01 Introduction: When AI Can’t Swipe a Credit Card, Which Link in the Internet Economy Gets Stuck?
In June 2024, an AI agent named “AutoGPT-Trader” was launched on Reddit. Its task was simple: monitor Tesla’s stock price and send a technical analysis every 15 minutes. After 7 days, it was halted due to “inability to pay for Alpha Vantage’s API fees”—the developer forgot to renew the credit card.
This seemingly trivial news reflects a neglected fact: today’s internet operates on a “human-centric” payment architecture. Registration, 3D verification, billing address, minimum recharge amount… every step assumes that “the payer is a natural person.” When machines start to call machines on a large scale, traditional payments are like fueling an electric car with gasoline—interfaces do not match.
The HTTP protocol reserved status code 402 Payment Required back in 1992, but it has been idle for 30 years due to the “lack of native payment methods.” Bitcoin introduced “native currency,” but it couldn’t support “micro + high-speed” transactions; Ethereum has smart contracts, but gas fee fluctuations make payments of $0.01 impractical. It wasn’t until the circulation of stablecoins exceeded $16 billion and Layer 2 transaction fees dropped to $0.001 that “waking up 402” transformed from a meme into a business plan. In October 2024, Coinbase, in collaboration with AWS, Circle, and NEAR, officially launched the x402 protocol, aiming to allow every HTTP request to carry a “price tag” and enable machines to autonomously complete settlements.
02 What is x402: An HTTP Header That Inserts “Dollars” into TCP Packets
The full name of x402 is “x402 Payment Protocol”; it is neither a new blockchain nor a new token, but rather a “cash register-level” extension of the HTTP “header fields.”
It consists of only two lines:
<span>Price: 0.05 USDC</span>
<span>Address: 0x1234…AbCd</span>
When a client (which can be a browser or an AI script) first requests a resource, if the server returns a 402 status code and includes the above fields in the response header, it indicates “Want the data? Pay 5 cents first.” After the client wallet signs the transaction, it packages the txHash and signature into Base64 and sends it again in the <span>X-Payment</span> request header; the node verifies the on-chain receipt and immediately returns the business data, along with an on-chain invoice <span>X-Payment-Receipt</span>.
The entire process involves no webpage redirection, no OAuth, no SMS verification—just pure machine dialogue, averaging 1.3 seconds (the base chain block time is 2 seconds, but nodes can accept 0 confirmations + signature verification, allowing for release within 1 second). In the words of a Coinbase engineer: “x402 breaks down subscriptions into ‘pay-per-bit.'”
03 What Problems Does It Solve: API Economy, AI Agents, and the “Long Tail Payment Wall”
3.1 The Developer’s “Package Dilemma”
Traditional SaaS can only sell “packages”: basic, professional, and enterprise versions. The reality is that 80% of users only utilize 5% of the features but must pay for the entire meal. x402 allows “each API endpoint” to be priced independently, upgrading developers from “selling packages” to “selling grams.”
Case Study: A weather startup in London broke down “real-time weather” into 47 micro APIs, with the most expensive “satellite cloud map” costing $0.009 per call and the cheapest “current temperature” costing $0.0002 per call. Within two weeks of launch, it achieved 3.8 million daily calls and generated $4,700 in revenue, while server costs were only $210—a gross margin of 95%.
3.2 The Economic Autonomy of AI Agents
AI cannot go through KYC, and thus cannot hold credit cards. x402 only requires a private key to make unlimited payments (depending on wallet balance), effectively giving AI a “nameless global corporate card.”
Scenario: AutoGPT spawns child agent A to “find information” and child agent B to “create illustrations.” A spends $0.0003 to buy 1 KB of data on EigenDA, while B spends $0.8 to generate an image on Midjourney-402, all without human input for CVV.
3.3 User’s “Privacy Friction”
The EU’s PSD2 and North America’s PCI-DSS both require platforms to minimize the storage of cardholder information. The payment proof of x402 is a “one-time txHash,” which does not involve names, addresses, or postal codes, naturally complying with GDPR’s “data minimization” principle.
04 Operation Process: A “Machine-to-Machine” Payment Handshake, Dissected for You
To give you an intuitive feel, we break down “AI buying weather data” into 7 TCP packets:
① Client → Server:<span>GET /weather/London</span>
② Server → Client:<span>HTTP/1.1 402 Payment Required</span> + <span>Price: 0.01 USDC</span> + <span>Address: 0x42…e5</span> + <span>Chain-Id: 8453</span> (Base)
③ The client wallet locally constructs the transfer, broadcasts it on-chain, and receives txHash=<span>0xabc…</span>
④ Client → Server: the same GET, with the addition of <span>X-Payment: base64(json{txHash, signature})</span>
⑤ The server node calls <span>eth_getTransactionReceipt(0xabc…)</span>, confirming receipt of 0.01 USDC, with no Reorg
⑥ Server → Client:<span>HTTP/1.1 200 OK</span> + <span>X-Payment-Receipt: 0xabc…</span> + Body: Weather JSON
⑦ The client writes the receipt into local logs for auditing and tax refund purposes.
