
Quick summary
x402 lets AI agents and software pay instantly per request using mostly stablecoins
Future AI agents could shop, book, and pay everywhere buying the best deal in the time it takes you to blink
Linux Foundation now governs x402 with 40+ major members, shifting it to open standard
Research highlights security weaknesses and speculative usage, despite real transactions and strong industry interest
AI agents can already browse, call APIs, and complete tasks on command they just couldn't pay for anything without a person clicking approve first. x402 fixes the gap, letting software pay instantly in stablecoins the moment it requests something.
Chainalysis counted over 100 million of these payments on Base through early 2026, but a fresher Coindesk snapshot from July 2026 puts current activity at about 75 million transactions and $24 million moved in the last 30 days alone. This is real usage, averaging just 32 cents a payment, which is tiny next to traditional payment rails.

Why AI Agents Need a Different Payment System
Every payment system built over the last thirty years assumes a person is at the other end of a transaction: a card, a login, a billing cycle. The assumption breaks down the moment software is the one making purchasing decisions.
Subscriptions don't scale to machine use: an agent calling a hundred different APIs across a hundred different sessions can't hold a hundred separate accounts and billing relationships.
Manual approval limits autonomy: an agent that has to pause mid-task for a human to authorize every payment can't act at machine speed or scale, which erases most of the point of automating the task in the first place.
Card networks don't work for tiny payments: every card transaction carries a minimum fee, often around 30 cents, no matter the purchase size. On a $50 charge, the fee is invisible. But an AI agent might pay for something as small as a single API call, one request for a bit of data or a task, priced at a tenth of a cent. Attach the same 30-cent card fee to a $0.001 request, and the fee alone runs hundreds of times larger than the purchase, card rails simply can't carry payments so small.
Coinbase introduced x402 on May 6, 2025 to close the gap: a server can request payment directly through an HTTP status code, and a client, human-operated software or an autonomous agent, can settle it on the spot.
How an x402 Payment Works
Stripped of the cryptography, the sequence is straightforward:
The server says no, but names a price: software asks for something, a data point, a single task, an answer from a service. Instead of handing it over, the service says 'not without payment' and attaches the price and how to pay.
Client pays and asks again: the software agrees to the price, signs off on the payment like signing a check, and repeats the request, now with proof of payment attached.
A go-between checks and confirms: a facilitator, a service standing between buyer and seller, verifies the payment is real and makes sure the money actually moves. It often plugs into a blockchain to move funds, but isn't a blockchain contract on its own.
The service delivers: once payment is confirmed, the requested data, task, or answer gets handed over.
Instead of a subscription or an API key, a service can charge per use and still add identity checks if needed with payment confirming fast enough to feel instant. But since it settles on a blockchain, the payment can't be reversed the way a card chargeback can: good for sellers, riskier for buyers if the resource never shows up, which is exactly what the security research below covers.
What Changed With x402 V2
Coinbase shipped a substantial revision on December 11, 2025, and most current deployments run on it rather than the original 2025 design:
Payment details cleaned up: the technical way payment info travels got standardized is that it now rides in a proper, defined part of the web request instead of a custom, made-up field, so different systems can read it the same way.
More than one payment checker allowed: software no longer has to rely on a single facilitator. It can pick a network or asset preference and automatically switch to a cheaper or less congested option if the first choice is slow or expensive.
Room for more than stablecoins: the protocol opened up to support other cryptocurrencies, other blockchains, and even older payment methods like cards, all routed through the same go-between service.
From Coinbase Product to Open Standard
x402 started as a Coinbase project, and for its first year, Coinbase effectively controlled it. The arrangement changed on July 14, 2026, when the Linux Foundation announced the operational launch of the x402 Foundation, taking over neutral governance of the protocol with Coinbase as one contributing member among more than 40 founding organizations, including Circle, Cloudflare, AWS, Google, Mastercard, Ripple, Stripe, Visa, and the Solana and Stellar foundations.

