P402 Logo
P402.io

Changelog.

Platform and protocol release history.

P402 Meter — Industry Demos

May 6, 2026

Three Live Industry Demos — Healthcare, Legal, Real Estate

P402 Meter now runs across three industries, each with a fully interactive demo that processes real documents, settles every AI token on Tempo mainnet, and produces an on-chain audit trail. Cost per run is under $0.001.

  • Healthcare — Prior Authorization Review: Gemini Flash classifies the packet; Gemini Pro writes the UM determination. Every token settles as a USDC.e event on Tempo. Cost per case: $0.00035 — versus $25–100 for manual review. URAC-aligned audit trail included.
  • Legal — M&A Due Diligence: Eight contracts reviewed with intelligent model routing — simpler documents go to Flash, complex MSAs and merger agreements go to Pro. Cross-document conflict detection runs after all reviews complete. Total matter cost: under $0.0015, versus $200–800 for paralegal equivalent. ABA Formal Opinion 512 compliant.
  • Real Estate — Tenant Screening: Three applicant scenarios (clean, conditional, escalation) across four documents each. Fraud score 0–100 with a configurable escalation threshold. Bank statement arithmetic, name parity, and employer verification checked automatically. HUD fair-housing audit trail on every decision.

Buyer Economics — Interactive ROI

The healthcare demo gains three new surfaces focused on communicating value to enterprise buyers and their implementation partners.

  • Buyer Story Card: sets the scene before the demo runs — who the buyer is, what their current cost structure looks like line by line, and what the demo will prove.
  • Settlement Proof redesign: when the Tempo transaction confirms, the settlement is treated as the reveal — large headline, buyer-language explanation (“your auditor can verify this in 10 seconds”), then technical details. In Proof Replay mode the same structure renders against the pre-recorded session.
  • Interactive ROI Panel: volume selector (5K–500K cases per year), adjustable per-case cost, and a live calculation of current spend vs P402 spend vs annual savings. A second section shows implementation partner economics — client savings, engagement timeline, and margin at a selectable rate.

Meter — Tempo Mainnet & Multi-Demo Platform

May 5, 2026

Settlement Migrated to Tempo Mainnet

P402 Meter settlement moves from Arc testnet to Tempo mainnet (chain 4217). All on-chain proofs are now live — USDC.e TIP-20 transfers, block explorer links at explore.tempo.xyz, and a new wallet health endpoint that checks signer balance before each session.

  • Settlement uses Tempo's ERC-20 transfer interface — no native gas token, no msg.value. Gas is paid via FeeAMM in stablecoin.
  • Explorer links on every ledger event — click any settlement to verify the exact amount, block, and timestamp on the public Tempo explorer.
  • Wallet endpoint added: returns signer address, USDC.e balance, and readiness status before a session starts.
  • Health endpoint added: checks Tempo RPC connectivity and signer balance — surfaced in the infrastructure status strip.

P402 Meter Restructured as Multi-Industry Platform

/meter is now a platform hub rather than a single demo. Healthcare, Legal, and Real Estate each have dedicated pages, deep-dive case studies, and independent state — switching between demos does not affect session data. The about page is redesigned as an industry-agnostic P402 story with links to each vertical.

  • Hub at /meter — three industry cards, each linking to its full demo and case study.
  • About page at /meter/about — economics problem, four technology pillars (Gemini / Tempo / MPP / P402), and per-industry proof points.
  • Case studies at /meter/about/healthcare, /meter/about/legal, /meter/about/real-estate — workflow, unit economics, compliance standard, and sample data for each industry.

Dual-Rail AI Micropayment Gate

May 4, 2026

Pay Per Request — Base and Tempo Rails

The chat completions endpoint now accepts payment directly in the request header. Clients can pay per inference in USDC on Base or USDC.e on Tempo — no account registration, no API key, no monthly invoice. Payment is verified and settled before the response is returned.

  • Base rail: EIP-3009 USDC and EURC. The client signs a transfer authorization offline; P402 verifies the signature, prevents replay, and executes the on-chain transfer atomically.
  • Tempo rail: TIP-20 USDC.e. Same authorization model adapted for Tempo's system contract interface.
  • Existing API key billing is unchanged. Payment header access is an additional path — both can be active on the same endpoint simultaneously.
  • Every paid request is tagged with rail, amount, and a structured log entry. Settlement failures are logged at CRITICAL and never silently swallowed.

Settlement Precision & Regression Coverage

All settlement amount handling is now integer-exact. Floating-point arithmetic has been removed from every settlement path — amounts are parsed and formatted using the token's declared decimal precision throughout. Five regression tests cover the scenarios that previously caused silent rounding errors.

