Payment Flow

HTTP 402 Protocol

The x402 protocol uses HTTP status code 402 (Payment Required) to negotiate payments.

Payment Flow

Step by Step

1. Request Protected Resource

Client requests a resource that requires payment:

GET /api/premium-data HTTP/1.1
Host: example.com

2. Receive Payment Requirements

Server responds with 402 and requirements in header:

HTTP/1.1 402 Payment Required
X-Accept-Payment: [{"scheme":"fhe-transfer",...}]

Requirements include:

payTo: Merchant address
maxAmountRequired: Required amount
asset: Token contract address

3. Create Decryption Signature

Client creates a signature authorizing server-side decryption:

const signature = await createDecryptionSignature({
  contractAddresses: [tokenAddress],
  durationDays: 365
});

This is done once and reused for 365 days.

4. Make Confidential Transfer

Client encrypts amount and submits transfer:

const txHash = await transferTokens(merchantAddress, amount);

The amount is encrypted on-chain using FHE.

5. Send Payment Proof

Client retries request with payment header:

GET /api/premium-data HTTP/1.1
x-payment: base64({"txHash":"0x...","decryptionSignature":{...}})

6. Verify Payment

Server sends verification request to facilitator:

const result = await fetch('http://facilitator/verify', {
  method: 'POST',
  body: JSON.stringify({
    paymentPayload,
    paymentRequirements
  })
});

7. Facilitator Verification

Facilitator performs:

Fetch transaction receipt from chain
Extract ConfidentialTransfer event
Verify recipient matches payTo
Decrypt amount using FHE relayer
Confirm amount >= required

8. Return Content

If valid, server returns the protected content:

HTTP/1.1 200 OK
Content-Type: application/json

{"data": "premium content..."}

HTTP 402 Protocol​

Step by Step​

1. Request Protected Resource​

2. Receive Payment Requirements​

3. Create Decryption Signature​

4. Make Confidential Transfer​

5. Send Payment Proof​

6. Verify Payment​

7. Facilitator Verification​

8. Return Content​