SYS // v0.1.0-ALPHAHEALTH // Nodes (6/6) OK
UNTRACEDocumentation

Crypto x402 Escrow Payments Layer

The Untrace Escrow Payments Layer combines programmable on-chain escrow with the HTTP 402 Payment Required standard — enabling native, machine-readable payment flows between humans, businesses, and AI agents directly at the protocol level.

What Is x402?

HTTP 402 Payment Required is a long-reserved HTTP status code that has historically gone unused. Untrace adopts and extends the emerging x402 standard — a protocol for embedding payment requests directly into HTTP responses, enabling any HTTP client (browser, API consumer, or AI agent) to handle payment natively.

When a resource or service requires payment:

  1. The server responds with 402 Payment Required + a machine-readable payment descriptor
  2. The client reads the payment terms, constructs a payment transaction, and includes a signed proof in the next request
  3. The server verifies the proof and fulfills the request

No redirect to a payment page. No third-party processor. No latency. Native to the protocol stack.

Untrace Escrow: How It Works

Untrace's escrow layer extends x402 with smart contract-enforced escrow — funds are not released until cryptographically verifiable conditions are met.

Basic Flow

[ Buyer submits payment → locked in Untrace escrow contract ]
          ↓
[ Seller receives proof-of-escrow, begins delivering service ]
          ↓
[ Delivery verified by: (a) buyer signature, (b) ZK oracle, or (c) timeout ]
          ↓
[ Funds released to seller automatically ]
          ↓
[ On-chain receipt anchored — tamper-evident record ]

If a dispute arises, neither party can unilaterally access funds. Resolution requires either mutual agreement or an on-chain arbitration mechanism.

x402 Payment Descriptor

When an Untrace-enabled service requires payment, it returns a structured 402 response:

HTTP/1.1 402 Payment Required
Content-Type: application/json

{
  "x402Version": 1,
  "accepts": [
    {
      "scheme": "exact",
      "network": "untrace-mainnet",
      "maxAmountRequired": "10000000",
      "asset": "0xUNT...",
      "payTo": "0xSeller...",
      "escrow": true,
      "escrowConditions": {
        "releaseOn": "buyer_signature",
        "timeoutHours": 72,
        "arbitrationEnabled": true
      },
      "memo": "Document storage — 1GB / 30 days"
    }
  ],
  "error": "Payment required to access this resource"
}

The client parses this, generates the payment transaction, and re-submits with a X-PAYMENT header containing the signed payment proof.

Escrow Release Conditions

Untrace escrow contracts support multiple release triggers:

| Condition | Description | Use Case | | ------------------------- | ------------------------------------------------------------------------------------------ | ---------------------------------------- | | Buyer signature | Buyer explicitly confirms receipt | Service delivery, freelance work | | ZK oracle attestation | External verifiable event (delivery confirmed, API call made) | Automated services, API billing | | Timeout release | Funds auto-release after N hours if no dispute raised | Default safeguard for low-friction flows | | Multi-sig approval | K-of-N parties must sign (e.g., buyer + arbitrator) | High-value transactions | | On-chain event | Triggered by a smart contract event (NFT transfer, document signed) | Composable DeFi and dApp interactions | | ZK condition | Privacy-preserving condition (e.g., "confirm delivery without revealing shipper identity") | Privacy-sensitive supply chains |

AI Agent Payments

The x402 standard is purpose-built for the AI agent economy. Autonomous agents browsing the web, calling APIs, and interacting with services need a machine-native payment primitive — not a human-facing checkout flow.

Untrace's implementation enables:

// An AI agent accessing a paid API endpoint
const response = await agent.fetch("https://data-api.example.com/report/q1-2026", {
  paymentHandler: untraceWallet, // Automatically handles 402 responses
  maxPayment: "5.00",            // Safety ceiling in USD-equivalent
  currency: "$UNTRACE",
})

The agent handles the entire x402 negotiation, escrow deposit, and payment proof in a single request cycle — no human intervention required.

This enables a new class of fully autonomous, value-exchanging AI agents that can pay for data, compute, and services on-chain natively.

Integration

For Sellers (Paywalled Services)

import { x402Middleware } from "@untrace/x402"

// Express / Next.js middleware
app.use("/premium", x402Middleware({
  price: "2.50",
  currency: "$UNTRACE",
  escrow: true,
  releaseOn: "buyer_signature",
  description: "Premium API access — 1,000 requests",
}))

For Buyers (Paying Clients)

import { x402Client } from "@untrace/x402"

const client = x402Client({ wallet: untraceWallet })

// Automatically handles 402 responses
const data = await client.fetch("https://api.example.com/protected-endpoint")

Security

| Risk | Mitigation | | ------------------------------ | ------------------------------------------------------- | | Seller disappears after escrow | Timeout release returns funds to buyer | | Buyer refuses to sign release | Arbitration mechanism; ZK oracle fallback | | Payment proof replay attack | Payment proofs include nonce + block height; single-use | | Escrow contract exploit | Audited contracts; formal verification in progress | | Privacy of payment terms | Payment memo stored in ZK vault; not exposed on-chain |

Further Reading

  • ZK Data Vaults — Privacy-preserving document storage often used alongside escrow
  • Web3 Access Control — How ZK conditions gate escrow release
  • Tokenomics — Escrow transaction volume contributes to $UNTRACE fee burn
  • Whitepaper — Full specification of the escrow contract architecture