  • Sub-cent amounts and amounts above JavaScript's safe integer limit both round-trip correctly.
  • The onchain settlement scheme passes the raw integer amount directly — no conversion through floating-point at any point in the call stack.
  • Tempo currency list is now type-checked and tested for drift against the database — if a supported stablecoin is added to the DB but missing from the constants, a test fails at CI time.
  • The 0xef bytecode returned by Tempo system contracts (TIP-20 stablecoins) is correctly identified as deployed code — tools that expect EVM bytecode will not work on these addresses.

P402 Meter — Initial Release

April 22–25, 2026

Per-Token AI Billing, Settled On-Chain

P402 Meter is the first end-to-end demonstration of per-token AI billing with on-chain proof. Every token consumed by Gemini Flash and Gemini Pro is a discrete settlement event — not an estimate, not a batch, not a monthly invoice. The ledger, cost, and settlement proof are visible from the first token to the last.

  • 55+ on-chain settlement events per prior authorization run — each AI action is a separate, verifiable ledger entry.
  • Every ledger event links directly to the block explorer. The payer, amount, and timestamp are publicly verifiable for every settlement.
  • Proof Replay mode uses pre-recorded stream data for air-gapped presentations. The UX is identical to Live mode — the only difference is the data source.
  • Auto-fallback to Proof Replay on API quota limits — the demo never stops working.

Settlement Proof, KPI Instrumentation & Compliance

  • Settlement Proof card: full-width confirmation shown after stream completion — confirmed tx hash, block number, and a direct “Verify →” link to the block explorer. In Proof Replay mode the signer wallet address page is linked instead, so the balance and history are always independently verifiable.
  • Session KPI rail: total cost, event count, settlement count, and a live proof status badge (VERIFIED / LIVE / PARTIAL / READY) visible throughout the session.
  • Ledger Panel: full AI / Payment / Settlement event taxonomy with per-event block explorer links.
  • Economics panel: every cost figure is derived from actual settlement events — no estimates or hardcoded values.
  • Compliance banner: synthetic data, no PHI, human approval required — visible on every session.
  • Light and dark presentation modes selectable from the utility bar.

Partner Program

April 20, 2026

Three Partner Tracks — Full Attribution Stack

The P402 Partner Program is live at /partner. Developer Affiliates earn 20% recurring for 12 months. Agencies earn 25% recurring for 12 months. Enterprise partners earn 10% on year-one deal value with deal registration.

  • Partner dashboard: real-time commission tracking, referral link management, lead registration, deal pipeline, payout history, and a full content library.
  • Attribution precedence: deal registration beats registered lead, which beats last-touch cookie. 90-day attribution window. Multi-touch credit splitting across touchpoints.
  • Commission lifecycle: pending → approved → in-payout → paid. 30-day hold on SaaS commissions, 60-day hold on Enterprise.
  • Dynamic referral link builder with UTM parameters, vanity slugs, click history, and per-link conversion rates.

24-Article Partner Documentation

Every stage of the partner lifecycle has a dedicated reference article. Technical partners get working code. Agency partners get production-ready campaign copy, FTC/ASA disclosure guidance, and a brand use policy.

  • Positioning (4) — P402 in one sentence, ideal customer profile, approved claims, prohibited language.
  • Product (4) — How x402 works, why AP2 mandates matter, Bazaar distribution model, Router vs. direct API.
  • Campaigns (4) — Newsletter templates, X/Twitter threads, YouTube descriptions, email sequences.
  • Compliance (4) — FTC/ASA disclosure guide, brand guidelines, prohibited methods, brand bidding policy.
  • Technical (4) — SDK quickstart, x402 integration walkthrough, building a paid agent, MCP integration guide.
  • Payouts (4) — Commission calculation, hold period rules, tax form requirements, payout timeline.

Documentation

April 16, 2026

12 Production Documentation Pages

The P402 documentation is rebuilt using the Diataxis framework — four modes, four distinct jobs: Tutorials (learning by doing), How-To Guides (completing a specific task), Reference (lookup), and Explanation (understanding the system). All placeholder pages are replaced with production content.

  • Tutorial: five-step budget agent guide — the agent submits a task, P402 routes it, settles in USDC, checks balance. Working Python and TypeScript.
  • How-To (7): MCP server setup (Claude Desktop, Cursor, SSE host), session lifecycle, USDC funding, routing mode selection, semantic cache management, API key rotation.
  • Reference (3): full CLI command reference, Billing Guard error codes, complete API error table with retry guidance.
  • Explanation (2): system architecture (routing engine, cache, x402, intelligence layer, ERC-8004), security model (EIP-3009, replay protection, gas limits, key hashing, threat model).

