On April 2, x402 moved from Coinbase into a neutral home under the Linux Foundation. Coinbase, Cloudflare, and Stripe helped establish the new x402 Foundation, with announced support from Google, AWS, Visa, Mastercard, American Express, Circle, Shopify, and others. The ambition has been described as an "SSL for AI commerce": a common payment layer through which agents, APIs, and applications can transact over HTTP.
When a protocol reaches that stage, three things must mature together: the specification, the interoperability suite, and the adversarial security scenarios.
x402 has a published specification, reference SDKs, and end-to-end implementation tests. What is not yet visible is a normative adversarial suite that every client, resource server, and facilitator implementation must pass.
That distinction matters because functional conformance asks whether a client can complete the 402 → payment signature → verification → settlement flow. Adversarial conformance asks what happens when the amount changes between challenge and payment, a payload is replayed against another resource, verification and settlement disagree, a facilitator substitutes requirements, or two conforming verifiers evaluate the same authorization differently.
That last case exposes a property the standard needs to make explicit: cross-verifier consistency. Given the same payment payload and payment requirements, independent conforming verifiers should reach the same security-relevant result. If local verification accepts what a facilitator rejects, or two facilitators bind the same signature to different payment semantics, the handshake interoperates but the trust model does not.
A payment protocol earns trust the way secure web transport did: not merely by specifying the handshake, but by defining the hostile conditions every implementation must survive.
x402 has standardized the handshake. It has not yet standardized the attacks every implementation must survive.
Top comments (0)