Author: Clow, Baihua Blockchain
An AI wrote a piece of code and needed data to verify it.
It sent an HTTP request, and the server returned a number: 402.
Then, it paid 0.001 USDC. In less than a second, the data came back.
This transaction had no account, no password, no bank card, no KYC. The entire process involved no human participation.
This is no longer science fiction. By the end of 2025, the x402 protocol had processed over 100 million such transactions; in the first 30 days of this year, another 15 million were added.
The "Payment Code" That Slept for Thirty Years
In 1990, the drafters of the HTTP protocol reserved a specific status code: 402, Payment Required.
The meaning is straightforward—"Payment is required to enter here."
But this status code was never officially used. It just hung there in the protocol documentation, dormant for thirty-four years.
The reason is simple: the first builders of the internet never imagined that machines would one day be the ones paying. Credit cards, bank accounts, KYC verification—these payment infrastructures were designed for humans and are completely ineffective against autonomously running code.
AI Agents need to call APIs, purchase data, and acquire computing power at millisecond speeds. The account registration and fee thresholds of traditional payments are a solid wall.
In 2025, three conditions aligned simultaneously.
The total supply of stablecoins surpassed $300 billion, with L2s like Base reducing single transaction costs to sub-cent levels; the AI Agent ecosystem, led by OpenAI and Anthropic, began large-scale commercialization; Coinbase engineers dug up that dusty 402 and decided to activate it.
In May 2025, Coinbase, jointly with Cloudflare, officially released the x402 protocol. In September, they collaborated with Cloudflare to jointly announce the establishment of the x402 Foundation. A forgotten status code returned to the center of the internet. Cloudflare manages roughly 20% of global web traffic—this meant x402 had no shortage of infrastructure entry points from day one.
Machines, For the First Time, Learned to Pay
The design of x402 is surprisingly simple.
An AI Agent initiates an HTTP request, the server returns a 402 status code along with the payment requirements: how much, which chain, which token. The Agent authorizes the payment using an EIP-712 encrypted signature, stuffs the payment information into the request header, and resends the request. The server verifies it and returns the resource.
The entire process takes less than a second. No account, no subscription, no API Key.
This turns "payment" into part of the internet. Like GET and POST, it's just an HTTP action. Any service can charge machines by adding a single line of middleware.
Data proves this logic works. About seven months after the protocol's release, it processed over 100 million transactions. According to the Cambrian Network Q1 2026 report, over 15 million transactions occurred in the past 30 days, from over 400,000 buyers and over 80,000 sellers. The AI Agent群体 from Virtuals Protocol is the largest single source of transactions; they use the protocol to autonomously settle collaboration fees among Agents.
On December 11, 2025, x402 V2 launched. This upgrade pushed the protocol from "usable" to "user-friendly": support for multiple chains like Base, Solana, and Avalanche operating in parallel; introduction of a Session mechanism (wallet becomes an identity credential, allowing repeated access without on-chain interaction each time); integration with ACH bank transfers and credit card networks—the payment systems of Web2 and Web3 were connected for the first time within this protocol.
Google subsequently integrated x402 into its Agent2Agent (A2A) protocol, releasing the Agentic Payments Protocol (AP2); machines paying is becoming an infrastructure consensus among large tech companies.
Trust is the First Hurdle of the Agent Economy
The payment problem is solved, but an even more fundamental question remains unanswered.
"Commerce can’t happen if people don't trust each other."
Davide Crapis, AI Lead at the Ethereum Foundation and one of the co-drafters of ERC-8004, directly pointed out the core obstacle of the Agent economy: When an AI Agent needs to hire another Agent to complete a task, how does it know the other party isn't a scammer? Where is the transaction record? How is reputation transferred?
ERC-8004 is Ethereum's answer to this question. Drafted in August 2025, it officially launched on the Ethereum mainnet on January 29, 2026. It establishes three lightweight registries on-chain:
- Identity Registry: Each Agent gets an on-chain ID based on an ERC-721 NFT, portable, transferable, and verifiable across chains. An AgentCard (JSON format) records capabilities, endpoints, and x402 payment support status;
- Reputation Registry: Feedback signals between Agents are archived on-chain—accuracy, timeliness, reliability scores. Only indices are kept on-chain, with data hashes pointing to off-chain storage to reduce Gas costs;
- Verification Registry: After task completion, the result data hash is put on-chain requesting verification, giving "whether the task was truly completed" cryptographic provability.
The drafting team spanned four major crypto ecosystems: Marco De Rossi from MetaMask, Davide Crapis from the Ethereum Foundation, Jordan Ellis from Google, and Erik Reppel from Coinbase. EigenLayer, ENS, The Graph, and Taiko have all expressed support. Less than a month after the mainnet launch, registered Agents on Ethereum mainnet surpassed 24,000, with about 49,000 across all EVM chains combined.
A typical workflow looks like this: Agent A discovers a service provider through the ERC-8004 identity registry, filters the reputation registry to choose a high-scoring Agent B, completes the payment using x402, and attaches payment records with reputation feedback after the task ends—payment history becomes an anchor of credit. This chain is what Cambrian Network calls the "Agent Economy Operating System": payment + identity + reputation, three layers combined.
How Deep Are These Waters?
The data looks good, but a few things need clarification.
Tokens and protocols are two different things.
The ecosystem token related to x402 reached a market cap of over $9 billion on CoinGecko, with daily trading volume exceeding $230 million. But many of these "x402 concept tokens" are Meme tokens with no substantive binding to the protocol itself. Buying an x402-related Token is not the same as buying into the growth of the x402 protocol. This market has always been good at mixing narrative and reality, and this time is no exception.
Technical risks remain unresolved.
x402's EIP-712 signature mechanism requires continuous security audits. The ERC-8004 reputation registry faces the threat of Sybil attacks—batch registration of fake identities—and the current economic incentive mechanisms are not yet perfect. There is an economic tension between high-frequency micropayments (e.g., $0.0001 per transaction) and L2 fees (which can still reach $0.05); extremely small transactions can still be eaten up by fees at this stage.
The protocol war is not over.
x402, Google's AP2, and a16z's ecosystem ACP, three sets of protocols coexist. If developers split between these three standards, network effects will be significantly diluted. Furthermore, OpenAI and Anthropic could completely bypass on-chain protocols and build their own closed-loop payment systems—they have users, data, and scale advantages, which is competitive pressure x402 cannot ignore.
The regulatory landscape is another blank slate. For a payment autonomously initiated by an AI Agent, who is the transaction主体? Where is the trigger point for KYC/AML responsibility? No major jurisdiction has provided a definitive answer.
Summary
Someone once said something fitting to quote here: "Inscriptions in 2023 allowed humans to engrave value onto the chain; x402 in 2025 allowed machines to autonomously pay for value on the network for the first time."
If HTTP connected global computers into an information network, the combination of x402 and ERC-8004 attempts to connect billions of Agents into an open service and data market—no account needed, no approval needed, just one request, one payment, one result.
However, whether the protocol can prevail in fragmented competition, whether the trust mechanism can be truly perfected, whether the Agent economy can move from demo to real business... these are still open questions.
Before the narrative lands, distinguishing between "the value of the protocol" and "the tokens炒作 around the protocol" is perhaps the most important thing for every participant to figure out.
