Paybot

PayBot demonstrates the X402 Payment Required protocol for physical device access control through blockchain micropayments. Built for the Coinbase Developer Platform Hackathon, it showcases gasless transactions enabling pay-per-use robot control with QUSD stablecoin payments, without requiring users to hold ETH for gas fees.

The system implements a complete payment facilitator architecture where users sign QUSD payment authorizations in their wallet, and a facilitator service submits the transaction on-chain while paying gas fees. This enables true micropayments for IoT and robotics applications where gas costs would otherwise be prohibitive.

The payment flow: User clicks to unlock robot access, wallet prompts for signatures (QUSD token approval + payment intent), facilitator verifies and submits the transaction to the blockchain (paying gas), QUSD payment is escrowed on-chain with expiration time, user gains access to robot control interface, countdown timer shows remaining rental time. Once the rental period expires, the service provider can claim the escrowed QUSD tokens.

This architecture solves the "gas fee problem" for micropayments by having a facilitator pay gas on behalf of users, making it economically viable to rent hardware for small QUSD amounts. For example, paying 1 QUSD for 5 minutes of robot control becomes viable when users don't need to spend $2-5 in gas fees per transaction. The stablecoin nature of QUSD ensures predictable pricing for time-based rentals. The X402 protocol standardizes this payment flow, making it portable across any service requiring HTTP payment authentication.

Real-world use cases include: Robot rentals for education and research, IoT device access control, API rate limiting with QUSD payments, content paywalls, compute resource sharing, 3D printer time rentals, drone control access, scientific equipment sharing, telescope time, CNC machine access, and any scenario requiring programmable, time-based access control with cryptocurrency micropayments.

The demo controls an actual UGV (Unmanned Ground Vehicle) rover accessible at a physical location. After payment in QUSD, users receive iframe access to the robot's control interface for the duration of their rental period, demonstrating real-world hardware integration with blockchain payments and stablecoin transactions.

PayBot is built on a modern blockchain stack leveraging Coinbase's developer tools and the X402 payment protocol specification. The architecture consists of smart contracts, a payment facilitator service, a resource server, and a React frontend, all containerized with Docker for reproducible deployments.

Smart Contracts (Solidity): The core is two smart contracts deployed on Base-compatible networks: QUSDToken (ERC20 with EIP-2612 permit extension) and Escrow (time-locked payment management). The Escrow contract implements a gasless payment function createPaymentWithPermit that accepts EIP-712 signatures for both token approval and payment intent, allowing a third-party facilitator to submit transactions on behalf of users. This eliminates the need for users to hold ETH for gas fees.

Payment Facilitator (TypeScript + Hono): The facilitator is the mission-critical component that enables gasless transactions. It exposes an X402-compliant /settle endpoint that receives base64-encoded payment payloads from the frontend. The facilitator verifies EIP-712 signatures using viem's cryptographic utilities, then submits the createPaymentWithPermit transaction using its own funded wallet. This service pays gas fees on behalf of users, making micropayments economically viable. We use Hono framework for its lightweight performance and TypeScript support.

Frontend (React + wagmi + viem): Built with React and TypeScript, the frontend uses wagmi hooks for wallet connection (supporting MetaMask, Coinbase Wallet, WalletConnect) and viem for low-level Ethereum interactions. The payment flow uses signTypedData to create EIP-712 signatures without requiring transaction submission from the user's wallet. We implemented a custom usePayment hook that orchestrates the entire flow: calculate nonces, create permit signature, create payment intent signature, encode payload, send to facilitator, and poll for confirmation. The BotAccessGate component conditionally renders locked/unlocked states with a CountdownTimer showing remaining rental time. After successful payment, it mounts the web interface running directly on the UGV rover.

Resource Server (TypeScript + Hono): A separate service validates X402 payment headers before proxying requests to the actual robot control interface. This server can verify on-chain payment status and enforce access control, forwarding commands to the physical robot only when valid payments exist. It acts as an HTTP 402 Payment Required gateway.

Development Infrastructure: Hardhat provides the local blockchain development environment with deterministic contract addresses. We wrote a custom shell script start-and-deploy.sh that automatically deploys contracts when the Hardhat container starts, exports ABIs to a shared Docker volume, and makes them available to the frontend without manual intervention. All services run on Alpine Linux containers using Bun runtime for faster execution.

Particularly Hacky/Notable Techniques:

1. Browser-compatible base64 encoding: The X402 protocol requires base64-encoded payloads. We had to implement dual-mode encoding using globalThis.btoa for browsers and Buffer for Node.js, since standard libraries assume one environment or the other.

2. Docker volume contract sharing: Contracts are deployed in one container (hardhat-node) but need to be consumed by another (web frontend). We use a named Docker volume contract-exports that's written by the deployment script and mounted read-only in the web container, enabling hot-reloading during development.

3. EIP-712 signature coordination: Creating gasless payments requires coordinating TWO separate EIP-712 signatures (permit + payment intent) with matching nonces and deadlines. We had to carefully manage nonce fetching from both the token contract and escrow contract, ensuring they're used correctly in signature generation.

4. POSIX shell compatibility: Alpine Linux uses /bin/sh not /bin/bash, so our deployment script uses POSIX-compliant syntax (while loops instead of bash ranges) and wget instead of curl for maximum portability.

5. Physical hardware integration: The UGV rover runs its own web server for control interface. After payment verification, users access this interface directly from the robot, demonstrating real-world hardware integration with blockchain payment gates.

Partner Technologies: Coinbase CDP SDK for blockchain interactions and X402 protocol types, Base Network as target deployment chain for gasless transactions and low fees, and wagmi/viem official Ethereum libraries providing React hooks and TypeScript-first Web3 primitives.

Why this architecture works: The facilitator pattern is key to making micropayments practical. By separating signature creation (free) from transaction submission (costs gas), we enable users to authorize payments without holding native tokens. The facilitator can batch multiple settlements, optimize gas usage, and even sponsor transactions for promotional purposes. This unlocks use cases like pay-per-second streaming, micro-rentals, and IoT device access where traditional blockchain payments would be economically infeasible.