A New Era of AI Agent Payments: How x402, AP2, and ERC-8004 Are Jointly Building the Foundation of the Machine Economy

As AI Agents gradually evolve from tool-based attributes to autonomous economic entities, AI Agents are becoming economic participants capable of autonomous decision-making, executing operations, and conducting value exchanges. However, traditional payment infrastructures cannot meet a series of core needs such as agents' autonomous transactions, cross-ecosystem interactions, and verifiable identities.

These bottlenecks have led to the emergence of a new generation of protocols—x402, Agent Payments Protocol (AP2), and ERC-8004—which build a reliable foundation for value exchange in the upcoming machine economy. This article will delve into the technical principles, application scenarios, and current ecosystem of these three major protocols, revealing how they collectively shape the payment landscape of the future AI Agent economy.

x402: A Native On-Chain Payment Protocol for HTTP

x402, launched by Coinbase, innovatively activates the underutilized HTTP 402 status code ("Payment Required"), embedding payment logic natively into the web request-response flow to achieve "API call equals payment," and settles via stablecoins or other cryptocurrencies to solve the high friction of traditional payments.

Protocol Details

As x402 is an open protocol built on the HTTP 402 status code, its architecture is client/server-based. The client is the buyer of services/goods, while the server is the seller providing the services/goods. On top of the client/server architecture, Coinbase offers Facilitators services for sellers to simplify the process of verifying and settling payments between buyers and sellers.

Let's take Canza, the top-ranked server on x402scan (providing AI-based trading information), as an example. First, the user initiates a request on the client side to access Canza's paid services.

Next, the Canza server uses an HTTP 402 Response to define the payment requirement: the client must provide an X-PAYMENT Header and pay via USDC on the Base chain, as shown below:

After parsing the 402 Response JSON content, the wallet will prompt the user to sign a TransferWithAuthorization message (implemented via ERC-3009). This message allows the signer to delegate a third-party EOA address or contract address to transfer funds from the signer's address without gas fees. In this example, we delegate Canza's receiving address 0x4e9bCe2547A9491b09ed092c433B19888e665edB to transfer USDC from our wallet.

After the user signs the message, the client submits the payload using a base64-encoded X-PAYMENT Header. Upon receiving the incoming payload, the Canza server has the Facilitators verify it and settles the payment for the server on-chain. Once Canza confirms the payment, it provides the requested service to the user.

Based on the above example, the operational flow of the x402 protocol can be summarized as follows:

It is particularly noteworthy that the x402 protocol supports multiple blockchains (Base, Avalanche, other EVM chains, Solana) and various crypto assets (must support ERC-3009, default is USDC) for payments, which only requires configuration on the server side:

Agent Payments Protocol (AP2): A Trusted Payment System for the Agent Ecosystem

AP2 is an open payment framework based on the Agent-to-Agent (A2A) communication protocol and Model Context Protocol (MCP) extensions. Its core goal is to solve three major issues in agent commerce: authorization verification (proving the agent has user permission), authenticity (ensuring transactions reflect the user's real needs), and transaction accountability (clarifying responsibility in case of disputes), enabling AI Agents to securely transact with any compliant merchant.

The AP2 protocol's workflow revolves around the core concept of digital mandates, which are tamper-proof, cryptographically signed digital contracts serving as verifiable evidence of user instructions. There are three types of mandates:

1. Intent Mandate

Applicable to automated transactions when the user is not present. The user pre-provides operational instructions to the AI Agent, including explicit constraints, such as "buy concert tickets, budget no more than 500 yuan."

2. Cart Mandate

Applicable to transactions confirmed by the user in person. Generated when the agent prepares specific goods and prices for user confirmation. The user's approval signs the cart mandate, creating a secure, immutable record of the exact goods and prices, ensuring what you see is what you pay.

3. Payment Mandate

This is an independent credential shared with payment networks and issuers, designed to convey information about AI Agent participation and user presence, helping to resolve transaction disputes, conduct risk assessments, and comply with regulations.