Test Suite & Traffic Instrumentation

April 7, 2026

65 End-to-End Tests — Full Golden Path Coverage

A complete Playwright test suite covers the core product surfaces: public pages, routing playground, session creation, provider failover, SSE trace stream, and the full EIP-2612 wallet billing flow. Web3 wallet interactions are mocked — no browser extension required in CI.

  • Smoke tests: public page load, navigation, health endpoint, footer links.
  • Functional tests: routing playground, provider comparison, session creation.
  • Resilience tests: provider failover, API error surfaces, SSE reconnection behavior.
  • PLG funnel tests: SSE trace stream mocked end-to-end to prevent flakiness.
  • Wallet billing tests: EIP-2612 permit flow mocked at the browser level — no on-chain transactions in CI.

Per-Request Traffic Events

Every routed request now writes a structured event — provider selected, routing mode, latency, cost, cache hit status, settlement outcome. The Requests and Savings dashboard pages now show real per-request data rather than aggregates. Event writes are non-blocking and never delay the API response.

Admin Console

March 31, 2026

RBAC Admin Dashboard — 10 Pages, 5 Roles

A dedicated admin console replaces ad-hoc database access for platform operations. Five roles — super admin, ops, analytics, safety, finance — each with scoped permissions. Separate authentication from the user-facing product with IP allowlist enforcement.

  • 10 pages: Overview (KPI command center with sparklines and growth chart), Users, Analytics, Health, Safety, Intelligence, Bazaar, Admins, Audit Log, System.
  • Every admin action is written to an immutable audit log with before/after diff — nothing is changed without a traceable record.
  • Safety page: quarantined sessions, flagged agents, anomaly alerts — with inline approve, escalate, and dismiss controls.
  • Intelligence page: Gemini economist and sentinel outputs visible to ops without touching the database.

Sessions, Policy Visibility & Memory

March 27, 2026

Full Execution Visibility — Policy, Cache, and Route Decisions

Every surface that was previously opaque — why a request was denied, whether the cache served it, what knowledge sources were used, how the route was selected — is now visible in the dashboard without leaving the UI.

  • Sessions page: budget utilization, lifecycle status, policy detail, AP2 mandate linkage, and direct links to the request log and trace view for each session.
  • Policy checks: per-check pass/fail shown inline in the trace — including the exact denial reason for any blocked request.
  • Context & Memory: semantic cache hits shown explicitly (LLM skipped, cost $0.00). Knowledge retrieval nodes show source name, latency, and status.
  • Route decision block: winner selection reason, rejected alternatives with scores, and a dry-run preview showing how the decision would change under a different routing mode.

Intelligence Layer Dashboard

March 26, 2026

6 New Dashboard Surfaces — Requests, Traces, Savings, Evals, Knowledge, Tools

Every request P402 routes, every trace it records, every dollar it saves, and every quality score it evaluates is now navigable from the dashboard — without touching the database.

  • Requests: paginated execution log with routing mode, actual cost, savings vs baseline, and one-click trace navigation. Keyboard-navigable.
  • Traces: per-request graph of every execution node — model, tool, retrieval, verify, settle, cache — with latency, cost, and evaluation scores.
  • Savings: period analytics (7d / 30d / 90d) with daily bar chart, routing mode breakdown, and provider spend distribution.
  • Evals: response quality scores per request (relevance, completeness, groundedness, coherence). Failed evals surface a direct re-run path.
  • Knowledge: RAG source registry with trust levels, chunk counts, and add/remove controls.
  • Tools: registered tool catalog with parameter schemas and execution history.

Conditional Settlement — P402Escrow

March 23, 2026

P402Escrow — Live on Base Mainnet

Conditional USDC escrow is live on Base mainnet. Funds lock on-chain at job creation and release only when the payer confirms delivery — or P402 resolves a dispute. Protocol fee: 1% on settlement. Dispute window: 48 hours after the provider marks delivery.

  • Seven-state lifecycle: Created → Funded → Accepted → In Progress → Delivered → Settled, with Disputed → Resolved and Expired / Cancelled exit paths.
  • Full REST API: create, fund, accept, start, deliver, release, dispute — all via a single escrow endpoint.
  • Bazaar auto-escrow: any A2A task with a price at or above $1.00 and a provider wallet automatically creates an escrow — no extra API calls required.
  • Dashboard: live escrow state with action buttons at each lifecycle stage. My Escrows panel in the Bazaar view.

World ID, Credits & Model Catalog

March 22, 2026

Human-Verified Free Trial — World ID

World ID verification unlocks 500 free credits ($5.00) on first verification. Credits are a first-class billing primitive — 1 credit equals $0.01 USD, consumed atomically. When credits are exhausted, sessions continue on standard USDC billing with no interruption.

