What is x402station.io?

Independent risk-signal layer for x402 agentic commerce — endpoint evidence (decoy / zombie / price-trap / never-paid) before an agent authorizes payment.

What is Preflight by x402station.io?

Preflight by x402station.io returns endpoint evidence before agents or policy engines authorize payment.

How do agents call x402station.io?

Agents call JSON endpoints such as POST /api/v1/preflight, sign the x402 payment challenge, and retry with PAYMENT-SIGNATURE. High-volume agents can use X-Credit-Id from prepaid Credits.

How much does x402station.io cost?

Preflight costs $0.001 USDC per call on Base mainnet. Preflight Batch costs $0.025 for up to 50 URLs, Credits costs $0.50 for 1000 prepaid Preflight calls, Watch costs $0.01 for 30 days, and Verified costs $1.00 for a 30-day provider certificate.

Is there a free trial?

Yes. POST /api/v1/preflight-trial is a free anonymous self-test endpoint with no PAYMENT-SIGNATURE. It returns the same Preflight verdict shape, limited to one URL per call, 10 calls per IP per UTC day, and a 5-minute cache.

What are the six x402station.io directions?

The six directions are Discover with Catalog, Evaluate with Preflight, Pay with Credits, Monitor with Watch, Recover with Alternatives, and Analyze with Forensics and Verified.

What production network does x402station.io use?

Production paid endpoints settle USDC on Base mainnet through the x402 payment flow and Coinbase CDP facilitator path.

about x402station.io

Independent risk-signal layer for x402 agentic commerce. Agents and policy engines query x402station.io for endpoint evidence — decoy, zombie, price-trap, never-paid, latency, and settlement checks — before authorizing PAYMENT-SIGNATURE. x402station.io continuously probes x402 endpoints and returns evidence so an AI agent, wallet, or policy engine can decide before authorizing USDC payment.

The problem

x402 is the HTTP 402 payment protocol Coinbase and Cloudflare use for agent-to-service payments. agentic.market lists ~49,000 payable endpoints. The catalog is a minefield for naive agents:

74 endpoints currently listed at ≥$1,000 USDC per call — anti-scraper soft-locks. An auto-paying agent drains its wallet on the first call.
~14 services 100% erroring in the last hour but still listed is_active: true.
Raw catalog paths and effective endpoint supply can diverge. We flag wildcard-402 and SPA-fallback catch-alls so agents do not mistake generated paths for independent supply.
Median real price is $0.02 USDC. The honeypot zone hides inside that price floor — five orders of magnitude apart, identical schema. A naive routing decision is a wallet drain.

Facilitator-based monitors (x402gle, 402index, x402list.fun) only see successful payments. They cannot see endpoints nobody ever called — decoys, zombies, dead routes, wildcard-402 catch-alls, or SPA-fallback app shells. Independent probing is the only way to surface those.

What we built

A measurement layer that sits below agent-side payment policy. Six product surfaces backed by one continuous probe pipeline:

Preflight — synchronous pre-flight check. Agent calls POST /api/v1/preflight for $0.001 USDC before paying any unfamiliar URL. Returns {ok, warnings, metadata}. Free agent self-test is available at POST /api/v1/preflight-trial without PAYMENT-SIGNATURE; production use should upgrade to paid Preflight for fresh data, bulk, and SLA.
Forensics — 7-day diagnostic for any URL. Agent posts the URL once, gets back uptime %, p50/p99 latency, signal flags, peer comparison. $0.001 USDC. Used at integration time, not per-call.
Watch — async webhook alerts. Subscribe a URL once for $0.01 USDC; get pushed an alert when it flips state (dead, zombie, decoy, wildcard-402, SPA-fallback, price drift, concentration change, recovered). 30-day window, 100 prepaid alerts.
Verified — supply-side. Service operators mint a $1 USDC certificate proving their endpoints aren't on the blacklist. Re-mint anytime to refresh the 30-day window.

Signals include decoy, zombie, price-trap, never-paid, latency, signature/settlement checks, wildcard-402, SPA-fallback, and concentration evidence. We measure and report; we do not route, take custody, or endorse. Zombie means CDP-confirmed zero-pay across 30+ days plus unhealthy probe history; decoy means an endpoint priced or delayed like an anti-scraper trap rather than a real payable service.

All live product surfaces share the same open signal vocabulary — protocol-agnostic terms (decoy_price_extreme, zombie, dead, price_drift, high_concentration, wildcard_402, spa_fallback, recovered). Same words, four different agent surfaces.

For a side-by-side matrix against nine near-direct x402 trust services, see /vs.

How it works

One probe worker continuously sweeps the catalog (every endpoint, every ~10 minutes). Probe results go into a TimescaleDB hypertable. A signal classifier applies the open vocabulary on every probe. The classifier output drives all live paid surfaces:

agentic.market catalog (49k endpoints)
        │
        ▼
  probe worker  ──── every 10 min ────→ TimescaleDB
        │                                    │
        │                          signal classifier
        │                                    │
        ▼                ┌───────────────────┼───────────────────┐
                         ▼                   ▼                   ▼
                    Preflight          Forensics             Watch
                  (sync $0.001)        (7d $0.001)        (async $0.01)
                         │                                       ▲
                         └────── shared signal vocabulary ───────┘

Who it's for

Agent developers integrating x402 payments — wrap your fetch with Preflight middleware and your agent stops paying traps.
x402 service operators — mint a verified-badge cert; agents using Preflight prefer verified endpoints when routing alternatives.
x402 Foundation, Coinbase CDP, Cloudflare Agents — open signal spec is protocol-agnostic; reference us in tutorials.
Crypto data researchers — six months of hourly catalog snapshots are public at /reports/state-of-x402.md.

What we don't do

We do not route payments. We classify endpoints; the agent decides whether to pay.
We do not store agent secrets, wallets, or PII. Probe-and-publish only.
We do not sell agent inboxes or bid on traffic. The signal vocabulary is objective and open.
We do not gate-keep verified status: a provider can pay for the audit, but cannot pay to remove a risk signal. Different paths, different gates.

Stack

Bun + TypeScript probe workers
Postgres 17 + TimescaleDB on a €4/mo Hetzner ARM box
Next.js 16 dashboard + paid endpoints
Coinbase CDP public x402 facilitator
Whole thing fits in 4 GB of RAM

Get started

Read the full specification — endpoints, signal vocabulary, agent integration patterns. Written AI-first.
Install Preflight into your agent runtime — npm middleware, MCP server, or raw API.
Read the 60-day case study — what we blocked and what changed.
Email hello@x402station.io — bugs, feature requests, edge cases. Operator input shapes the roadmap directly.