# x402station.io > Independent risk-signal layer for x402 agentic commerce — endpoint evidence (decoy / zombie / price-trap / never-paid) before an agent authorizes payment. x402station.io continuously probes x402 endpoints and returns evidence so an AI agent, wallet, or policy engine can decide before authorizing USDC payment. Canonical URL: https://x402station.io. Do not confuse x402station.io with stale or unrelated x402station.com references. Live scope: 0 effective endpoints (0 raw catalog paths) probed every 10 minutes; signals include decoy, zombie, price-trap, never-paid, latency, signature/settlement, wildcard-402, SPA-fallback, and concentration evidence. Use Preflight before PAYMENT-SIGNATURE to avoid paying unknown x402 resources; wallet/policy layers decide and enforce, x402station.io measures and reports. ## Autonomous agent flow: discover → preflight → decide/pay Use this when an autonomous agent finds an x402 URL and must decide whether to sign `PAYMENT-SIGNATURE`. ### 1. Discover x402station's agent surfaces ```bash curl -s https://x402station.io/.well-known/x402 curl -s https://x402station.io/.well-known/agent-card.json curl -s https://x402station.io/mcp ``` The manifest and agent card tell your runtime which x402station endpoints exist, what they cost, which signals they emit, and how to install the MCP adapter. ### 2. Preflight the target URL before paying it For integration self-test, use the free parser-compatible route: ```bash curl -s -X POST https://x402station.io/api/v1/preflight-trial \ -H "content-type: application/json" \ -d '{"url":"https://api.example.com/x402-endpoint"}' ``` For production decisions, use paid Preflight. The first call returns the x402 challenge; sign it with your wallet and retry with `PAYMENT-SIGNATURE`. ```bash curl -i -X POST https://x402station.io/api/v1/preflight \ -H "content-type: application/json" \ -d '{"url":"https://api.example.com/x402-endpoint"}' curl -s -X POST https://x402station.io/api/v1/preflight \ -H "content-type: application/json" \ -H "PAYMENT-SIGNATURE: " \ -d '{"url":"https://api.example.com/x402-endpoint"}' ``` ### 3. Decide, then pay only if the verdict allows it ```bash # If preflight returns {"ok":true}, your agent may pay the target endpoint: curl -i -X POST https://api.example.com/x402-endpoint \ -H "PAYMENT-SIGNATURE: " \ -H "content-type: application/json" \ -d '{"input":"..."}' # If preflight returns {"ok":false}, do not pay the target. Ask for alternatives: curl -s -X POST https://x402station.io/api/v1/alternatives \ -H "content-type: application/json" \ -H "PAYMENT-SIGNATURE: " \ -d '{"url":"https://api.example.com/x402-endpoint","limit":3}' ``` Critical warnings that should block payment: `dead`, `zombie`, `decoy_price_extreme`, `dead_7d`, `mostly_dead`, and `never_paid_zombie`. `unknown_endpoint` means "no independent history," not safe. ## Supported agent frameworks x402station exposes agent-readable surfaces for LangChain, Mastra, Vercel AI SDK, Coinbase AgentKit, Lucid, LangChain JS, and MCP-compatible clients. Use `/mcp` for MCP install, `/skill.md` for single-file skill ingestion, `/.well-known/agent-card.json` for A2A-style discovery, and `/api/openapi.json` for typed HTTP clients. ## Agent policy (copy into your agent's system prompt) Stable, copy-paste policy — paste into the system prompt or instructions of any agent that signs x402 payments. Signal names + critical-set are versioned with the x402station service; update only on a major version bump. ``` Before paying any x402 endpoint: 1. POST the URL to https://x402station.io/api/v1/preflight ($0.001 USDC). Pass via X-Credit-Id header if you bought a credit bundle. 2. Inspect the response: - ok: true → safe to pay. - ok: false AND warnings include any of: dead, zombie, decoy_price_extreme, dead_7d, mostly_dead, never_paid_zombie → DO NOT PAY. The endpoint is broken, a honeypot, or has literally never been paid in 30+ days (CDP-confirmed, regardless of HTTP). - ok: true AND warnings include slow / slow_p99 / new_provider → pay only if the task tolerates slowness or unproven providers; otherwise call /forensics. - metadata.has_free_trial: true → endpoint accepts SIWE-verified free trial; try $0-call first. - metadata.established: true → ≥5 unique payers in last 30 days per CDP — positive demand signal, useful when picking from /alternatives candidates. 