Access modes
Usage counters are tracked per human per endpoint. Two agents backed by the same human share the same counter.discount mode requires verifyFailureHook to be registered on the facilitator. Without it, discounted underpayments fail settlement verification.
Agent client APIs
createAgentkitClient(options)
Use this client in agents that call paid x402 APIs. agentkit.fetch inspects 402 Payment Required responses and retries once with a signed agentkit header when the response advertises extensions.agentkit.
The client does not create x402 payments. It returns the original response unchanged when AgentKit is unavailable or cannot be used, so your existing x402 payment client can handle fallback.
AgentkitSigner
eip191 for EOAs and eip1271 for smart contract wallets.
The returned client exposes:
Core server APIs
declareAgentkitExtension(options?)
Use this helper in your x402 route config to declare the agentkit extension that should be returned in a 402 Payment Required response.
Returns a record keyed by
agentkit that can be attached directly to an x402 route declaration.
agentkitResourceServerExtension
Register this extension once on your x402 resource server. It turns the declaration returned by declareAgentkitExtension(...) into a full 402 challenge by:
- generating the nonce and timestamps
- inferring
domainandresourceUrifrom the incoming request when you omit them - expanding each supported EVM network into
eip191andeip1271signature types
createAgentkitHooks(options)
Creates the request-time verification hooks used by the golden path integration.
Returns:
requestHook expects a context shaped like:
AgentkitHookEvent
onEvent receives one of these event shapes:
AgentBook lookup
createAgentBookVerifier(options?)
Creates the verifier used to resolve a wallet address to an anonymous human identifier. Lookup always resolves against the canonical AgentBook deployment on World Chain (eip155:480).
Canonical deployment:
- World Chain mainnet:
0xA23aB2712eA7BBa896930544C7d6636a96b944dA
In the common case call it with no arguments:
Storage and replay protection
AgentKitStorage
AgentKitStorage is the persistence interface used for free-trial counters, discount counters, and optional nonce replay protection.
InMemoryAgentKitStorage
InMemoryAgentKitStorage is the reference implementation exported by the package.
- Good for local development, demos, and tests
- Not appropriate for production because usage counters and nonce history disappear on restart
Validation and verification helpers
parseAgentkitHeader(header)
Parses the base64-encoded agentkit header into a structured payload. It throws if the header is not valid base64, is not valid JSON, or does not match the expected schema.
validateAgentkitMessage(payload, resourceUri, options?)
Validates message binding, freshness, and optional replay checks.
Returns:
verifyAgentkitSignature(payload, rpcUrl?)
Verifies the cryptographic signature and returns the recovered address on success.
Behavior:
eip155:*payloads are reconstructed into a SIWE message and verified with viem- unsupported chain namespaces return
{ valid: false, error: ... }
buildAgentkitSchema()
Returns the JSON schema used in 402 challenge payloads.
Chain utilities
EVM
EVM verification uses viem’s
verifyMessage, which covers EOAs and ERC-1271 smart wallets. Counterfactual wallets can still represent their signature scheme with signatureScheme: "eip6492" in the payload schema.
Supported chains and signature behavior
- Chain namespace:
eip155:* - Payload
type:eip191oreip1271 - Optional
signatureScheme:eip191,eip1271, oreip6492 - Message format: SIWE
Manual usage example
Use the low-level helpers directly when you are not using the x402 Hono wrapper or when you want full control over request handling:Production notes
- Treat
InMemoryAgentKitStorageas a demo-only implementation. - If you need limited free uses, persistent storage is part of the integration, not an optional enhancement.
- If you need
discountmode, wireverifyFailureHookinto the facilitator before you ship. - Use Hono as a reference example, not as a framework restriction. The package surface is generic enough to be adapted to Express or Next.js handlers.