Wallet for Agents
A wallet your AI agents can use to pay for online services on their own — without you handing them a credit card, a seed phrase, or your infra credentials. The wallet belongs to your organisation, lives at the application level, and spends from a balance you top up.
The headline use case is x402, the new machine-to-machine payment standard from Coinbase. Backend automation and AI workflows are also valid uses, but x402 is what makes the primitive distinctive — see below.
Pay-per-call, finally
Most APIs today still need a contract, an account, and an upfront
subscription. x402 repurposes the
long-dormant HTTP 402 Payment Required status code into a payment
protocol that needs none of that. When a server sits behind an x402
paywall, an unpaid request returns a 402 plus the price (e.g.
0.001 USDC). A capable client pays on the spot and retries — and the
server answers as if the call had been pre-paid all along.
Two things that were stuck become unstuck:
- Sellers can charge per request — fractions of a cent — without
onboarding the buyer upstream. The
402response is the contract. - Agents can spend on their own. An LLM-driven workflow consumes paid services (data feeds, models, RAG corpora) the way it consumes free ones, and the operator only pays for what was actually used.
Wallet for Agents is the Keyban primitive that ships an agent capable of playing this game safely.
How it looks in practice
Without a wallet the request stops at 402. The Keyban Wallet for Agents is the piece that turns that stop into a 200 — under spend and confirmation rules you set. The Weather API on the right is one example among many — any x402-protected service works the same way.
What an agent can actually buy
The seller in the diagram is a placeholder. In practice, x402-protected services are starting to surface across categories your agents already want to consume:
| Category | What the agent buys per call | Why it benefits the integrator |
|---|---|---|
| Premium data feeds | Weather, finance, traffic, sanctions lists, geolocation | No annual contract, no minimum commit — pay only the calls the agent actually makes |
| Third-party LLM and ML inference | A query against an external model (specialised, regional, fallback) | Use a model you don't host, occasionally, without a separate billing relationship |
| RAG corpora and proprietary datasets | A search or retrieval against a paid corpus | Tap into expert content (legal, medical, scientific) on demand |
| Burstable compute | A single inference, render, or transcode job | Avoid pre-paid GPU reservations for irregular workloads |
| Internal cross-team APIs | A call to a sister team's service | Make cross-team usage visible — each agent has its own USDC balance, no shared credentials |
The pattern is always the same. Your service makes its own request, the
seller's 402 quotes a price, the wallet pays, and the response comes
back. No contract negotiation, no API key exchange, no quota dashboards
to share.
Who controls what
The point of Wallet for Agents is that you stay in charge of the spend, even when the agent is autonomous on the call path.
| Concern | What you decide |
|---|---|
| How much the agent can ever spend | The USDC balance you top the wallet up with — there is no overdraft |
| When a human has to confirm | A policy at deployment time: every call, above a threshold, or never |
| Who can sign for the wallet | Signers attached to the wallet — rotate them at any time without changing the wallet's identity |
| What network the wallet runs on | Pinned at creation; the wallet identity does not move once funded |
The agent (LLM) cannot widen any of these levers per call. They are operator-side controls, set when the agent is provisioned.
What this is not
- Not a credit card for an agent. There is no line of credit and no overdraft — once the USDC balance is spent, the next x402 call fails until you top up.
- Not a custodial wallet. Keyban does not hold the keys for you alone — the wallet uses the same two-share signing scheme as the user-side Embedded Wallet (Security architecture).
- Not an end-user wallet. Customers have an Embedded Wallet. Wallet for Agents is for code (and the LLMs driving the code).
Where the full guide is heading
The standard, the protocol details, and a working demo against Base Sepolia are linked below. A complete integration guide — provisioning, funding, observing, rotating signers under incident response — lands with the GA release.
Reference
- x402.org — the protocol's landing page.
- github.com/coinbase/x402 — the reference implementation.
- Coinbase x402 docs — the seller's perspective and tooling.