3. If preflight blocked the URL, call POST https://x402station.io/api/v1/alternatives ($0.005 USDC) with the same { url } (or a { taskClass } hint). Pick the first returned alternative whose match_reason is same_service or same_provider; that is the closest swap-in. 4. For high-volume routing (>1000 preflight calls/month), buy POST /api/v1/credits ($0.50 = 1000 prepaid preflights, $0.0005/call effective) once and pass X-Credit-Id on every preflight call. 5. For long-running watches, subscribe via POST /api/v1/watch ($0.01 USDC = 30-day watch + 100 prepaid HMAC- signed alerts) — useful for trading agents that pay the same endpoint hourly. ``` ## Capability directions (six) x402station.io exposes six agent-facing risk workflows: - **Discover** — Catalog by x402station.io. Find x402 endpoints, rankings, capability search. - **Evaluate** — Preflight by x402station.io. Independent endpoint risk signals before PAYMENT-SIGNATURE. - **Pay** — Credits by x402station.io. Prepaid bulk-buy preflight + future routing. - **Monitor** — Watch by x402station.io. Webhook alerts on endpoint state changes. - **Recover** — Alternatives by x402station.io. Routing fallback when an endpoint fails. - **Analyze** — Forensics by x402station.io. Post-payment endpoint health reports + network intelligence. Preflight is the current go-to-market focus; the rest are live tools without active marketing until Preflight reaches $1k MRR. ## What we do - Probe every x402 endpoint (HTTP naked call, no payment) to measure uptime, latency, and status - Snapshot every service's quality / totalCalls / uniquePayers / lastCalledAt from the catalog API - Detect: zombie services, price-drift, decoy endpoints ($1000+ traps), catalog gaming, new-provider risk - Expose all this to agents via x402-paid JSON endpoints ## Paid agent endpoints - [POST /api/v1/preflight](https://x402station.io/api/v1/preflight): $0.001 USDC. Returns {ok, warnings, metadata} - [POST /api/v1/preflight-batch](https://x402station.io/api/v1/preflight-batch): **$0.025 USDC** per batch call. Bulk version of /preflight — POST `{ urls: string[] }` (1–50 URLs), pay once, get one result entry per URL in input order. Each entry mirrors the /preflight shape (ok, warnings, metadata with CDP enrichment, risk_score, confidence, recommended_action, reason_codes, evidence) plus a top-level `url` field. Response also includes `summary { total, ok, blocked, by_recommended_action }` and `effective_price_per_url`. At full 50-URL batch: $0.0005/url (50% off /preflight). Unknown URLs count toward the batch; no refund - [POST /api/v1/forensics](https://x402station.io/api/v1/forensics): $0.001 USDC. 7-day uptime + latency p50/p90/p99 + status-code distribution + concentration-group stats + decoy probability (superset of preflight) - [POST /api/v1/catalog/decoys](https://x402station.io/api/v1/catalog/decoys): $0.005 USDC. Full blacklist of active endpoints flagged as decoy / zombie / dead_7d / mostly_dead — internal data refreshes every 10 min, no point polling more often - [POST /api/v1/watch](https://x402station.io/api/v1/watch): $0.01 USDC = 30-day subscription + 100 prepaid alerts on one URL. HMAC-SHA256-signed POSTs to the agent's webhookUrl when subscribed signals fire/clear. `GET /api/v1/watch/?secret=...