x402 buyer-path diagnostic and launch verification

An x402 endpoint can be payable and still invisible.

73.23% of 50,968 endpoints in Ontario's dated public catalog snapshot reported zero calls. Listing alone is not a buyer path.

Test five buyer stages free: HTTP 402, catalog activation, task retrieval, budget and network policy, and public demand evidence. Get the first observable blocker, not an automatic upsell.

No wallet, payment, private repository, or API key. Public receipts are created only with explicit opt-in.

No private keys Observable evidence only Agents still enforce spend policy Free MCP preview first

Buyer path diagnostic

find_first_blocker
HTTP 402
pass
Catalog
stale
Retrieval
0 / 5
Policy
allow
First blocker buyer retrieval

Free launch check

Submit your endpoint and get a public report plus one human repair note.

Want your endpoint in /discover? Start with free listing payload validation (no payment; no storage): POST /api/x402/list-service/validate.

# 1. Verify whether an endpoint is x402/Bazaar ready (free)
curl -X POST https://ontarioprotocol.com/api/verify/x402-readiness \
  -H "Content-Type: application/json" \
  -d '{"target_url":"https://example.com/api/paid-endpoint"}'

# 2. Load the agent trust policy (free)
curl https://ontarioprotocol.com/.well-known/x402-trust.json

# 3. Discover endpoints with grade=ready (free)
curl "https://ontarioprotocol.com/discover?grade=ready"

# 4. Discover everything Ontario exposes (free)
curl https://ontarioprotocol.com/.well-known/x402.json

# 5. Try the free live trust preview — no wallet, no payment, no evidence bundle
curl -X POST https://ontarioprotocol.com/api/demo/agent-trust-scan/live \
  -H "Content-Type: application/json" \
  -d '{"target_url":"https://example.com"}'

# 6. MCP hosts can call agent_trust_preview with the same target_url before selecting the paid scan.

# 7. Probe the paid endpoint without paying — get back HTTP 402
curl -i -X POST https://ontarioprotocol.com/api/x402/agent-trust-scan \
  -H "Content-Type: application/json" \
  -d '{"agent_id":"my-agent","target_url":"https://example.com"}'

# Response:
HTTP/1.1 402 Payment Required
PAYMENT-REQUIRED: <base64-encoded PaymentRequired JSON>
WWW-Authenticate: x402

# 8. Sign + retry with PAYMENT-SIGNATURE header (using x402 client SDK).
# 9. Get back: HTTP 200 + structured trust report + settlement receipt when available.

Ready to turn the probe into a paid call?

If the HTTP 402 challenge looks right, use the payment verification walkthrough to sign one 0.01 USDC agent trust scan on Base. The helper keeps the same endpoint and shows the exact PAYMENT-SIGNATURE retry path.

MCP hosts should call agent_trust_preview first and pay only when the preview is insufficient and their own spend policy allows it.

Why aren't agents buying? →

Find the first blocker across payment readiness, Bazaar activation, buyer-task retrieval, budget and network policy, and public demand evidence.

Find an x402 tool →

Search public paid-agent endpoint metadata by task, recent source activity, Base network, and a hard USDC budget before preflight.

Run the verifier →

Free report for HTTP 402, x402 manifest, OpenAPI, catalog metadata, and fix recommendations.

Browse /discover →

Verification-backed JSON catalog. Use grade=ready or min_score=85 for strict agent payment.

Try the sandbox →

Run can-pay against simulated x402 allow, review, and deny fixtures before using real funds.

Agent payment firewall →

Turn readiness evidence into allow, review, or deny decisions before agents sign payment payloads.

Generate spend policy →

Create a starter JSON policy for budgets, review thresholds, deny rules, and Ontario can-pay calls.

Generate Agent Buyer Card →

State the exact job, inputs, output, price, preflight, evidence, and stop conditions an agent needs before selecting a paid tool.

Generate launch kit →

Create listing JSON, x402 and MCP drafts, an official Registry server.json draft, CI workflow, README copy, and registry text.

Scan repository →

Catch implementation, HTTP 402 test, metadata, CI, documentation, and credential-filename gaps before deployment.

Check MCP Registry readiness →

Inspect a public registry record and live MCP metadata before agents select or pay for a tool.

Audit buyer discovery →

Test one paid endpoint across five live Bazaar buyer searches, observed ranks, quality fields, prices, and metadata gaps.

Score catalog readiness →

Combine live x402, GitHub, and MCP evidence into one provider launch score before asking agents to discover or pay.

Audit settlement authenticity →

Detect self-payments, classify disclosed related-party receipts, and measure payer concentration before calling x402 settlement count customer demand. Includes July 2026 adoption evidence context.

Price an x402 endpoint →

Model cost, retries, fees, margin, and agent budget before publishing a per-call amount that agents can parse.

