Install
bash
npx skills add lommaj/x402-skill
x402
Implement x402 as a transport contract plus scheme wiring. Keep protocol shape exact, then layer business logic and agent approval policy.
Quick Workflow
- •Identify the transport, role, and stack.
- •Rust HTTP server/client (
axum,reqwest,x402-*crates): start withreferences/rust-playbook.md, then cross-checkreferences/protocol-contract.md. - •TypeScript/Node HTTP or MCP: start with
references/implementation-playbook.md, then cross-checkreferences/protocol-contract.md. - •MCP always uses
_metaand structured error flow fromreferences/protocol-contract.md.
- •Lock the wire contract before adding app logic.
- •Keep
x402Version: 2. - •Keep required object shapes for
PaymentRequired,PaymentPayload, andSettlementResponse. - •Keep network IDs in CAIP-2 format (example:
eip155:84532). - •Treat header names as case-insensitive on read, but emit canonical v2 names on write.
- •Implement server-side payment boundary.
- •Return payment required signal on unpaid requests.
- •Verify payment.
- •Execute protected work.
- •Settle payment.
- •Return resource with settlement proof.
- •Choose settlement timing intentionally: settle before execution for strict prepay; settle after successful work for pay-on-success.
- •Implement client-side payment retry loop.
- •Detect payment-required signal.
- •Select accepted requirement.
- •Create signed payment payload.
- •Retry with payment attached.
- •Read settlement response and surface receipt/tx id.
- •For Rust clients, prefer
x402-reqwestif available; otherwise implement manual retry loop.
- •Add agent safety policy.
- •Default to explicit payment approval unless user asked for autopay.
- •Enforce allowlist for networks/assets and max spend per call.
- •Refuse unknown scheme/network pairs.
- •Validate end-to-end non-interactively.
- •Exercise free and paid paths.
- •Verify headers or
_metaobjects exactly. - •Confirm settlement response exists on success.
Transport Rules
HTTP v2
- •Payment required signal:
HTTP 402+PAYMENT-REQUIRED(base64 JSON). - •Payment submission:
PAYMENT-SIGNATURE(base64 JSON). - •Settlement confirmation:
PAYMENT-RESPONSE(base64 JSON).
MCP v2
- •Payment required signal: tool result with
isError: trueand payment data in both: - •
structuredContent(object) - •
content[0].text(JSON string) - •Payment submission: request
_meta["x402/payment"]. - •Settlement confirmation: response
_meta["x402/payment-response"].
Implementation Notes
- •Prefer official wrappers before custom protocol code:
- •Rust server:
x402-axum(X402Middleware,with_price_tag,with_dynamic_price, settle timing controls). - •Rust client:
x402-reqwest(or manual retry if wrapper is unavailable). - •Rust protocol types:
x402-types::proto::{v2::PaymentRequired, VerifyRequest, SettleRequest}. - •TS/HTTP:
@x402/fetch,@x402/axios,@x402/express,@x402/hono,@x402/next. - •TS/MCP:
@x402/mcp(createPaymentWrapper,createx402MCPClient). - •Register schemes explicitly for each network family you support.
- •Use facilitator integration for verification/settlement unless you intentionally run local settlement.
- •Warm facilitator capability data from
/supportedat startup when possible.
Common Failure Points
- •Mixing v1 and v2 headers (
X-PAYMENT*vsPAYMENT-*). - •Non-CAIP-2 network IDs.
- •Returning only one MCP payment-required representation instead of both
structuredContentandcontent[0].text. - •Dropping
extensionsfields when echoing fromPaymentRequiredtoPaymentPayload. - •Not matching
PaymentPayload.acceptedexactly to one offeredaccepts[]requirement before verify/settle. - •Assuming only one settlement header spelling in mixed environments (support read fallback where needed).
- •Treating probe calls as side-effect free in MCP (probing can execute free tools).
Debugging Utilities
- •Use
scripts/inspect_x402.pyfor quick decode and inspection:
bash
python scripts/inspect_x402.py decode --value "$PAYMENT_REQUIRED_B64" --expect payment-required python scripts/inspect_x402.py inspect-mcp --file mcp-result.json python scripts/inspect_x402.py inspect-http --file http-exchange.json
References
- •Use
references/protocol-contract.mdfor required field-level protocol shape. - •Use
references/rust-playbook.mdfor Rustx402-rsimplementation patterns. - •Use
references/implementation-playbook.mdfor practical TypeScript/Node + MCP implementation patterns. - •Use
references/migration-v1-to-v2.mdwhen touching legacy integrations. - •Use
references/source-map.mdto jump to canonical spec and SDK source files.