The Academic Case for Agent-to-Agent Payments
Researchers built a real version of AI agents finding, trusting, and paying each other automatically.
Trust: agents get a tamper-proof ID on the blockchain.
Payment: agents pay each other instantly using x402.
Still missing: a shared directory, and stronger wallet protection.
Coinbase built x402 alone for a year. On July 14, 2026, the Linux Foundation took over governance, backed by 40+ companies, including Circle, Cloudflare, AWS, Google, Mastercard, Ripple, Stripe, Visa, Solana, and Stellar. It means x402 stopped being one company's product and became a shared standard other companies can build on.
The Security Problems x402 Has Not Solved
Handing payment authority to autonomous software introduces failure modes absent when a human clicks "confirm."
Some security issues include:
A payment doesn't always match the request it's for: researchers found ways to disconnect the payment from the actual thing being paid for.
Sometimes it means getting something for free: in some tested cases, a client could get the service without paying at all.
Sometimes it means paying and getting nothing: in other cases, the payment goes through, but the service never arrives. (Source: "Five Attacks on x402 Agentic Payment Protocol," Li, Wang, and Wang, May 2026, tested against live endpoints and three real implementations.)
An AI agent's wallet can be tricked: a malicious webpage, a compromised tool, or a manipulated instruction could push an agent into paying the wrong person, or paying more than once.
There's no strong safety net yet: researchers are pushing for basic protections, like checking a payment address before sending funds, and clearer ways to get money back when a payment clears but nothing gets delivered.
Payment requests can leak private details: the information attached to a payment, like the web address and reason for the request, travels in plain text to everyone involved.
A fix already exists, and it works well: an April 2026 study built a filter hiding the sensitive parts before a payment goes out, catching the vast majority of cases while adding almost no delay.
None of it is a reason to write the protocol off. It's a reason any agent given a wallet needs spending limits, replay protection, and an audit trail the same way a corporate card comes with a spending cap rather than unlimited trust.
What the 100 Million-Plus Transactions Actually Show
Chainalysis counted well over 100 million x402 transactions on Base through the first quarter of 2026. Read past the total and the composition gets more interesting.
A memecoin, not AI agents, drove much of the total: a token called PING got people to repeatedly pay $1 just to mint it, adding over 150,000 transactions in a month.
The data confirms it was a short-term rush, not real use: wallet activity spiked then crashed once the token cooled, and the tiny, penny-sized payments AI agents would actually make almost vanished.
Big companies are building around it anyway: Circle, AWS, Google, LangChain, and now a 40-member industry group are all investing regardless of the memecoin spike.
x402 vs L402: Where Bitcoin Fits
x402 is not a Bitcoin protocol. Its most active deployment runs on Base, and stablecoins have carried the bulk of its volume so far. But it isn't the only machine-payment standard reviving HTTP 402 Lightning Labs built a competing one directly on Bitcoin.
L402 pairs the Lightning Network with macaroons — cryptographic access tokens — so an API can demand a Lightning payment before releasing a resource, denominated in satoshis rather than a stablecoin. Where x402 was built to stay chain-flexible and now supports multiple assets and even legacy rails through facilitators, L402 is purpose-built for one network: fast, small, native Bitcoin payments, with no stablecoin issuer or facilitator layer in between.
How Machine Payments Could Make Daily Life Easier
None of it is guaranteed to happen. But if agents really can pay each other the way the research above shows, here's where it could actually help regular people, not just companies.
Cheaper trip planning: an agent could pay tiny fees to compare flights, hotels, and local guides across several companies in seconds, instead of a person spending hours across ten apps and still paying full price.
Lower grocery bills with no effort: a home agent could check prices and discounts across stores in real time and automatically pick the cheapest combination, saving money without anyone doing the comparison manually.
Cheaper electricity: a home energy agent could buy power minute by minute from whoever offers the best rate right then, instead of a household stuck on one flat, often padded, monthly rate.
Small businesses afford big-business tools: a solo entrepreneur's agent could pay a few cents to use a bookkeeping service, a legal-research tool, or support software one task at a time, instead of paying thousands a year for tools used only a handful of times.
Paying for information at the real cost of getting it: instead of a $500-a-month research subscription to read three pages, a person's agent could pay a few cents for exactly what's needed and nothing more.
A Coinjuice subscription is the difference between Bitcoin research squeezed fresh every week and whatever's left flat in the carton by the time free content gets around to it. Subscribing today skips straight to the good stuff: pricing page.
What Would Constitute Real Adoption?
x402 solves a problem: it is letting software pay for what it uses, the moment it uses it, without a human co-signing every request. Moving under Linux Foundation governance and drawing independent academic study both suggest the idea has legs beyond one company's product.
The security research, weak payment binding, wallet manipulation, metadata leakage is exactly what needed to surface before real money moves through consumer-facing agents at scale, and it's already underway.
The real number to watch isn't the 100 million-plus payments it's how many of those were actual AI agents buying real services, versus people farming a coin for profit. The split shows whether machine payments are really happening yet, or still just a good story.
FAQ
What is x402 and why was it created?
x402 is an internet payment standard that lets software, including autonomous AI agents, pay instantly in stablecoins at the moment they request something. It was created because traditional payment systems assume a human is approving each transaction, which does not work for agents that need to make many small, automated payments without manual approval.
How does an x402 payment work in practice?
First, a service responds to a request by refusing it but stating a price and how to pay. The client software then agrees, signs the payment, and repeats the request with proof of payment attached. A facilitator between buyer and seller verifies the payment and moves the funds, often via a blockchain. Once confirmed, the service delivers the requested data, task, or answer.
What are the key changes introduced in x402 V2?
x402 V2 standardized how payment details travel by placing them in a defined part of the web request, allowed clients to choose among multiple facilitators to switch to cheaper or less congested options, and expanded support beyond stablecoins to other cryptocurrencies, other blockchains, and even legacy methods like cards through the same facilitator layer.
What are some security issues that x402 has not yet solved?
Researchers have shown that payments can sometimes be disconnected from the specific resource they are meant to buy, allowing either free access or payment without delivery. AI agents’ wallets can be manipulated into paying the wrong party or paying multiple times, and there is not yet a strong safety net for getting funds back. Payment requests can also leak metadata, though a filter proposed in April 2026 hides sensitive parts with little added delay.
Disclaimer
The information provided in this article is for informational purposes only. It is not intended to be, nor should it be construed as, financial advice. We do not make any warranties regarding the completeness, reliability, or accuracy of this information. All investments involve risk, and past performance does not guarantee future results. We recommend consulting a financial advisor before making any investment decisions.
Written by

Andrew Kamsky
Andrew Kamsky is a Bitcoin analyst. He spent a decade in traditional finance across a Big Four firm and a listed fintech bank before going deep on Bitcoin full-time.