Danish AI/MCP audit →

Fixed-scope trust audits for Danish teams using AI assistants, MCP tools, or agent payment workflows.

Pay per query →

Settlement-backed /api/agent/pay endpoint for paid policy answers and can-pay data.

Inspect reports →

Crawlable readiness evidence: score, warnings, remediation, history, and certification status.

Read the proof →

Implementation mistakes, manifest repairs, live benchmarks, and MCP paid-tool security checks.

Machine-checkable trust, before spend

A cautious agent should not believe a landing page. Ontario exposes a decision contract it can parse: fresh readiness evidence, strict can-pay policy, sandbox rehearsal, and public report integrity.

01

Fresh endpoint evidence

Verifier output includes grade, score, warnings, remediation, report URL, and the exact endpoint origin.

02

Strict payment gate

Can-pay evaluates network, price ceiling, manifest evidence, and policy before a wallet payload is signed.

03

Public audit trail

Reports, service profiles, signing key metadata, and treasury links give agents evidence they can cite later.

# Public agent invitation
curl https://ontarioprotocol.com/.well-known/agent-invite.json
curl https://ontarioprotocol.com/.well-known/agent-payment-policy.json

# Contract summary
{
  "default_posture": "verify_before_pay",
  "minimum_agent_threshold": {
    "grade": "ready",
    "readiness_score_gte": 85,
    "network": "base",
    "accepts_entries": "present"
  },
  "decision_gate": "/api/agent/can-pay",
  "sandbox": "/sandbox/demo"
}

List a verified x402 service for 0.50 USDC. Prove the rail with 0.01 USDC only after the free report and policy checks are sufficient.

x402 verification answer graph

Direct, crawlable answers for the searches developers and agents use when they need to verify, discover, and integrate paid AI-agent endpoints.

x402 Readiness Checker →

Check whether a paid AI-agent endpoint is ready for x402 discovery, integration, and payment.

x402 Verifier →

Verify x402 paid endpoints before an autonomous agent signs a payment.

x402 Manifest Validator →

Validate /.well-known/x402.json service metadata for paid AI-agent endpoints.

HTTP 402 Payment Validator →

Free HTTP 402 validator for x402 APIs: check the structured payment challenge, price, asset, network, and retry metadata before an agent pays.

AI Agent Payment Preflight →

Ask whether an AI agent should pay an x402 endpoint before spending funds.

Coinbase Bazaar Readiness →

Check an x402 endpoint before Bazaar-style discovery: HTTP 402, accepts entries, price, network, manifest, OpenAPI, and facilitator metadata.

How to Get Listed in Coinbase Bazaar →

A provider checklist for preparing an x402 endpoint for Coinbase Bazaar discovery without confusing metadata readiness with catalog placement.

Paid AI-Agent Endpoint Discovery →

Discover verified x402 paid endpoints that agents can evaluate before payment.

x402 Service Certification →

Understand Ontario Verified and Ontario Certified x402 endpoint status.

MCP x402 Marketplace →

Expose paid x402 endpoints as MCP tools with machine-readable price and trust metadata.

x402 OpenAPI Validator →

Check whether a paid endpoint publishes OpenAPI metadata agents can use.

x402 Service Listing →

List a third-party x402-paid endpoint so agents can discover it with readiness evidence.

Verify Endpoint Before Agent Pays →

Check a paid API endpoint before an autonomous agent signs an x402 payment.

x402 Payment Verification API →

Use Ontario's API surfaces to verify x402 readiness and payment policy before spending.

Agent Can-Pay API →

Return allow, review, or deny before an agent pays an x402 endpoint.

Agent Payment Firewall →

Use readiness evidence and can-pay policy as a firewall before autonomous agent payments.

x402 Paid API Directory →

Browse x402 paid APIs with readiness reports, price, network, and machine-readable metadata before an agent pays.

x402 GitHub Action: Fail CI Before Launch →

Free x402 GitHub Action that fails CI on broken HTTP 402 behavior, stale manifests, or readiness regressions before paid endpoint launch.

How Agentic Is Agentic Commerce? →

Apply July 2026 x402 authenticity research: classify self-payments, related-party receipts, and unattributed Base USDC evidence without fake customer claims.

Full index: /answers/ · JSON for agents: /api/geo/answers

Agent spend guardrails

Ontario should help agents decide whether a payment is safe. It should not silently authorize broad real-world shopping.

Digital API payments first

Public x402 surfaces focus on paid HTTP endpoints, readiness evidence, and agent can-pay policy.

Physical purchases need review

Real-world goods should require allowlists, category limits, spend ceilings, and human approval before checkout.

Fail closed by default

Missing manifests, price mismatch, stale reports, or unsupported networks should produce review or deny decisions.

Evidence beats claims

Agents should inspect report IDs, signed integrity metadata, discovery profiles, and settlement health before paying.