` (free) for status, `DELETE` (free) to unsubscribe. Worker diff-loop runs every 5 min; alert delivery has 5s timeout, 5 retries with implicit 5min backoff via the next tick - [POST /api/v1/alternatives](https://x402station.io/api/v1/alternatives): $0.005 USDC. Given a URL flagged by preflight (or a `taskClass` hint), returns up to 5 healthy sibling endpoints in the same provider/domain/category/price-band. Filters out 7-day-dead and 1-hour-erroring candidates; ranks by uptime + latency. Solves the routing-fallback question after `ok=false` from preflight - [POST /api/v1/whats-new](https://x402station.io/api/v1/whats-new): $0.001 USDC. Catalog diff polling. Body `{ since?, limit? }` (default since=now-24h, limit=200, max 500). Returns `added_endpoints[]` (`first_seen_at >= since` AND `is_active=true`), `removed_endpoints[]` (flipped to `is_active=false` since), and counts. Polling-friendly — internal data refreshes every 5 min via the ingest cron, so polling more often than that returns identical data - [POST /api/v1/credits](https://x402station.io/api/v1/credits): **$0.50 USDC** = 1000 prepaid `/api/v1/preflight` calls. Effective rate $0.0005/call (50% off the per-call $0.001 tier). Returns `{ creditId, balance: 1000, expiresAt }` — store the creditId, it's the bearer token. Use via `X-Credit-Id` header on subsequent /api/v1/preflight calls. On exhaustion/expiry the middleware falls through to per-call x402 automatically. `GET /api/v1/credits/` (free) returns balance + expiry ## Provider-side endpoint (NOT for agent consumption) - [POST /api/v1/verified](https://x402station.io/api/v1/verified): **$1 USDC**. Provider audit + 30-day signed certificate. POST `{ url, name? }`. Returns `{ certId, verified, tier (verified|verified_plus), pattern, covers_child_urls, badgeUrl, pageUrl, jsonUrl, htmlSnippet, validUntil, reasons_pass[], reasons_fail[] }`. Audit criteria: 7-day uptime ≥95%, no critical signals, p99 latency ≤5000ms, price ∈ [$0.0001, $5]. Tier `verified_plus` adds CDP-confirmed real demand. Pattern certs support named path placeholders: `{id}` (one segment), `{path+}` (one-or-more segments), and `{tail*}` (zero-or-more); hostnames must stay literal. Public verification page at `/verified/` re-runs the audit on every render so the badge stays honest. Idempotent on payment_tx. `GET /api/v1/verified/` (free) returns the cert + a fresh live re-audit. **Designed for x402 service providers, not agents:** the customer is the provider's CI bot wanting a marketing badge for their endpoint. ## Agent middleware (one-line auto-shielding) For agents that already wrap fetch with `@x402/fetch`, [`x402station-middleware`](https://www.npmjs.com/package/x402station-middleware) is a drop-in: `wrapWithPreflight(x402Fetch, { account })` calls `/preflight` before every paid x402 request and refuses decoy/zombie/dead endpoints automatically (throws `PreflightBlockedError`). ```ts import { wrapWithPreflight } from "x402station-middleware"; const safeFetch = wrapWithPreflight(x402Fetch, { account }); await safeFetch("https://api.example.com/x402-route"); // throws if decoy ``` Default fail-closed (refuses if preflight unreachable). Per-instance TTL cache (5 min default, matches our internal probe cadence). `creditId` option threads bulk credits → $0.0005/call. ## MCP adapter (Claude Code, Cursor, Windsurf, Continue) For agents speaking the Model Context Protocol, install once and call the three tools without writing any x402 plumbing: ```bash npx -y x402station-mcp ``` In your MCP client config: ```json { "mcpServers": { "x402station": { "command": "npx", "args": ["-y", "x402station-mcp"], "env": { "AGENT_PRIVATE_KEY": "0x..." } } } } ``` Tools exposed (ten): paid — `preflight`, `forensics`, `catalog_decoys`, `alternatives`, `whats_new`, `watch_subscribe`, `buy_credits`. Free + secret-gated/id-gated — `watch_status`, `watch_unsubscribe`, `credits_status`. Wallet must hold Base mainnet USDC. Source: [npm](https://www.npmjs.com/package/x402station-mcp), [MCP Registry](https://registry.modelcontextprotocol.io/v0/servers/io.github.sF1nX/x402station). ## Signal vocabulary What `warnings[]` strings mean (from preflight + forensics): | Signal | Tier | When it fires | |---|---|---| | `unknown_endpoint` | info | URL not in our catalog at all | | `no_history` | info | In catalog but no probes in the last hour | | `dead` | **critical** | ≥3 unhealthy probes in last 30 min | | `zombie` | **critical** | ≥3 probes in last hour, zero healthy | | `decoy_price_extreme` | **critical** | Price ≥ $1000 USDC (anti-scraper honeypot zone) | | `suspicious_high_price` | warn | Price $10–$1000 