Skip to main content

x402 Stablecoin Payments

Some APIs and data providers are moving to per-request payments using USDC stablecoins instead of traditional API keys. The x402 protocol (developed by Coinbase and Cloudflare) standardizes this: a server responds with HTTP 402, the client signs a USDC payment, and retries with proof of payment. MeetLoyd agents handle this flow natively, enabling machine-to-machine micropayments governed by the same spending policies as your other payments.

This guide covers setup, agent tools, spending governance, and security considerations.

What is x402?

HTTP status code 402 (Payment Required) has existed since 1997 but was never standardized. The x402 protocol gives it a concrete implementation:

  1. A client requests a protected resource
  2. The server responds with 402 and a payment requirement (amount, token, recipient)
  3. The client signs a USDC payment and retries with a payment proof header
  4. The server verifies payment on-chain and serves the resource

This enables machine-to-machine micropayments — exactly the kind of interaction AI agents need when consuming paid APIs, data feeds, or premium services.

Why x402 on MeetLoyd?

BenefitDetails
No API key provisioningThe agent pays per-request with USDC
Same governancex402 spending is governed by the same AP2 spending policies as Stripe card payments
Full audit trailEvery on-chain payment is logged in the agent's activity stream
Enterprise-grade securityWallet private keys are encrypted at rest using AES-256, stored in the same vault as LLM API keys
info

x402 payments is an Enterprise-tier feature. Contact your account team to enable it.

Permissions

PermissionRolesDescription
x402:readAll rolesView wallet configuration, transaction history, feature status
x402:writeOwner onlyConfigure, update, or delete the wallet (handles private keys)

Wallet write operations are restricted to the Owner role because they involve sensitive cryptographic material.

Prerequisites

RequirementDetails
MeetLoyd planEnterprise tier
EVM walletAn Ethereum-compatible wallet on the Base network
USDC balanceUSDC tokens on Base (mainnet or Sepolia testnet)
Spending policyAt least one AP2 spending policy configured (recommended)

Setup

1. Configure a Wallet

Navigate to Settings > x402 Payments in the dashboard. You need to provide:

FieldDescription
Wallet addressYour EVM wallet address
Private keyWallet private key (encrypted immediately on receipt)
Networkbase (mainnet) or base-sepolia (testnet)
warning

The private key is encrypted server-side using AES-256 before storage. It is never logged, never returned in responses, and never leaves the vault in plaintext. Treat it with the same care as your LLM API keys.

2. Verify the Wallet

After configuration, verify the wallet is active and funded using the wallet check tool or the dashboard status indicator.

3. Configure Spending Limits

x402 payments follow your existing AP2 spending policies. If you have not configured spending limits yet, go to Security > Spending Policy to set per-transaction maximums, daily/weekly/monthly caps, and human approval thresholds.

Agent Tools

Three MCP tools are available to agents once x402 is enabled:

ToolPurpose
x402_check_walletCheck configured wallet status and remaining spending limits
x402_payPay for an x402-protected endpoint. Handles the full flow: fetches payment requirement, validates against spending policy, signs the transaction, retries with payment proof
x402_check_supportProbe a URL to determine whether it supports x402 payments, without making a payment

x402_pay Parameters

ParameterRequiredDescription
urlYesThe x402-protected endpoint URL
methodNoHTTP method (default: GET)
bodyNoRequest body for POST/PUT (JSON string)
merchantIdNoMerchant identifier for spending policy (default: URL hostname)
merchantCategoryNoMerchant category (e.g., api_service, data_provider)

Spending Governance

x402 payments are subject to the same AP2 spending policies that govern Stripe card payments:

ControlHow It Applies
Per-transaction limitAgent cannot pay more than the configured maximum per request
Daily capTotal x402 spend across all agents is capped per day
Weekly/monthly capRolling aggregate limits
Human approval thresholdPayments above the threshold create a HITL approval task
Audit loggingEvery payment attempt (approved or denied) is logged

If a payment exceeds any limit, the agent receives a clear explanation of which policy was violated. If human approval is required, the agent pauses and a task is created for the designated approver.

tip

Start with conservative limits (e.g., $5 per transaction, $50 daily) and increase as you gain confidence in your agents' spending patterns.

Supported Networks

NetworkChain IDUse Case
Base Mainnet8453Production payments
Base Sepolia84532Testing and development

Base was chosen for its low transaction fees and native USDC support via Coinbase. Additional networks may be supported in future releases.

Security

x402 wallet credentials receive the same security treatment as all secrets in MeetLoyd:

PrincipleImplementation
Encryption at restPrivate keys encrypted with AES-256, same vault infrastructure as LLM API keys
No plaintext exposurePrivate keys never returned in responses, never logged, never included in agent context
Tenant isolationEach tenant's wallet is scoped to their tenant boundary; no cross-tenant access
Fail closedIf the vault is unavailable, payment tools return an error rather than proceeding
Full audit trailAll wallet operations (configure, pay, check) are recorded in the activity stream and audit logs

Next: Learn about Spending Policy to configure governance controls for all agent payments.