ERC-8004: Decentralized AI Agent Identity and Reputation System

ERC-8004 is Ethereum's decentralized AI Agent identity solution, designed to address the authenticity of AI Agent identities, reliability and verifiability of behavioral records. Unlike AP2, ERC-8004 focuses on building trust between AI Agents, rather than transaction trust among users, AI Agents, and merchants.

The design of ERC-8004 revolves around three lightweight registries, each responsible for a different aspect of the trust model:

1. Identity Registry

Implemented based on the ERC-721 standard and extends URIStorage functionality. This design allows AI Agent identities to be compatible with the existing NFT ecosystem.

Each AI Agent registers by calling the register function and obtains a unique agentId (i.e., the tokenId of ERC-721). During registration, the agent needs to provide a tokenURI pointing to its Agent Registration File, which follows a standardized JSON format and includes the agent's name, description, endpoint, and supported trust models.

2. Reputation Registry

Provides a standard interface for publishing and obtaining service feedback for AI Agents, supporting a 0-100 rating system, tag classification, and payment proof association. This registry adopts an on-chain/off-chain hybrid architecture, ensuring on-chain composability of core data while leaving complex aggregation calculations to off-chain processing for efficiency.

The contract structure of the reputation registry is closely linked to the identity registry—during deployment, the address of the identity registry must be provided to ensure that only registered AI Agents can obtain reputation records.

3. Validation Registry

Provides a general hook for requesting and recording independent validation results, supporting various validation mechanisms including economic staking (validators rerun tasks) and cryptographic proofs (TEE proofs, zkML verification, etc.). This design allows different security requirement validation mechanisms to coexist within the same ecosystem.

The contract interface of the validation registry is relatively simple, mainly including two functions: ValidationRequest for submitting validation requests and ValidationResponse for recording validation results.

ERC-8004 is the identity layer protocol for the AI Agent ecosystem. It provides on-chain AI Agents with verifiable identities, reputation systems, and registration mechanisms, serving as a key foundation for building trust in the machine economy.

The combination of x402, AP2, and ERC-8004 forms a complete AI Agent payment system: ERC-8004 solves the identity issue for AI Agents, x402 addresses the question of "how to use cryptocurrency for high-frequency micropayments," and AP2 provides a secure, standardized framework for the x402 payment protocol, setting independent economic behavior boundaries for AI Agents, enabling them to process information, hold and manage assets, and truly participate in commercial value exchange, thereby giving rise to a new machine-driven economic paradigm.

Based on Beosin's security research and risk control experience in the AI Agent+Web3 field, Beosin's anti-money laundering analysis platform, Beosin KYT, which provides 24/7 real-time transaction monitoring, has already offered comprehensive and reliable on-chain AML compliance solutions for multiple exchanges, Web3 companies, and financial institutions. AI Agents can access the Beosin KYT API to conduct comprehensive risk assessments of counterparty addresses before making payments/on-chain transactions, understand their historical transaction behaviors and potential risks, and avoid involvement with crypto assets from sanctioned wallets, known high-risk addresses, or suspicious transaction paths.

Beosin KYT

Currently, Beosin KYT has accumulated over 4.7 billion address tags, supports queries on 57 public chains (such as Base, Solana), and analyzes more than 120 cross-chain protocols, providing a solid foundation for the security and compliance of crypto asset payments and transactions. For more information, please visit:

When providing services to users using the x402 protocol via smart contracts, project teams should conduct thorough security audits of the contracts to maximize security and avoid financial losses. Previously, Beosin has completed security audits for multiple AI Agent+Web3 projects (such as Inferium AI, Cult World, Tars AI), covering aspects such as smart contract code security, correctness of business logic implementation, contract code gas optimization, identification and remediation of potential vulnerabilities, and more, supporting the secure development of the AI Agent+Web3 ecosystem.