—and the current economic incentive structure remains inadequate. There is economic tension between high-frequency micropayments (as low as $0.0001 per transaction) and L2 gas fees (which can still reach $0.05), making extremely small transactions unviable at this stage due to fee erosion.
The protocol war is not over yet.
The three protocols—x402, Google’s AP2, and a16z’s ACP—coexist. If developers are fragmented across these three standards, network effects will be significantly diminished. Moreover, OpenAI and Anthropic could easily bypass on-chain protocols entirely and build their own closed-loop payment systems—they have users, data, and scale advantages, which represent competitive pressures x402 cannot ignore.
On the regulatory front, there is another gap. Who is the counterparty in a payment autonomously initiated by an AI agent? Where is the trigger point for KYC/AML obligations? No major jurisdiction has provided a definitive answer.
Summary
Someone once wrote a sentence that is fitting to quote here: "Inscriptions in 2023 enabled humans to etch value onto the chain; x402 in 2025 enabled machines to autonomously pay value on the network for the first time."
If HTTP connected the world's computers into an information network, the combination of x402 and ERC-8004 aims to connect billions of Agents into an open marketplace for services and data—no accounts, no approvals needed, just a request, a payment, and a result.
However, whether the protocol can prevail in fragmented competition, whether the trust mechanism can be truly perfected, and whether the agent economy can move from demo to real-world commerce—these remain unresolved questions.
Before the narrative materializes, it’s perhaps the most important thing for every participant to distinguish between “the value of the protocol” and “the token炒作 surrounding the protocol.”