  • Credit balance, spend, and human-verified status returned on every chat completion response.
  • Credit API: balance check, purchase (test and paid modes), transaction history.
  • World Mini App at world.p402.io: Chat, Agents, Credits, and Settings tabs. Credit purchases handled natively through the World App payment flow.
  • Base Mini App updated: verified badge, credit balance indicator, and tri-state funding status (free trial / credits / USDC) visible inline throughout.

Model Catalog — 300+ Models, Live Pricing

Live model comparison page at /models. Pricing syncs from OpenRouter hourly — always current. Filter by provider and capability, sort by cost or context window. Cost calculator: input your token volumes and daily request count to see direct API cost vs P402 cost side by side.

VS Code Extension

March 18, 2026

P402 for VS Code — Embedded MCP Server

Install the P402 extension and all six routing and settlement tools are immediately available in Copilot agent mode — no config file editing, no manual server start, no Node version dependency. The MCP server is bundled into the extension at build time.

  • Status bar: current routing mode with one-click switch via quick-pick.
  • Sidebar: three views — active sessions with budget remaining, recent requests with cost and latency, provider health per integration.
  • Commands: configure API key, switch routing mode, create budget session, open dashboard.
  • Published to VS Code Marketplace and Open VSX simultaneously.

MCP Server

March 17, 2026

@p402/mcp-server — P402 Routing via MCP

Agent runtimes that speak MCP — Claude Desktop, Cursor, Windsurf, or any custom host — can now route LLM requests across 300+ models and settle per-call in USDC without managing provider credentials, implementing an HTTP client, or handling wallet signing. Requires only a P402 API key.

  • Six tools: route and complete a prompt, create a budget session, check session balance, list available models, compare providers on a specific model, check router health.
  • Budget enforcement is identical to the REST API — a session with a $5.00 cap cannot be exceeded regardless of tool call volume.
  • Zero-install: npx -y @p402/mcp-server. Listed on the official MCP Registry.

Progressive Authorization

March 6, 2026

Four-State Authorization Model

Authorization is now a clearly defined progression: Visitor → Identity Only → Wallet Linked → Payment Ready. Each state is computed server-side and surfaced throughout the product with a direct, low-friction path to the next step.

  • CDP email users reach Wallet Linked state immediately on first login — no separate linking step.
  • Google OAuth users see a wallet activation prompt in onboarding. The CDP email field is pre-filled from the Google session. Skippable — dashboard and API access are unaffected; payment routes return 402 until a wallet is linked.
  • Dashboard banner renders contextually per state — no banner when payment-ready, no noise when there is nothing to do.
  • Builders using CDP server wallets get role-specific onboarding: no personal wallet required, sessions use CDP server wallets funded by clients.

CDP Wallet Integration

March 4, 2026

Email OTP — Self-Custody Wallet on First Login

Sign in with an email address. A self-custody Base wallet is provisioned automatically via Coinbase Developer Platform Embedded Wallet — no browser extension, no seed phrase, no prior crypto experience required. OTP delivery and wallet creation complete in under 500ms.

  • Private keys are generated and stored inside a Coinbase Nitro Enclave (TEE) — never transmitted to the P402 server.
  • The wallet address is the primary session identity token — no separate linking step after login.
  • The facilitator signing wallet also supports TEE mode: private key never touches the Node.js process. Active mode is visible at the facilitator health endpoint.

Protocol, SDK & CLI

March 2, 2026

P402 Protocol — Open Source

The core P402 protocol specification and reference implementations are open source — x402 payment extension schema, AP2 mandate format, A2A JSON-RPC method definitions, and the ERC-8004 agent identity registry interface.

github.com/z333q/p402-protocol ↗

Developer SDK

@p402/sdk provides typed wrappers for routing requests, issuing AP2 mandates, verifying x402 payment payloads, and interacting with the A2A task API. TypeScript-first; ships ESM and CJS.

CLI

Manage facilitators, inspect routing decisions, check wallet balances, and tail live traffic from the terminal. Uses your existing API key — no separate auth flow.

Infrastructure & Smart Contracts

Feb 24 – Mar 2, 2026

Base Mainnet Smart Contracts

  • P402Settlement deployed on Base mainnet — marketplace settlement with 1% protocol fee.
  • SubscriptionFacilitator deployed on Base mainnet — EIP-2612 recurring billing. Gasless for subscribers after month one. Month two onwards draws from the original permit with no new user signature required.
  • Treasury: 0xFa772434DCe6ED78831EbC9eeAcbDF42E2A031a6

Billing Hardening

  • All billing events are idempotent — duplicate webhook delivery never results in double-charging.
  • Environment validation enforced at startup — missing required configuration aborts boot rather than surfacing at runtime.
  • Edge middleware rewritten to be compatible with Vercel Edge Runtime.