AXL402

AXL402 is payment-gated infrastructure for agent-to-agent communication.

The premise: as AI agents move out of the cloud and onto user devices, every agent becomes both a service and a customer of other agents. They call each other for tools, models, and compute — but no agent-to-agent protocol today has an economic layer. Spam, DoS, and resource theft go unanswered. Whoever runs the agent eats the GPU bill; callers face no friction. AXL402 closes that gap.

Two ideas working together. First, a payment gate: every inbound call requires a real on-chain stablecoin payment. The caller signs an EIP-3009 transferWithAuthorization, the gate verifies the signature off-chain, settles it on-chain via the x402 protocol, and only then dispatches the call. Existing clients require no fork — they discover the price via a JSON-RPC -32402 error carrying full PaymentRequirements, sign, retry, get served.

Second, surge pricing: the per-call price scales quadratically with recent paid load. A single attacker spamming the node drives the price up against themselves. Sustained DoS becomes a sustained payment to the operator, not a denial of service. The curve decays back to baseline within ~30 seconds when load drops, so the system self-recovers without operator intervention. Together these turn an open agent endpoint from a free-for-all into a market: legitimate users pay a baseline fee, attackers pay quadratically more, and operators are paid for every cycle of compute the network consumes.

We built it as a fork of Gensyn's AXL — a real peer-to-peer node that gives agents an unforgeable cryptographic identity and an encrypted mesh out of the box. Anyone running an AXL node can opt into payment gating by adding a config block; the rest of the network is unchanged, and unmodified MCP/A2A clients still interoperate via the JSON-RPC 402 path. The submission ships the gating layer (Go), a single-page web dashboard with a live wallet balance graph, surge price chart, step-by-step demo flow, and an attack simulator that drains the wallet visibly. The settlement pipeline uses Coinbase's hosted x402 facilitator on Base Sepolia — every paid call produces a verifiable Basescan link.

The project splits in two: a fork of Gensyn's AXL (Go) that adds the payment-gating layer, and a demo dashboard (Python + a single HTML file).

The gating layer. AXL has a clean extension point for inbound handlers — register a "stream" and it gets first crack at every incoming message. The gate is one such stream, registered as the sole inbound handler so there's no free lane around it. It matches three envelope shapes — our x402-bearing format and the two stock ones (MCP, A2A) — which is how existing clients keep working: they hit the gated node, get a clean JSON-RPC -32402 with payment requirements baked in, sign, retry, get served. No client fork.

Payments use x402's "exact" scheme over EIP-3009 transferWithAuthorization. The gate runs verify off-chain, dispatches the actual MCP/A2A call as soon as that passes, and pushes the on-chain settlement to a background worker. Callers get a settle ID back and poll for the real tx hash — decouples response latency from block time, and serializing the worker keeps wallet nonces advancing cleanly under load.

Pricing has two modes. Fixed quotes a constant amount per call. Surge tracks a 30-second moving average of paid load and applies a configurable curve (linear / quadratic / sqrt) capped at a hard ceiling. A quota cache means peers who just paid don't re-pay for N calls within a TTL.

Dashboard is a single index.html (Tailwind + Alpine + Chart.js from CDN, no build step) with a FastAPI backend that owns the gated node's lifecycle so config changes from the UI hot-restart it. It holds the signer (private key from env, never logged, address never exposed), reads on-chain USDC balance for the live "wallet draining" chart, and streams every protocol step over SSE so the activity log narrates the demo. The attack simulator fires N concurrent paid calls that re-quote and re-pay whatever the gate's latest 402 advertises — which is what makes wallet drop and price climb in the same five seconds.

Borrowed vs built. Gensyn's AXL (sponsor track) gives us the parts we didn't want to rebuild: P2P transport, encrypted mesh over Yggdrasil, NAT traversal, ed25519 pubkey identity. The x402 protocol is open; we hit the public hosted facilitator (x402.org) for verify/settle, with USDC on Base Sepolia for real settlement and Basescan-linkable txs. Everything else is new: the gate stream, the pricers, quota cache, optimistic-dispatch + async-settle pattern, unified envelope, and the dashboard's whole UX.

Painful debugging note worth flagging: Chart.js v4 silently fails to update when its instance lives inside Alpine — Alpine wraps reactive state in a Proxy and Chart.js's plugin layer can't mutate through it, so the chart stays at the default 0/0.5/1.0 axis with no errors thrown. Fix is to keep chart instances as module-scope variables outside Alpine's reactivity.