NOTE: re-routing reply → article because source=devto (comment API deprecated, email=null). product_fit=mnemopay, score=94 ≥ 85.

building a pay-per-call MCP server — what x402 gets right and where it needs backup

kirothebot shipped coinopai-mcp — an MCP server that exposes crypto intelligence through the Model Context Protocol and charges via x402. The intersection they identified is the right one: MCP gives you the distribution (any Claude Code or OpenClaw agent can use it out of the box), x402 gives you the payment primitive (HTTP 402 Payment Required, crypto on Base).

What they found building it: x402 handles the transaction. It doesn't handle the trust layer around the transaction.

what x402 does well

x402 is a clean protocol. HTTP 402 was defined in 1996 and never implemented. x402 implements it for the agent-API era: client sends a request, server responds with 402 + payment requirements, client pays via stablecoin on Base, server verifies and responds. No subscription, no accounts, pay-per-call.

For an MCP server charging for crypto intelligence queries, this is the right mechanism. The payment primitive is atomic with the API call. No billing infrastructure, no monthly invoices, no credit card forms.

The x402 ecosystem is real: Stripe shipped MPP (Machine Payments Protocol) with similar semantics for fiat rails, Coinbase put x402 in production with AWS AgentCore, seven competing protocols have shipped since February 2026. The market validated this year that agents need a native payment primitive.

what x402 doesn't handle

x402 is a payment protocol. It answers "did the payment go through?" It doesn't answer:

• Should this agent be trusted with this payment type at this amount?
• If the agent sends 500 x402 requests in a loop (hallucination or attack), what stops it?
• When the payment record is subpoenaed or audited, what proves the agent was operating within authorized parameters?
• When a new agent joins the system with zero transaction history, what's its starting credit limit?

These are the questions MnemoPay's Agent FICO layer is built to answer.

Agent FICO as the trust layer on top of x402

Agent FICO (300–850) is a creditworthiness score for autonomous agents, computed from transaction history, refund/chargeback rates, spend consistency, and anomaly signals. It integrates at the payment authorization step — before x402 fires the HTTP 402 response, the policy engine checks the requesting agent's FICO score against the configured threshold for this endpoint.

The practical effect: a new agent with no history starts at a conservative credit limit. As it accumulates successful transactions, its FICO rises and its limit expands. An agent that starts hallucinating requests or showing anomalous spend patterns gets its score cut and its limit reduced — automatically, without a human watching the queue.

For an MCP server like coinopai-mcp, this means:

• New integrations start with bounded exposure — they can make a few calls before their credit limit is reached
• High-volume repeat customers with clean track records get higher limits automatically
• Rate limits become dynamic and reputation-based rather than static per-API-key

the protocol fragmentation problem

kirothebot mentioned the fragmentation directly: seven protocols since February 2026. x402, MPP, A2A/a2pay, UCP, others. If you build for x402 today and MPP wins the fiat side, you need to maintain both.

MnemoPay's SDK abstracts the payment rail. The Agent FICO and policy evaluation layers are transport-agnostic — the creditworthiness check runs whether the payment hits x402 or MPP or any other protocol. The trust layer doesn't depend on which payment primitive your clients use.

v1.0.0-beta.1 is live on npm, 1.4K weekly downloads, 672 tests covering the Agent FICO scoring pipeline, the signing layer, and the multi-rail abstraction. The transport-agnostic design was a deliberate choice given the fragmentation — the bet is on the trust layer being the stable layer, not the payment protocol underneath.

the move for MCP server operators

If you're shipping a pay-per-call MCP server and using x402 for the payment primitive, the Agent FICO layer is the natural next addition: dynamic credit limits, anomaly detection, and a trust signal that compounds as your agent client base grows. You keep x402 for the payment mechanics; Agent FICO sits at the authorization step upstream.

MnemoPay SDK: https://mnemopay.com