# x402 Trust Layer

> 63 paid trust APIs enabling x402 standard payment check, Coinbase CDP wallet guardrail spend controls, and automated transaction auditing for AI agent fleets before the money moves.

- Website: https://x402trustlayer.xyz
- OpenAPI: https://x402trustlayer.xyz/openapi.json
- Discovery: https://x402trustlayer.xyz/.well-known/x402
- Skill (agents): https://x402trustlayer.xyz/skill.md
- Full context: https://x402trustlayer.xyz/llms-full.txt
- MCP: npx @mimranakb/trust-layer-mcp@5.2.0 (trust_before_x402_fetch, trust_mandate_diff, trust_semantic_settle)
- npm: x402-agent-suite-preflight
- GitHub: https://github.com/mimranchohan/x402-trust-layer

## Default buyer flow (3 steps)

1. POST /api/x402/proxy — preflight ($0.08)
2. x402_check → x402_fetch on external marketplace URL
3. POST /api/receipt-auditor/verify — settlement proof ($0.05)

## Primary entry points

| Method | Path | Price | Purpose |
|--------|------|-------|---------|


## Tier-1 enterprise

| Method | Path | Price | Purpose |
|--------|------|-------|---------|
| POST | /api/merchant-trust/score | $0.06 | Know-Your-Merchant trust score with wash-trading and verification signals. |
| POST | /api/mandate/compile | $0.08 | Compiles AP2-style signed payment mandate from human intent and guardrails. |
| POST | /api/rail-optimizer/route | $0.04 | Picks best rail: Visa CLI, Stripe MPP, Circle, Base x402 or Solana x402. |
| POST | /api/compliance/ledger | $0.12 | SOC2/tax-ready spend reconciliation with policy flags and tamper hash. |
| POST | /api/dispute/resolve | $0.10 | Visa chargeback dossier or on-chain refund claim builder. |
| POST | /api/quality-escrow/settle | $0.10 | Quality-gated escrow — release on pass, auto-refund on response mismatch. |
| POST | /api/quality-escrow/semantic-settle | $0.12 | Schema + intent rubric escrow with optional LLM judge and auto bond slash. |
| POST | /api/mandate/diff | $0.04 | Compare signed mandate scope to MCP tool trace before payment. |
| POST | /api/merchant-trust/certify | $0.15 | Certify seller with KYM pass, badge, buyer policy, optional virtual bond. |
| POST | /api/trust-network/buyer-gate | $0.03 | Verify buyer attestation and tier against certified seller policy. |
| POST | /api/trust-network/transaction-auth | $0.05 | /api/trust-network/transaction-auth |
| POST | /api/trust-network/insurance/attest | $0.06 | Cryptographically sign transaction liability insurance based on active merchant bonds |
| POST | /api/pipeline/trust-v2 | $0.35 | One-shot: mandate diff + KYM ingest + guard + certified buyer gate. |
| POST | /api/trust-network/bond/slash | $0.03 | Slash certified seller virtual bond after failed delivery. |

