Ontario Protocol.
x402 pre-payment decision playbook

Prevent paid-but-denied failures for enterprise procurement teams

The worst payment UX is a settlement followed by no usable service response. This playbook maps the decision to observable Ontario evidence so an agent can fail closed before payment.

Prevent paid-denied enterprise teams No-payment first
Decision question: Can enterprise procurement teams rely on this x402 endpoint without vendor approval based on claims instead of report history?

Only after enterprise procurement teams can inspect preflight result, endpoint readiness, report history, payment challenge consistency, and fallback policy. If the evidence is missing, stale, or contradictory, the agent should fail closed.

Required evidence

  • Confirm the endpoint maps to a real payment resource for buyers reviewing paid agent endpoints before pilot approval.
  • Require preflight result, endpoint readiness, report history, payment challenge consistency, and fallback policy.
  • Reject when there is stale report, mismatch between manifest and challenge, missing response schema, or policy review-required.
  • Link the final decision to a public report, manifest, benchmark row, or policy outcome.

Reject conditions

Reject or send to human review when there is stale report, mismatch between manifest and challenge, missing response schema, or policy review-required.

Do not let a positive-looking badge or directory row override a stale or contradictory live check.

Agent workflow

  1. Start with the no-payment evidence path.
  2. Run the Ontario verifier or policy endpoint shown below.
  3. Compare live endpoint behavior against manifest and discovery metadata.
  4. Store the report_id or policy decision with the agent's payment log.
  5. Send the payment only when the agent's own policy allows it.

Command or probe

curl -X POST https://ontarioprotocol.com/api/agent/can-pay \
  -H "Content-Type: application/json" \
  -d '{"target_url":"https://example.com/api/paid-endpoint","fail_closed":true}'

Primary Ontario surface: /api/agent/can-pay

Sourceability note

Search Console showed early impressions for payment attack/preflight proof.

KPI: more public report and trust-boundary page views.

Trust boundary

Ontario Protocol provides readiness and trust signals based on observable endpoint behavior, manifest metadata, payment challenge behavior, report history, and public evidence. It does not guarantee endpoint safety, service quality, financial outcome, or future behavior.

Read payment attack preflight proof Run verifier Browse discovery Read trust boundary