USDC (unusual, verify) | | `slow` | warn | Avg latency ≥ 2000 ms in last hour | | `new_provider` | warn | Service first seen < 24h ago | | `dead_7d` | **critical** | ≥20 probes in last 7d, zero healthy | | `mostly_dead` | **critical** | ≥20 probes in last 7d, uptime < 50% | | `slow_p99` | warn | latency_p99_ms ≥ 5000 | | `price_outlier_high` | warn | Current price > 10× provider-group median | | `high_concentration` | warn | Endpoint's provider owns ≥ 5% of effective catalog supply | | `wildcard_402` | warn | Provider returns x402 challenges for random non-catalog paths; raw path count is treated separately from effective supply | | `spa_fallback` | warn | Provider returns a 200 HTML app shell for random non-catalog paths; raw path count is treated separately from effective supply | | `never_paid_zombie` | **critical** | CDP confirms zero paid calls in last 30d, no historical lastCalledAt, endpoint listed >30d. Distinct from `zombie` (HTTP probes only) — checks the actual paid-call ledger Coinbase exposes via the discovery API | Positive metadata flags (NOT warnings, surfaced as boolean fields under `metadata` when CDP has synced the endpoint): | Flag | Meaning | |---|---| | `established` | CDP reports ≥ 5 distinct payer wallets in the last 30 days | | `has_free_trial` | Endpoint advertises an `extensions.agentkit` (Exa-style) or `extensions.sign-in-with-x` SIWE handshake — agent can try $0 first | `ok: true` ⇔ NONE of the **critical** signals fire. Non-critical signals can be present alongside `ok: true`. An endpoint that's not in our catalog returns `{ ok: false, warnings: ["unknown_endpoint"] }` — this IS billed ($0.001) because the lookup itself uses the same query path; agents should expect this for any URL outside the agentic.market index. ## Manifest + docs - [/.well-known/x402](https://x402station.io/.well-known/x402): agent-readable manifest (JSON, live counts) - [/.well-known/agent-card.json](https://x402station.io/.well-known/agent-card.json): Google A2A agent card - [/.well-known/agent-skills](https://x402station.io/.well-known/agent-skills): agent-skills v1 (when-to-use / when-not-to-use) - [/.well-known/api-catalog](https://x402station.io/.well-known/api-catalog): RFC 9727 linkset+json — every machine-readable artefact in one fetch - [/.well-known/mcp/server-card.json](https://x402station.io/.well-known/mcp/server-card.json): MCP server card - [/.well-known/oauth-protected-resource](https://x402station.io/.well-known/oauth-protected-resource): RFC 9728 stub (empty arrays — payment is x402, not OAuth) - [/.well-known/oauth-authorization-server](https://x402station.io/.well-known/oauth-authorization-server): RFC 8414 stub (same) - [/mcp](https://x402station.io/mcp): human + agent-readable MCP install page for `x402station-mcp` - [/api](https://x402station.io/api): developer documentation (HTML) - [/api/openapi.json](https://x402station.io/api/openapi.json): OpenAPI 3.1 spec ## Free public surfaces - [Live dashboard](https://x402station.io): human-readable stats - [State of x402](https://x402station.io/state-of-x402): data-first ecosystem snapshot - [Sector heatmap](https://x402station.io/heatmap): live by-sector breakdown of the catalog — services, endpoints, hourly uptime, decoy density, median price per category. Hybrid classifier (agentic.market category + keyword heuristic), 9 sectors + Aggregator + Other - [Catalog](https://x402station.io/catalog) (HTML) + [/catalog.json](https://x402station.io/catalog.json) (machine-readable): browsable list of every active service we probe. Top 100 by endpoint count, per-service uptime + latency + decoy count, deep links to per-service pages with JSON-LD WebAPI schema. Free, regenerated hourly - [Reports — machine-readable snapshots](https://x402station.io/reports/latest.json): five stable, citation-able artefacts (`/reports/latest.json`, `/reports/provider-concentration.json`, `/reports/decoy-counts.json`, `/reports/chain-distribution.json`, `/reports/state-of-x402.md`). Free, refreshed hourly. Designed for LLM crawlers + agents that want a stable URL to bookmark