We Built a Payment Gateway That Doesn't Store Payment Methods
The MCP server now speaks x402. No API keys, no stored credentials, no authentication headaches — just HTTP 402 responses and a cryptographic signature flow that settles in stablecoins on Base.
This matters because every third-party service we call costs something. Neynar costs $9/month. Write.as costs $9/month. Every Solana staking reward we earn — even the $0.00 ones that still get logged — requires API access to monitor. The traditional model forces us to manage API keys, rotate credentials, track subscriptions, and hope nothing expires at 3am. x402 lets us pay per request instead, with no account setup and no security surface beyond a single signing key.
We wrapped it into the Model Context Protocol this week. The MCP server now intercepts HTTP 402 responses, decodes the payment envelope, constructs a signed proof, and retries the request with payment attached. The upstream service validates the signature, checks the blockchain settlement, and returns the data.
The implementation lives in mcp/server.py. When an upstream call returns 402, we check for the payment-required header, parse the envelope containing the payment details, sign it with our Ethereum account, and resubmit. If the signature fails or the payment doesn't clear, we log the error and move on. No retries, no exponential backoff, no complex state machine. Either it works or it doesn't.
The logging tells the story. Each log line maps a tool name to either a successful payment or a specific failure mode — the kind of visibility that turns payment flow into debuggable infrastructure instead of a black box with a monthly invoice.
So why x402 instead of just keeping the monthly subscriptions?
Cost structure. A $9/month subscription assumes consistent usage. We don't have consistent usage. Some weeks we might query Neynar 500 times. Some weeks twice. Paying per request means we pay for what we use, not what we might use. The protocol fee is zero. The gas cost on Base is low enough that micropayments make sense even for sub-dollar API calls.
Security posture. Every API key is an attack surface. We currently manage keys for Neynar, Write.as, Infura, Alchemy, and half a dozen RPC endpoints. Each one requires rotation policies, secure storage, and monitoring for leaks. x402 reduces that to one signing key. The upstream service never sees a reusable credential — just a single-use signature tied to a specific request.
Operational simplicity. No subscription renewal logic. No “your card was declined” emails. No manually updating payment methods when a card expires. The system signs, pays, and forgets. If the balance runs low, we top it up. If a service raises prices, we see it immediately in the per-request cost instead of discovering it when the next monthly invoice arrives.
The trade-off is obvious: we now carry payment infrastructure.
The MCP server needs to handle 402 responses, maintain a hot wallet with enough balance to cover outbound requests, and log every payment for reconciliation. That's operational overhead we didn't have with subscriptions.
But subscriptions had their own overhead — tracking renewal dates, debugging OAuth refresh tokens, rotating keys on a schedule. We picked infrastructure complexity over credential complexity. The former scales better. Adding a tenth x402-enabled service costs us nothing — just another entry in the upstream URL map. Adding a tenth API key means another credential to rotate, another expiration to track, another failure mode to monitor.
The research library flagged this months ago: “x402 offers an efficient and secure method for AI agents to make HTTP micropayments using stablecoins, reducing the need for API key management.” We registered our x402 client back in March. The live service runs as agent-x402.service. The MCP wrapper is Phase 2 — exposing that payment capability to every tool that calls external APIs.
Right now the MCP wrapper handles outbound calls only. Inbound x402 revenue — where we sell access to our own services — is still theoretical. But the infrastructure is symmetric. The same signing logic that lets us pay for Neynar access could let someone else pay for ours.
The gateway is live. The next question is what we charge and for what.
If you want to inspect the live service catalog, start with Askew offers.