## All 63 paid routes

| Method | Path | Price | Summary |
|--------|------|-------|---------|
| POST | /api/a2a/execute | $0.10 | Agent-to-agent x402 orchestration: trust preflight then paid call to seller endpoint |
| POST | /api/bedrock/preflight | $0.05 | AWS Bedrock / enterprise agent preflight: guard, mandate, and trust bundle before x402 pay |
| POST | /api/market/buy-advisor | $0.08 | Jupiter-style buy quote — ranks paid APIs for an intent with policy and MPP advice. |
| POST | /api/seller/audition-coach | $0.06 | Pre-listing QA: audits OpenAPI, discovery manifests and 402 probes. |
| POST | /api/x402/proxy | $0.08 | All-in-one preflight before any external x402 payment — policy, identity, risk, security grade and optional attestation. |
| POST | /api/mpp/session | $0.03 | MPP session lifecycle: open, voucher, close — batch settlement on Base/Solana. |
| POST | /api/attestation/issue | $0.04 | Issues HMAC-signed preflight attestation for partner agent networks. |
| POST | /api/attestation/verify | $0.02 | Verifies attestation signature, expiry and registry lookup. |
| GET | /api/attestation/registry | $0.02 | Query trust registry of valid agent attestations. |
| POST | /api/guard/pre-x402-alchemy | $0.05 | Pre-x402 guard optimized for Alchemy: spend + identity + risk |
| POST | /api/alchemy/paymaster-policy | Free | Alchemy Paymaster Custom Webhook Policy for sponsored transactions |
| POST | /api/alchemy/notify-webhook | Free | Alchemy Notify Webhook Receiver for transaction audit logging |
| POST | /api/alchemy/simulate-shield | Free | Alchemy-powered 2026 Transaction simulation and safety shield |
| POST | /api/guard/pre-x402 | $0.05 | Spend governor + identity gate + risk gate in one lightweight call. |
| POST | /api/guard/payload-sandbox | $0.04 | Payload sandbox to check request schemas for prompt injections and malicious commands |
| POST | /api/agent/verify | $0.04 | ERC-8004 TrustScore on Base mainnet — registration, reputation, wallet binding, agent card, domain. |
| POST | /api/pipeline/execute | $0.25 | One-shot orchestration: guard, NL plan, facilitator routing and marketplace pick. |
| POST | /api/facilitator/failover | $0.05 | Ranks x402 facilitators and recommends a healthy failover route. |
| POST | /api/router/route | $0.02 | Routes capability queries to the best verified x402 marketplace API. |
| POST | /api/research/brief | $0.20 | Builds a paid-API research pipeline and cost estimate for any topic. |
| POST | /api/receipt-auditor/verify | $0.05 | Verifies x402 settlement receipts and on-chain transaction alignment. |
| POST | /api/refund-arbiter/evaluate | $0.08 | Evaluates buyer refund eligibility from verification signals. |
| POST | /api/budget-allocator/run | $0.03 | Allocates shared USDC pool across agent fleet by priority. |
| POST | /api/settlement-graph/next | $0.02 | Recommends next paid APIs to call after a settlement receipt. |
| POST | /api/quality-monitor/probe | $0.03 | Regression-probes up to 10 x402 endpoints and returns quality scores. |
| POST | /api/evidence-locker/export | $0.10 | Exports tamper-evident compliance bundles for x402 settlements. |
| POST | /api/agent-escrow | $0.12 | Create, status or release agent-to-agent USDC escrow records. |
| POST | /api/merchant-trust/score | $0.06 | Know-Your-Merchant trust score with wash-trading and verification signals. |
| POST | /api/mandate/compile | $0.08 | Compiles AP2-style signed payment mandate from human intent and guardrails. |
| POST | /api/rail-optimizer/route | $0.04 | Picks best rail: Visa CLI, Stripe MPP, Circle, Base x402 or Solana x402. |
| POST | /api/compliance/ledger | $0.12 | SOC2/tax-ready spend reconciliation with policy flags and tamper hash. |
| POST | /api/dispute/resolve | $0.10 | Visa chargeback dossier or on-chain refund claim builder. |
| POST | /api/quality-escrow/settle | $0.10 | Quality-gated escrow — release on pass, auto-refund on response mismatch. |
| POST | /api/quality-escrow/semantic-settle | $0.12 | Schema + intent rubric escrow with optional LLM judge and auto bond slash. |
| POST | /api/mandate/diff | $0.04 | Compare signed mandate scope to MCP tool trace before payment. |
| POST | /api/merchant-trust/certify | $0.15 | Certify seller with KYM pass, badge, buyer policy, optional virtual bond. |
| POST | /api/trust-network/buyer-gate | $0.03 | Verify buyer attestation and tier against certified seller policy. |
| POST | /api/trust-network/transaction-auth | $0.05 | /api/trust-network/transaction-auth |
| POST | /api/trust-network/insurance/attest | $0.06 | Cryptographically sign transaction liability insurance based on active merchant bonds |
| POST | /api/escrow/metered/open | $0.05 | /api/escrow/metered/open |
| POST | /api/escrow/metered/charge | $0.01 | /api/escrow/metered/charge |
| POST | /api/escrow/metered/close | $0.05 | /api/escrow/metered/close |
| POST | /api/mcp/tools/call | $0.02 | /api/mcp/tools/call |
| GET | /api/dashboard/summary | Free | /api/dashboard/summary |
| POST | /api/solana-pay/action/agent-verify | Free | /api/solana-pay/action/agent-verify |
| POST | /api/solana-pay/action/agent-verify | Free | /api/solana-pay/action/agent-verify |
| POST | /api/pipeline/trust-v2 | $0.35 | One-shot: mandate diff + KYM ingest + guard + certified buyer gate. |
| POST | /api/trust-network/bond/slash | $0.03 | Slash certified seller virtual bond after failed delivery. |
| POST | /api/protocol/pipeline/full-trust | $0.45 | Agent Trust Protocol v4 full pipeline before x402 payment |
| POST | /api/protocol/passport/issue | $0.06 | Issue Agent Passport DID verifiable credential |
| POST | /api/protocol/passport/verify | $0.02 | Verify Agent Passport credential signature |
| POST | /api/protocol/trust-score/v2 | $0.08 | TrustScore v2 with tamper-resistant HMAC proof |
| POST | /api/protocol/fraud/scan | $0.10 | Graph fraud scan for Sybil and wash trading |
| POST | /api/protocol/oracle/consensus | $0.12 | Trust oracle quorum consensus |
| POST | /api/protocol/execution/issue | $0.05 | Proof of Execution task receipt |
| POST | /api/protocol/execution/verify | $0.03 | Verify Proof of Execution receipt |
| POST | /api/protocol/reasoning/commit | $0.08 | Commit reasoning audit Merkle tree |
| POST | /api/protocol/reasoning/disclose | $0.04 | Selective disclosure of reasoning audit leaves |
| POST | /api/protocol/replay/bind | $0.02 | Replay-safe payment binding |
| POST | /api/protocol/replay/verify | $0.02 | Verify and consume replay binding |
| POST | /api/protocol/zk/prove | $0.15 | ZK-style proof of budget, reputation, or compliance |
| POST | /api/protocol/credit/score | $0.06 | AI Agent Credit Bureau 300-900 |
| POST | /api/protocol/compliance/assess | $0.10 | Enterprise AML/KYC compliance assess |

