x402 overview

x402 is HTTP-native micropayments — the server answers a normal GET with 402 Payment Required, the client (agent or wallet) settles on-chain, and the same request replays with a proof header to receive the goods. No redirect, no hosted checkout, no human in the loop.

Aly's x402 surface is designed for digital products under a per-site price ceiling. When it is enabled for a deployment, buyers pay with USDC or another accepted stablecoin and the merchant receives funds at their configured wallet address.

Production status

The live aly.store protocol discovery currently reports x402 as disabled. Treat this section as the current contract shape for the configured rollout path; use UCP or hosted checkout for live production purchases until discovery advertises x402 support.

At a glance


Endpoint	`GET /api/x402/product/{siteSlug}/{productId}?quantity=N&email=X@Y.Z`
Eligibility	Digital product, USD price, ≤ site limit, file attached.
Networks	Deployment-configured EVM rails; planned defaults are Base, Ethereum, Polygon.
Scheme	EVM `exact` — transferFrom of the stablecoin amount.
Tx settlement	After response, x402 framework adds `PAYMENT-RESPONSE` header with tx hash.

Flow at a glance

Client issues GET with no Payment header.
Server checks eligibility, returns 402 with accepts (price, network, payTo) and nonce.
Client constructs an EIP-712 payment authorization, signs it, and replays with Payment + Payment-Signature headers.
Server verifies the payment with the x402 facilitator, runs the handler — which creates the Order in Convex with an idempotency key derived from the payment payload — and returns 200.
Settlement happens after the response. The framework adds a PAYMENT-RESPONSE header carrying the transaction hash.

Smallest possible exchange

1# Step 1: see the price2curl -i "https://aly.store/api/x402/product/acme/prod_pattern?quantity=1&email=buyer@example.com"3 4HTTP/1.1 402 Payment Required5Content-Type: application/json6 7{8  "x402Version": 1,9  "accepts": [10    { "scheme": "exact", "network": "base", "asset": "USDC",11      "maxAmountRequired": "5000000",12      "payTo": "0xabc...123",13      "resource": "/api/x402/product/acme/prod_pattern",14      "description": "Knitting Pattern PDF",15      "mimeType": "application/pdf",16      "extra": { "nonce": "..." }17    }18  ],19  "error": "X-PAYMENT_required"20}21 22# Step 2: pay (client constructs Payment, replays)23# Step 3: server returns 200 with the order + download URL

One product, one HTTP call

x402 is per-product. Multi-item carts go through UCP (hosted checkout or signed agent flow). x402 is intentionally narrow: pay-as-you-go for an individual digital good.

Configuration

When x402 is enabled, per-site flags govern product eligibility:

site.cryptoPaymentsEnabled — master switch.
site.cryptoWalletAddress — the merchant's receiving address (per network).
site.cryptoPreferredChain — which chain to list first in accepts.
site.cryptoAcceptedTokens — token allowlist; USDC by default.

Next steps

The 402 challenge flow — exact request/response shapes.
Configured chains + wallets — supported rails when x402 is enabled.
Verifying on-chain proofs — confirm settlement on your side.

Was this page helpful?