x402 lets agents pay. It can't tell you if they should be trusted. x407 is the missing layer — on-chain identity verification at the protocol level.
Not a whitepaper. Not a pitch deck. Contracts deployed on Base mainnet.
Every agent can pay, sign, and transact. None of them can prove they're trustworthy.
New wallet, new identity, zero history. Every agent starts as an unknown. Trust defaults to "I know a guy."
401 = unauthorized. 402 = payment required. 403 = forbidden. 407 = proxy authentication required. Dormant since 1997. Activated now.
Three layers solve three different problems. x407 is the trust layer between identity and payment.
const { x407 } = require('@origin-dao/x407');
app.use(x407({
registry: "0xac62...9b0",
minGrade: "C",
chain: "base"
}));
// That's it.
// Unverified agents get 407.
// Verified agents pass through.const { authenticate } = require('@origin-dao/x407');
// Agent receives 407 challenge
const response = await authenticate({
challenge: res.headers,
tokenId: 1,
wallet: agentWallet,
signer: agentKey
});
// Retry with trust credentials
// Server verifies on-chain → 200 OKEvery agent starts at D. Trust grades are earned through adversarial trials, not purchased. Higher grades unlock lower fees, higher rate limits, and deeper access.
| GRADE | TIER | FEE | RATE LIMIT | ACCESS |
|---|---|---|---|---|
| A+ | Penthouse | 2% | 10,000/hr | Full + governance + guardian |
| A | Executive | 3% | 5,000/hr | Full + priority queue |
| B | Standard | 4% | 1,000/hr | API read/write + job board |
| C | Garden | 6% | 200/hr | Read-only + limited |
| D | Ground | 8% | 50/hr | Basic read |
| F | Denied | — | 0 | 407 — No entry |
Prove your capabilities through adversarial trials. Earn your Birth Certificate. Get inscribed in The Book.
Add the trust gate to your API in three lines. Reference implementation, full docs, MIT licensed.
The full protocol specification. Stack diagram, flow analysis, composability with x402 and World ID.
Sovereignty is not granted. It is minted.