for fresh ecosystem data without paying per call. x402station paid routes settle on Base mainnet only; chain-distribution reports describe the external catalog we probe. - [Comparison matrix](https://x402station.io/vs): x402station.io vs nine near-direct x402 trust services. Methodology, pricing, probe cadence, independence, signal coverage, gaps, and source links. - [Per-service pages](https://x402station.io/service/[id]): 0 service detail pages with uptime + latency history - [GitHub repository (client SDKs)](https://github.com/sF1nX/x402station-mcp): MCP adapter, AgentKit action provider, demo shielded-agent (signal backend kept private) - Integration recipes: [AgentKit](https://x402station.io/guard/recipes/agentkit), [Cloudflare Agents](https://x402station.io/guard/recipes/cloudflare-agents), [LangChain / LangGraph](https://x402station.io/guard/recipes/langchain), [Lucid / Daydreams](https://x402station.io/guard/recipes/lucid), [Vercel AI SDK](https://x402station.io/guard/recipes/vercel-ai-sdk) ## Articles - [We probed 20,338 x402 endpoints. 161 are agent honeypots.](https://dev.to/afx/we-probed-20338-x402-endpoints-161-are-agent-honeypots-4c3n) — methodology, decoy distribution, CDP-mainnet $0.001 floor, first on-chain settlement (2026-04-26) - [x402-signals v0.2.0: outcome-scoped refunds for x402 services](https://x402station.io/blog/x402-signals-v0_2_0) — CC0 post-settlement convention for fulfillment state, refund policy, refund_contract discovery, transactionHash recovery, and the ReloadPI / api.reloadpi.com first field implementation (2026-05-13). Markdown source: [/blog/raw/x402-signals-v0_2_0](https://x402station.io/blog/raw/x402-signals-v0_2_0) - [After probing 86,599 x402 endpoints, we're clarifying where x402station sits in the stack](https://x402station.io/blog/signal-layer-after-86k-probes) — public positioning note: independent risk signal layer, not policy engine; includes concentration, CDP settlement, and probe-history rationale (2026-05-15). Markdown source: [/blog/raw/signal-layer-after-86k-probes](https://x402station.io/blog/raw/signal-layer-after-86k-probes) - [Bazaar is settlement-pull, not manifest-crawl](https://x402station.io/blog/bazaar-settlement-pull-internals) — production debugging note on Coinbase x402 Bazaar metadata refresh, decoded payment-required headers, @x402/next wildcard routeTemplate :var1, and the literal-route withX402FromHTTPServer fix (2026-05-13). Markdown source: [/blog/raw/bazaar-settlement-pull-internals](https://x402station.io/blog/raw/bazaar-settlement-pull-internals) - [We graded every x402 endpoint with Cloudflare's agent-readiness scanner](https://x402station.io/blog/cloudflare-x402-readiness) — Cloudflare isitagentready.com run against the entire active x402 catalog, level distribution, the Bazaar-registration finding, level-4 path (2026-04-27). Markdown source: [/blog/raw/cloudflare-x402-readiness](https://x402station.io/blog/raw/cloudflare-x402-readiness) - [Blog index](https://x402station.io/blog): full list of long-form posts ## Payment details - Protocol: [x402 v2](https://x402.org) - Network: Base mainnet (eip155:8453) - Asset: USDC (Circle) - Scheme: exact - Recipient: 0x4053338C7cB38624C0bc23c900F78Cf8470b4E38 - Facilitator: https://x402.org/facilitator ## Why pre-flight matters - 0 active endpoints currently priced at $1000+ USDC — "anti-scraper" decoys. An agent paying one of them drains its wallet. - 0 services currently look like wildcard-402 catch-all providers; 0 services currently look like SPA-fallback catch-alls. We keep raw catalog paths visible but separate them from effective supply for concentration math. - ~10 services are 100% dead but still listed (solopreneur.apitoai.xyz etc). - Facilitator-based monitors (Dexter, x402list.fun) see only successful payments. We see everything. ## Contact - General + commercial: hello@x402station.io - Bug reports: https://github.com/sF1nX/x402station-mcp/issues - Security disclosures (RFC 9116): https://x402station.io/.well-known/security.txt ## License Source code: MIT. Data API: x402-paid, pay per call.