The entire process averages 1.3 seconds, with an additional bandwidth overhead of only 324 bytes, far less than a single TLS handshake.
05 Why It Suddenly Became Popular: Airdrop Expectations, Base Chain Explosion, and “Visa’s Alignment”
On October 9, the day Coinbase announced the “x402 testnet,” daily active users on the Base chain surged from 380,000 to 920,000, with a net cross-chain inflow of USDC reaching $110 million. It wasn’t just the technology that was hot, but also the FOMO of “potential airdrops”: any Pull Request merged on GitHub would prompt the official bot to reply “402-founders-list” and record the GitHub ID, seen by the community as a “potential airdrop certificate.”
Shortly after, on October 14, Cloudflare announced during its Birthday Week that “Workers now natively support x402,” allowing developers to turn any API into a “paywall” with just two lines of configuration in <span>wrangler.toml</span>. On the same day, Visa’s crypto division revealed in a Twitter Space that it was “testing an AI agent business card bridged by x402.” The “two-way rush” between traditional finance and crypto infrastructure elevated x402 from a “geek toy” to a “candidate for industry standard.”
06 Ecological Landscape: A Closed Loop from “Data Raw Materials” to “AI Consumption”
|
Level |
Representative Projects |
Charging Granularity |
Remarks |
|
Data Availability |
EigenDA |
0.0001 USDC/KB |
Ethereum modular DA, x402 is the first to try |
|
Decentralized Mapping |
Hivemapper |
0.003 USDC/per aerial image |
Most frequently called by autonomous driving AI |
|
Off-chain Computing |
Akash |
0.12 USCU/CPU-hour |
Supports x402 payments, GPU premium 3 times |
|
Image Generation |
Midjourney-402 |
0.8 USDC/per call |
Community unofficial version, has generated $310,000 USDC |
|
Large Model Inference |
Near-AI |
0.02 USDC/1K token |
Founded by the same team as x402, naturally integrated |
According to Dune’s data on October 22, within 13 days of the x402 protocol’s launch, there have been 4.7 million confirmed micropayments on-chain, totaling $894,000 USDC, with an average transaction value of $0.19. In comparison, traditional Stripe’s minimum rate of 1.4% + $0.30 means that for the same amount, Stripe would charge $0.33—17 times more expensive than x402.
07 Future Outlook: Three Damocles Swords and a Golden Track
7.1 Regulatory Fog
The U.S. FinCEN’s 2025 draft considers “anonymous payments > $1” as “reportable transactions.” Although x402’s “one-time txHash” does not include names, IP addresses can still be logged. If the server is deployed in the U.S., is KYC required? Coinbase’s legal team has proposed a temporary solution: “Single transactions ≤ $1, cumulative ≤ $1,000/address/day” may be exempt, but state-specific details are still pending.
7.2 Technical Backlash
Micropayments have drastically reduced the cost of “junk requests.” On October 20, someone used 2,000 new addresses to each pay $0.01 USDC, launching 1.2 million calls to the Cloudflare-402 image API, resulting in 6 TB of outbound traffic. Cloudflare was forced to add a “Proof-of-Work header,” requiring clients to compute an 8-digit hash before initiating payment—this pushed “payment” into a strange hybrid of “proof of work.”
7.3 Staking Centralization
x402 recommends nodes use “0 confirmations + signature verification” to speed up transactions, which means nodes must bear the risk of “double spending.” Larger nodes are more confident in covering costs, thus attracting users to pre-load USDC into major platforms like Coinbase Wallet and Circle, indirectly leading to stablecoins flowing to top institutions.
7.4 Golden Track: The “Cash Bloodline” of AI Agents
According to Gartner’s predictions, by 2027, 50% of internet requests will come from AI agents. Even if each call costs only $0.01, multiplied by billions of calls daily, it represents a market worth hundreds of billions. If x402 becomes the TCP/IP of “machine payments,” value capture will not be in tokens but in “settlement volume.” Coinbase clearly aims to replicate Visa’s business model: collecting network fees rather than issuing tokens.
08 Conclusion: 402 Is No Longer Empty, the Internet’s New Cash Register Is Ready
Thirty years ago, Tim Berners-Lee wrote HTTP 402 in his notebook but left its implementation empty because he knew that “without native currency, a cash register is just a decoration.”
Today, stablecoins + Layer 2 have pushed transaction fees below 1 cent, and x402 has taken the 402 status code out of the archives, polishing it into a “machine-specific Swiss Army knife.”
For developers, it upgrades “APIs” to “commodities”;
For AI, it grants “economic autonomy”;
For users, it ensures that “privacy” and “pay-per-use” are no longer mutually exclusive.
Of course, regulation, junk traffic, and staking centralization remain the swords of Damocles. But history tells us: whenever technology reduces friction by an order of magnitude, new business layers will emerge.
The next time you tell an AI in your chat history, “Help me check the real-time stock price,” perhaps a $0.0003 USDC transfer has already flashed behind the scenes—seamless, ad-free, and without monthly fees.
HTTP 402 is finally no longer empty; the era of the internet’s “self-contained cash register” has just pressed the start button.