A complete walkthrough of how x402 payments work in Book402, from request to settlement.
End-to-End Flow¶
sequenceDiagram
participant Agent as 🤖 AI Agent
participant API as 📚 Book402 API
participant MW as 🔒 x402 Middleware
participant Fac as ⚡ Facilitator
participant Base as ⛓️ Base L2
rect rgb(20, 20, 40)
Note over Agent,API: Phase 1 — Discovery
Agent->>API: GET /search/hybrid?q=stoicism
API->>MW: Check if route is paid
MW-->>API: Yes — $0.01 USDC on eip155:8453
API-->>Agent: 402 Payment Required
Note right of API: PAYMENT-REQUIRED header
contains: price, asset,
payTo address, network end rect rgb(20, 30, 20) Note over Agent: Phase 2 — Sign Payment Note over Agent: 1. Parse PAYMENT-REQUIRED header Note over Agent: 2. Create EIP-3009 authorization Note over Agent: 3. Sign with wallet private key Note over Agent: (No gas needed — off-chain signature!) end rect rgb(20, 20, 40) Note over Agent,Base: Phase 3 — Verify & Deliver Agent->>API: GET /search/hybrid?q=stoicism
+ X-PAYMENT: {signed payload} API->>MW: Has payment header MW->>Fac: POST /verify {payment payload} Fac->>Fac: Validate EIP-3009 signature Fac->>Fac: Check USDC balance Fac->>Fac: Verify nonce unused Fac-->>MW: ✅ Payment valid MW-->>API: Proceed to handler API->>API: Execute hybrid search API-->>Agent: 200 OK + search results end rect rgb(30, 20, 20) Note over API,Base: Phase 4 — Settlement (async) API->>MW: Response sent, settle payment MW->>Fac: POST /settle {payment payload} Fac->>Base: Submit transferWithAuthorization tx Base-->>Fac: ✅ USDC transferred Fac-->>MW: Settlement confirmed Note over Base: $0.01 USDC moved from
Agent wallet → Book402 wallet end
contains: price, asset,
payTo address, network end rect rgb(20, 30, 20) Note over Agent: Phase 2 — Sign Payment Note over Agent: 1. Parse PAYMENT-REQUIRED header Note over Agent: 2. Create EIP-3009 authorization Note over Agent: 3. Sign with wallet private key Note over Agent: (No gas needed — off-chain signature!) end rect rgb(20, 20, 40) Note over Agent,Base: Phase 3 — Verify & Deliver Agent->>API: GET /search/hybrid?q=stoicism
+ X-PAYMENT: {signed payload} API->>MW: Has payment header MW->>Fac: POST /verify {payment payload} Fac->>Fac: Validate EIP-3009 signature Fac->>Fac: Check USDC balance Fac->>Fac: Verify nonce unused Fac-->>MW: ✅ Payment valid MW-->>API: Proceed to handler API->>API: Execute hybrid search API-->>Agent: 200 OK + search results end rect rgb(30, 20, 20) Note over API,Base: Phase 4 — Settlement (async) API->>MW: Response sent, settle payment MW->>Fac: POST /settle {payment payload} Fac->>Base: Submit transferWithAuthorization tx Base-->>Fac: ✅ USDC transferred Fac-->>MW: Settlement confirmed Note over Base: $0.01 USDC moved from
Agent wallet → Book402 wallet end
Key Concepts¶
EIP-3009: TransferWithAuthorization¶
Traditional ERC-20 transfers require the sender to submit a transaction (and pay gas). EIP-3009 allows gasless transfers:
graph TD
subgraph Traditional["Traditional ERC-20 Transfer"]
A1[Sender] -->|"1. approve()"| B1[USDC Contract]
A1 -->|"2. transfer() + gas"| B1
B1 -->|"3. Move tokens"| C1[Receiver]
end
subgraph EIP3009["EIP-3009 (x402 uses this)"]
A2[Agent] -->|"1. Sign authorization
(off-chain, free)"| D[Signed Message] D -->|"2. Send signature"| E[Book402] E -->|"3. Submit to chain"| F[USDC Contract] F -->|"4. Move tokens"| G[Book402 Wallet] end style EIP3009 fill:#0a1a0a,stroke:#33aa33 style Traditional fill:#1a0a0a,stroke:#aa3333
(off-chain, free)"| D[Signed Message] D -->|"2. Send signature"| E[Book402] E -->|"3. Submit to chain"| F[USDC Contract] F -->|"4. Move tokens"| G[Book402 Wallet] end style EIP3009 fill:#0a1a0a,stroke:#33aa33 style Traditional fill:#1a0a0a,stroke:#aa3333
Why This Matters for AI Agents¶
| Benefit | Explanation |
|---|---|
| No gas wallet needed | Agents only need USDC, not ETH |
| Atomic | Payment is tied to the specific request |
| Reversible | If verification fails, no tokens move |
| Fast | Signature verification is instant; settlement is async |
Payment Lifecycle States¶
stateDiagram-v2
[*] --> Created: Agent signs authorization
Created --> Verified: Facilitator validates signature
Created --> Rejected: Invalid signature / insufficient balance
Verified --> Delivered: Server returns content
Delivered --> Settling: Facilitator submits tx
Settling --> Settled: On-chain confirmation
Settling --> Failed: Settlement error (retried)
Settled --> [*]
Rejected --> [*]
Failed --> Settling: Auto-retry
Security Model¶
Important
The signed authorization is scoped to:
- Exact amount ($0.01 or $0.05)
- Specific recipient (Book402 wallet)
- Time-limited (300 seconds default)
- Single-use nonce (can't be replayed)
The agent never sends private keys. Only a cryptographic signature that authorizes a specific transfer.