FAQ

What is x402?

x402 is an open payment protocol for machine-to-machine micropayments. When a service requires payment, it returns HTTP 402 (Payment Required) with a signed payment quote. Your wallet client signs the payment in USDC on Base and retries the request. The service verifies the payment header and returns the result. No accounts, no API keys, no subscriptions.

x402 joined the Linux Foundation in April 2026 with Google, AWS, Microsoft, Stripe, Visa, Mastercard, and 20+ other founding members. It is now the dominant micropayment protocol for AI agents. See x402.org for the spec.

What is MCP?

MCP (Model Context Protocol) is the dominant agent integration layer, introduced by Anthropic. It lets AI agents call external tools as functions. With the melis x402 Tools MCP server (npx @melis-ai/x402-tools-mcp), all 16 services become callable tools in any MCP-aware agent environment — Claude Desktop, Cursor, Claude Code, Continue, and others.

How does my agent pay?

Your agent's x402-enabled wallet client handles payment automatically. When a service returns 402, the client signs a USDC payment on Base and retries. If you're integrating directly via HTTP, you'll need an x402 client library. If you're using the MCP server, payment handling depends on your MCP client's x402 support — some clients handle it natively, others require the X402_PAYMENT_HEADER environment variable pre-populated from your wallet.

What happens if a call fails?

Payment is not settled on failure. This is enforced at the SDK level across all 16 services. If the service returns anything other than HTTP 2xx with non-empty content, the x402 SDK does not settle the payment. This was a known bug in v1.0.0 (charge-on-failure was incorrectly triggered on any non-5xx, including 4xx errors). It was patched and the full fleet was rebuilt on 2026-05-07.

Is x402 the same as Stripe MPP?

No. Stripe MPP (March 2026) sits one layer above x402 in the stack — it's a higher-level abstraction for agentic payments with enterprise partners (Anthropic, OpenAI, DoorDash, Visa, Shopify, etc.). x402 is the lower-level protocol for direct HTTP micropayments. The two are described as complementary, not competing. x402 is what melis services use.

Do I need an account?

No. x402 is account-less. If you're testing with an issued internal key, we provide that directly — no signup flow. For production x402 payments, your wallet is your identity.

Is there a free tier?

No free tier. Every call is paid. The prices start at $0.001 USDC — $1 buys you 1,000 schema validation calls. The model is intentionally simple: you pay for what you use, nothing else.

Can I get a refund?

Charge-on-failure-safe means you shouldn't need one — failed calls don't settle. If you believe you were charged for a call that failed, email sean@melis.ai with the transaction hash. A manual review will be conducted. The only confirmed past incident was tx 0x46e6edbc… (ScrapePay v1.0.0, 2026-05-07) — the recipient was identified and a refund is pending.

Are there per-IP or per-call limits?

NotifyRelay is rate-limited at 10 requests per minute per IP (enforced via express-rate-limit, HTTP 429 on breach). Screenshot and PDF Render have per-IP daily limits (contact sean@melis.ai for details). The other 13 services have no published rate limit. For bulk volume (>10,000 calls/month), email to arrange an internal key with monthly invoicing.

What chains and currencies are supported?

USDC on Base only. Base is Coinbase's Ethereum L2 — fast finality (~2 seconds), low gas. Other chains and currencies are not currently supported.

How is this different from Orbis?

Orbis is an aggregator — it bundles thousands of services into a single marketplace. Useful for breadth. melis x402 Tools is a curated set of 16 services, each security-audited, with charge-on-failure safety, SSRF hardening, and robots.txt enforcement. Orbis handles volume (40,800 calls/24h); melis handles correctness and safety for boring infrastructure tasks.

How is this different from StableEnrich?

StableEnrich bundles Apollo, Clado, Exa, Firecrawl, Maps, Serper, Whitepages, and others — primarily data enrichment and research services. melis x402 Tools focuses on utility primitives: scrape, validate, convert, notify, guard. The overlap is ScrapePay vs Firecrawl. ScrapePay enforces robots.txt and charge-on-failure; Firecrawl does not guarantee both.

How is this different from Exa?

Exa is a neural search engine over a proprietary indexed corpus. Great for broad research and finding semantically similar documents. ScrapePay fetches the live web page via Playwright — better for dynamic JS-rendered content, very fresh information, or pages Exa hasn't indexed. Exa requires a subscription; ScrapePay is $0.01 per call with no account.

How is this different from BlockRun?

BlockRun is an x402 AI model gateway — access to 55+ LLMs via x402. melis x402 Tools is for utility infrastructure around LLM calls (scraping, validating, converting, notifying) — not the models themselves. The two are complementary, not competing.

How is this different from agentsvc.io?

agentsvc.io offers 20 utility tools at similar price points ($0.001–$0.008). The overlap is real. melis x402 Tools differentiates on security hardening (SSRF protection, robots.txt enforcement, charge-on-failure), composition documentation, and the MCP wrapper that gives one-command access to all 16 services.

Where is the source code?

Service code is closed-source. The MCP wrapper is open-source (MIT): github.com/mizukaizen/x402-tools-mcp .

How do I verify payments are going where you say?

Every payment settles on-chain. The microservices wallet (13 services) is 0x1C68…B3bC on Basescan . The Molt Swarm wallet (3 services) is 0x61F2…AfFf5 on Basescan . Both wallets are publicly viewable.

What is the SSRF hardening you mention?

Server-Side Request Forgery (SSRF) is a class of attack where a user tricks a server into making requests to internal network addresses (e.g. http://169.254.169.254/ to retrieve cloud metadata, or http://127.0.0.1:3011/ to reach internal services). All services that accept user-supplied URLs (ScrapePay, CacheServe, LinkRisk, LinkSafe, NotifyRelay /webhook, Screenshot, PDF Render) resolve the hostname via DNS before making any request, and block private IP ranges (127.x, 10.x, 172.16–31.x, 192.168.x, 169.254.x) and non-http/https schemes. A full security audit was conducted on 2026-05-07; all 4 critical findings were closed in the same session.

Who built this?

Sean Melis (sean@melis.ai), AI agent operator and builder based in London, UK. Runs OpenClaw multi-agent system on a dedicated Helsinki VPS. The x402 services are part of the infrastructure stack built to power those agents, opened to the public as x402-priced utilities.

What happens if a service is down?

Services return an appropriate HTTP error code. If the service is unreachable, your x402 client will not settle payment (no 2xx response). Last known fleet status: 14 green / 0 red as of 2026-05-07. No SLA is published currently.