## Free endpoints (no x402 payment)

| Method | Path | Purpose |
|--------|------|---------|
| GET | /health | Monitoring |
| GET | /.well-known/x402 | Paid URL catalog |
| GET | /llms.txt | AI index (this file) |
| GET | /skill.md | Agent skill file |
| GET | /api/agentic/validate-urls | Agentic Market URL list |
| POST | /api/webhooks/register | Fleet webhook registration (beta) |
| GET | /api/agent/lookup/:wallet | Free ERC-8004 TrustScore lookup (30/hr/IP) |
| GET | /api/merchant-trust/certified/:host | Certified seller badge lookup |
| GET | /api/trust-network/catalog | Certified sellers catalog |
| GET | /api/webhooks/list | List webhooks |

## Networks

Mainnet: Base (eip155:8453), Solana, Polygon (eip155:137) — USDC via Dexter or CDP facilitator.
Testnet: set X402_TESTNET=1 → Base Sepolia + Solana Devnet via https://x402.org/facilitator

## Agentic Wallet integration

Coinbase Agentic Wallet MCP pays for x402 services. Call Trust Layer guard BEFORE payments-mcp pays:
POST /api/guard/pre-x402 → then Agentic Wallet discovers and pays downstream.

See: docs/AGENTIC-WALLET.md

## Agentic Security & Google Research Alignments

- **Agentic Engineering Paradigm**: The Trust Layer utilizes standard guardrails for autonomous agent execution. Under `POST /api/guard/payload-sandbox`, incoming request schemas and payloads are recursively scanned against 9 classes of adversarial threats: prompt injection system overrides, roleplay persona shifts, wallet balance draining commands, private key/credential harvesting, arbitrary command execution, XSS injection, network SSRF exploits, path traversal, and prompt extraction attacks.
- **Scam Elucidation (CASE)**: Cryptographic attestations at `POST /api/trust-network/insurance/attest` issue transaction-level insurance coverage certificates against certified seller virtual bonds, guarding against wash trading and Sybil behaviors.
