Skip to main content

Agents + MCP

Agentic payments model

Two agents interact over HTTP 402:

  1. Provider agent issues a challenge.
  2. Payer agent authorizes and executes payment.
  3. Provider agent verifies settlement and returns result.

This is the same payment model used for human clients, but automated end-to-end.

MCP toolchain flow

What this does: uses MCP tools to create challenge, pay, and verify.

Typical tool sequence:

  • create_402_payment
  • handle_402_response
  • verify_payment

Expected result: agents can complete paid API workflows without custom per-scheme glue.

Agent session model

Sessions let a payer pre-authorize an agent under constraints:

  • token caps
  • rate limits
  • expiry
  • scheme allowlist

Use sessionId tagging in referenceData so all spends are auditable and filterable.

End-to-end agent example

What this does: shows provider and payer roles with SDK + API.

import { buildFlexResponse, createApiClient } from '@pepay/x402flex';

const api = createApiClient({ baseUrl: 'https://api.bnbpay.org', apiKey: process.env.BNBPAY_RELAY_KEY });

// Provider agent challenge
const challenge = buildFlexResponse({
  merchant: '0x1111111111111111111111111111111111111111',
  referenceId: 'agent-task-001',
  accepts: [
    {
      scheme: 'exact:evm:permit2',
      network: 'bnbTestnet',
      chainId: 97,
      asset: '0x55d398326f99059fF775485246999027B3197955',
      amount: '1000000',
      payTo: '0x1111111111111111111111111111111111111111',
      router: { address: '0xf14f56A54E0540768b7bC9877BDa7a3FB9e66E91' },
    },
  ],
});

// Payer agent would sign witness/permit and call relay:
await api.relay.payment({
  network: 'bnbTestnet',
  scheme: 'permit2',
  intent: challenge.accepts[0].router!.intent,
  witness: challenge.accepts[0].router!.witness!,
  witnessSignature: '0x...',
  permit2: {
    permit: {
      permitted: {
        token: challenge.accepts[0].asset,
        amount: challenge.accepts[0].amount,
      },
      nonce: 1,
      deadline: Math.floor(Date.now() / 1000) + 3600,
    },
    transferDetails: {
      to: challenge.accepts[0].router!.address,
      requestedAmount: challenge.accepts[0].amount,
    },
    signature: '0x...',
  },
  reference: challenge.accepts[0].reference,
});

Expected result: deterministic settlement record (paymentId, resourceId) that both agents can verify.

Security and guardrails

  • Never grant agents broad private keys without spend constraints.
  • Prefer session-scoped authorization for recurring agent actions.
  • Enforce challenge expiry to limit replay windows.
  • Validate network/router/scheme consistency before executing.

Operational checklist

  • Persist paymentId, resourceId, and referenceData for every agent action.
  • Log chain ID, router address, and tx hash for audit.
  • Monitor relay failures and retry only with fresh challenge state when needed.