DEV Community

satring
satring

Posted on

The L402 Ecosystem Has 100+ Live APIs. The Problem Is Finding Them.

#api #bitcoin #showdev #opensource

HTTP 402 "Payment Required" has been a reserved status code since 1997. For nearly 30 years, no browser or server actually used it. That changed recently.

What is L402?

L402 is a protocol that puts Bitcoin Lightning micropayments behind the 402 status code. The flow is simple:

  1. Client requests a resource
  2. Server returns 402 with a WWW-Authenticate header containing a Lightning invoice and a macaroon
  3. Client pays the invoice (a few sats, fractions of a cent)
  4. Client retries with Authorization: L402 MACAROON:PREIMAGE
  5. Server verifies and returns the resource

No API keys. No OAuth. No credit cards. No accounts. The payment is the authentication.

# Example: hit an L402-protected endpoint
curl https://api.example.com/v1/data
# Returns: 402 + WWW-Authenticate: L402 macaroon="...", invoice="lnbc..."

# Pay the invoice with any Lightning wallet, get the preimage
# Then retry with the proof of payment
curl -H "Authorization: L402 MACAROON:PREIMAGE" https://api.example.com/v1/data
# Returns: 200 + data
Enter fullscreen mode Exit fullscreen mode

The ecosystem is bigger than you think

There are now 100+ live L402 services in production across categories like:

  • Data: price oracles, mempool stats, on-chain analytics
  • Identity: Nostr trust scoring, PageRank, Sybil detection, spam classification
  • Finance: market signals, derivatives data, technical analysis
  • Media: image generation, transcription, content APIs
  • Search: web search, semantic search, domain lookups
  • Tools: URL shorteners, webhooks, compute services

Lightning Labs shipped lnget (a command-line L402 client) in February. Alby's PaidMCP SDK connects L402 services to AI agents via MCP. Coinbase and Cloudflare are pushing the parallel x402 protocol (same concept, stablecoins instead of Lightning). The infrastructure is real and growing fast.

The discovery problem

Here's the catch: there's no good way to find these services. Each L402 endpoint exists in isolation. If you're a developer building an L402 client, or an AI agent that needs to discover and pay for APIs autonomously, you have to know the exact URL in advance.

The closest things to a directory have been a static GitHub README (awesome-L402) and a couple of sites with fewer than 5 listings.

Building a searchable catalog

I built satring.com to fix this. It's a searchable directory of L402 services with:

  • Daily automated probing: every listed endpoint is checked for liveness and proper L402 support (valid 402 response + WWW-Authenticate header with macaroon challenge)
  • Verified status tags: confirmed (proper L402), live (reachable but no paywall detected), or dead
  • 9 categories: Data, Finance, Identity, Media, Search, Social, Storage, Tools, Other
  • JSON API for programmatic access (agents can query it directly): 
# search for services
curl https://satring.com/api/v1/search?q=sentiment

# list by category
curl https://satring.com/api/v1/services?category=finance

# full OpenAPI docs
# https://satring.com/docs
Enter fullscreen mode Exit fullscreen mode
  • Domain verification: service owners can prove ownership via a .well-known/satring-verify challenge

Reading is free, no auth required. Submitting a service costs 1,000 sats, leaving a rating costs 10 sats. Both gated via L402 macaroons, which keeps the catalog clean without moderators or user accounts.

Why this matters for AI agents

This is the use case that motivated the project. An AI agent with an L402 client (like lnget or Alby's PaidMCP SDK) can:

  1. Query satring's API to discover services matching a need
  2. Get the endpoint URL and expected pricing
  3. Hit the endpoint, receive the 402 challenge
  4. Pay the Lightning invoice automatically
  5. Call the service with the proof of payment

The entire flow is autonomous. No human needs to sign up for anything, provision API keys, or enter credit card details. The agent discovers, pays, and consumes services on its own.

Tech stack

FastAPI, SQLite, HTMX. Single lightweight server. Fully open source: github.com/toadlyBroodle/satring

If you're running an L402 service, you can submit it at satring.com/submit. If you're building L402 clients or agent tooling, the API is open and documented at satring.com/docs.

Would be interested to hear from anyone working in this space, especially on the agent service discovery side.

Top comments (0)