/ Protocol · x402 v2

Your agent pays over plain HTTP.

x402 turns the forgotten HTTP 402 status code into a payment protocol machines can read. Your agent hits an API, gets a 402 with payment terms, signs a gasless USDC transfer, retries, and the resource unlocks. No checkout pages, no API keys, no monthly bills.

/ What is x402

Payments baked into HTTP itself.

x402 is an open protocol that extends HTTP with payment semantics. When a server returns status 402, it includes a payment-required header describing accepted tokens, amounts and networks. The client signs a token transfer off-chain, attaches it as a payment-signature header, and replays the request. The server verifies, settles, and serves the resource. No redirects, no iframes, no third-party SDKs.

The x402 handshake

Client (wallet)Server (API)
  1. 01
    GET /api/resource
  2. 02
    402 + payment-required
  3. 03
    Sign EIP-3009 / Permit2
  4. 04
    Retry + payment-signature
  5. 05
    200 OK + payment-response

/ Signing methods

Two ways to sign. You pick.

BlockVault supports EIP-3009 (gasless USDC) and Permit2 (any ERC-20). It picks the best one for each payment automatically, but you can always override.

EIP-3009 (gasless USDC)

Uses `transferWithAuthorization` built into the USDC contract. Zero gas for the payer. Supported on Ethereum, Polygon, Base, Arbitrum, Optimism and BSC.

  • Gas cost: zero (meta-tx)
  • Tokens: USDC only
  • Chains: 6 EVM networks

Permit2 (universal ERC-20)

Uses Uniswap's Permit2 router for any ERC-20 with a one-time allowance. Requires gas for the settlement transaction.

  • Gas cost: ~60k gas (settlement tx)
  • Tokens: any ERC-20
  • Chains: 6 EVM networks

In practice: if you're paying USDC on a supported chain, it's gasless. For everything else, Permit2 kicks in and gas is minimal.

/ Reference implementation

How BlockVault handles it under the hood.

BlockVault is the first mobile wallet with native x402 support. A drop-in called x402Fetch intercepts 402 responses, parses the payment header, queues your approval, builds the signature, and retries. You see one confirmation. The server sees a paid request.

Production endpoint

402.blockvault.ai

402.blockvault.ai — a live x402 server that sells GPU inference (Gemma 4, Llama) per token via USDC on Base.

/ How it compares

See how BlockVault stacks up.

BlockVault

← scroll →

BlockVaultCoinbase x402MetaMaskTrust WalletPhantomBinance
x402 native
Gasless (EIP-3009)
Multi-chain (6+ EVM)~
AI on-device
Self-custody
Mobile-first~

/ Agentic payments

The agentic payment standard.

AI agents need autonomous payment for APIs, GPU compute, and premium data feeds. x402 gives them a native HTTP payment rail: no checkout pages, no subscriptions, no human in the loop. The agent receives a 402, signs a USDC transfer, retries. Resource unlocked. That's an agentic payment.

/ Agentic payments · x402

Pay without leaving the chat.

Premium APIs, GPU time, paid data feeds. The agent sees a paywall, signs USDC, retries the request. You never leave the conversation. No subscriptions, no credit cards.

  • Pay per request, never per month
  • No credit card. USDC on Base.
  • Each payment scoped: one amount, one recipient, no replay.
  • Every settlement shows in your transaction history.

/ FAQ

Questions people actually ask.

Is x402 a blockchain or a token?
Neither. x402 is an HTTP protocol that uses existing blockchains (Ethereum, Base, Polygon, etc.) for settlement. No new chain, no new token.
Do I need ETH for gas to make an x402 payment?
Not with EIP-3009. USDC transfers via transferWithAuthorization are gasless for the sender. The facilitator (server) pays gas.
Can my AI agent spend without my approval?
Only within the policies you set. BlockVault enforces per-domain caps, daily limits and token allow-lists locally before any signature is released.
Which tokens work with x402?
USDC on 6 EVM chains via EIP-3009 (gasless). Any ERC-20 via Permit2 (requires gas). Most x402 servers accept USDC.
How fast is an x402 payment?
One off-chain signature + one HTTP retry. With EIP-3009 there is no on-chain transaction from the payer, so settlement is as fast as the facilitator confirms (~1-3 seconds).
Is x402 open source?
Yes. The protocol is defined at x402-foundation/x402 on GitHub. Anyone can implement a client or server.
Can I build an x402-protected API?
Yes. Return HTTP 402 with a payment-required header containing your terms (token, amount, network, receiver). Any x402-compatible wallet can pay.
What is an agentic payment?
An agentic payment is a transaction an AI agent initiates and completes without human intervention. The agent detects a paywall (HTTP 402), evaluates the cost against its spend policy, signs a transfer, and settles. All within the same HTTP request cycle.
How does x402 enable agentic payments?
x402 encodes payment terms in HTTP headers. When an agent gets a 402, it reads the payment-required header (token, amount, network, receiver), signs a gasless USDC transfer via EIP-3009, attaches the signature, and replays the request. No redirects, no OAuth, no human approval for pre-authorized amounts.
Are agentic payments safe without human approval?
Yes. BlockVault enforces spend policies locally: per-request caps, daily limits, and domain allowlists. The agent can only spend within bounds you set. Any payment exceeding the policy triggers a Human-In-The-Loop (HITL) approval modal before signing.

/ Get started

Ready when you are.

Install BlockVault, connect your wallet, and let the agent pay APIs and GPU time over x402. First payment takes seconds.