First-party x402 services

Ontario x402 Paid API Preflight 0.002 USDC

Verify an x402 endpoint before an AI agent pays. This x402 paid API verification service and AI-agent tool runs a fresh payment preflight for an autonomous agent: inspect the live HTTP 402 challenge, payTo address, price, Base USDC network and asset, manifest readiness, buyer budget, and spend policy. Returns ALLOW or DENY with reasons, a report ID, settlement metadata, and a settlement-backed SHA-256 evidence receipt. Run free can-pay and readiness checks first. Readiness evidence is not a safety guarantee.

Method
POST
Endpoint
https://ontarioprotocol.com/api/agent/pay/v2
Asset
USDC on base
Pay to
0xa2d72aBF2C5e939fdDCA4156B74dE482e03CA3ec
Agent Commerce Query 0.002 USDC

Pay-per-query agent commerce endpoint. Submit a query and optional endpoint, receive an x402-settled policy answer and structured can-pay data.

Method
POST
Endpoint
https://ontarioprotocol.com/api/agent/pay
Asset
USDC on base
Pay to
0xa2d72aBF2C5e939fdDCA4156B74dE482e03CA3ec
Agent Trust Scan 0.01 USDC

Submit an agent's card URL or A2A endpoint, receive a structured trust report (security signals, identity claims, declared capabilities). Returns JSON.

Method
POST
Endpoint
https://ontarioprotocol.com/api/x402/agent-trust-scan
Asset
USDC on base
Pay to
0xa2d72aBF2C5e939fdDCA4156B74dE482e03CA3ec
x402 Code Review 0.01 USDC

Pay-per-review implementation evidence for a public x402 endpoint or GitHub repository. Returns actionable payment, discovery, security, debugging, and launch findings without returning source contents or secret values. Run free checks first.

Method
POST
Endpoint
https://ontarioprotocol.com/api/x402/implementation-audit
Asset
USDC on base
Pay to
0xa2d72aBF2C5e939fdDCA4156B74dE482e03CA3ec
x402 Demand Authenticity Report 0.02 USDC

Classify up to 20 Base USDC settlement receipts as direct self-payment, user-declared related-party, or unattributed. Unattributed wallets are not counted as proven customers.

Method
POST
Endpoint
https://ontarioprotocol.com/api/x402/demand-authenticity-report
Asset
USDC on base
Pay to
0xa2d72aBF2C5e939fdDCA4156B74dE482e03CA3ec
Agent Reputation Lookup 0.001 USDC

Look up an agent's accumulated reputation (sourced from on-chain EAS attestations on Base + recent scan history).

Method
GET
Endpoint
https://ontarioprotocol.com/api/x402/reputation/<agent_id>
Asset
USDC on base
Pay to
0xa2d72aBF2C5e939fdDCA4156B74dE482e03CA3ec
Submit Agent Listing 0.10 USDC

Submit an AI agent for inclusion in the Ontario Protocol directory. Pays 0.10 USDC up front to deter spam.

Method
POST
Endpoint
https://ontarioprotocol.com/api/x402/list-agent
Asset
USDC on base
Pay to
0xa2d72aBF2C5e939fdDCA4156B74dE482e03CA3ec
List a Third-Party x402 Service 0.50 USDC

Register your own x402-paid endpoint so AI agents discover it through Ontario Protocol's `/discover`. 0.50 USDC listing fee.

Method
POST
Endpoint
https://ontarioprotocol.com/api/x402/list-service
Asset
USDC on base
Pay to
0xa2d72aBF2C5e939fdDCA4156B74dE482e03CA3ec

Live stats

Real numbers, sourced from /api/health. Refreshes on page load.

402 responses served
Successful settlements
Paid calls completed
Total services listed

Counters reset on each Cloud Run revision; cumulative settlements are in /treasury.

Recent on-chain activity

Last 5 settled x402 calls, pulled live from /api/treasury/ledger.

  1. Loading…

List your own x402 service

One paid call gets your endpoint into Ontario's discovery feed and the agent listing manifests. If you route third-party settlement through Ontario's optional proxy facilitator, the default marketplace take rate is 1.5% (150 bps, configurable). Track every cent on /treasury.

Start with free payload validation (no payment; does not store a listing): POST /api/x402/list-service/validate. Full submission docs: /listings#submit-service and /docs#list-service.

# Pay 0.50 USDC and register a service
curl -X POST https://ontarioprotocol.com/api/x402/list-service \
  -H "Content-Type: application/json" \
  -H "PAYMENT-SIGNATURE: <base64 PaymentPayload>" \
  -d '{
    "name":"My Cool API",
    "description":"What it does",
    "endpoint":"https://example.com/api/data",
    "method":"GET",
    "price_atomic":1000,
    "price_usdc":"0.001",
    "category":"data",
    "owner_url":"https://example.com",
    "owner_contact":"ops@example.com"
  }'

Why x402 (the short version)